Edit tour
Linux
Analysis Report
SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf
Overview
General Information
Sample name: | SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf |
Analysis ID: | 1430165 |
MD5: | 55caac50c41205377ba38c44d268cb7f |
SHA1: | 5c95ce4b9de9d57cfa3b6c9622a7f6e882885c4b |
SHA256: | 2932daa36ba6b8eebed723b1549d85673811a4abeb41f9bc37cc02569811e10e |
Tags: | elf |
Infos: |
Detection
Mirai
Score: | 64 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Multi AV Scanner detection for submitted file
Yara detected Mirai
Queries the IP of a very long domain name
Sample deletes itself
Connects to many different domains
Detected TCP or UDP traffic on non-standard ports
ELF contains segments with high entropy indicating compressed/encrypted content
Executes the "rm" command used to delete files or directories
Sample contains only a LOAD segment without any section mappings
Sample listens on a socket
Sample tries to kill a process (SIGKILL)
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Uses the "uname" system call to query kernel version information (possible evasion)
Classification
Analysis Advice
Static ELF header machine description suggests that the sample might not execute correctly on this machine. |
All HTTP servers contacted by the sample do not answer. The sample is likely an old dropper which does no longer work. |
Static ELF header machine description suggests that the sample might only run correctly on MIPS or ARM architectures. |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1430165 |
Start date and time: | 2024-04-23 08:34:37 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 35s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf |
Detection: | MAL |
Classification: | mal64.troj.evad.linELF@0/0@76/0 |
- VT rate limit hit for: kz.adolfhitler.su.W'fNNPV!a0E@;@@!5,mkzadolfhitlersunW'fN
- VT rate limit hit for: kz.adolfhitler.su.W'fNNPV!a0E@@@1!5,.mkzadolfhitlersunW'fN
- VT rate limit hit for: kz.adolfhitler.su.V'f366a0PV!E((]2P3;52)V'f4NNPV!a0E@Q@@.3;5,)kzadolfhitlersusV'ft66a0PV!.E((o2>3;.5#))
- VT rate limit hit for: kz.adolfhitler.su.V'f3V66a0PV!E((/565 UV'fVNNPV!a0E@w@@..d5,~.
- VT rate limit hit for: kz.adolfhitler.su.V'f=66a0PV!E((2+3;5SpV'fJJPV!a0E<
- VT rate limit hit for: sex.secure-cyber-security
- VT rate limit hit for: siegheil.hiter.su.V'f66a0PV!EH(}6}{5N\V'f+NNPV!a0E@7@@
- VT rate limit hit for: siegheil.hiter.su.V'fBNNPV!a0E@@@0^r5,LusiegheilhitersusV'fBB
- VT rate limit hit for: siegheil.hiter.su.V'fBBPV!a0E4@@}9H ``veCIPV'f%QNNPV!a0.E@|@
Command: | /tmp/SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf |
PID: | 5506 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | black botnet voodoo |
Standard Error: |
- system is lnxubuntu20
- dash New Fork (PID: 5488, Parent: 3632)
- dash New Fork (PID: 5489, Parent: 3632)
- dash New Fork (PID: 5490, Parent: 3632)
- dash New Fork (PID: 5491, Parent: 3632)
- dash New Fork (PID: 5492, Parent: 3632)
- dash New Fork (PID: 5494, Parent: 3632)
- dash New Fork (PID: 5495, Parent: 3632)
- dash New Fork (PID: 5496, Parent: 3632)
- dash New Fork (PID: 5497, Parent: 3632)
- dash New Fork (PID: 5498, Parent: 3632)
- SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf New Fork (PID: 5510, Parent: 5506)
- SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf New Fork (PID: 5512, Parent: 5510)
- SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf New Fork (PID: 5513, Parent: 5510)
- SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf New Fork (PID: 5515, Parent: 5510)
- SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf New Fork (PID: 5517, Parent: 5510)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
Mirai | Mirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world. | No Attribution |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Mirai_3 | Yara detected Mirai | Joe Security |
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Networking |
---|
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: |
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | Network traffic detected: |
Source: | Program segment: |
Source: | SIGKILL sent: | Jump to behavior |
Source: | Classification label: |
Source: | Rm executable: | Jump to behavior | ||
Source: | Rm executable: | Jump to behavior |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | File: | Jump to behavior |
Source: | Submission file: | ||
Source: | Submission file: |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Stealing of Sensitive Information |
---|
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | 1 Obfuscated Files or Information | OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 11 File Deletion | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Standard Port | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 12 Application Layer Protocol | Traffic Duplication | Data Destruction |
⊘No configs have been found
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
18% | Virustotal | Browse | ||
39% | ReversingLabs | Linux.Trojan.Mirai |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
siegheil.hiter.su.V'fu66a0PV!EH(W6}5WV'fNNPV!a0E@7@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'f*66a0PV!EH(5S5EV'fNNPV!a0E@@@. | unknown | unknown | true | unknown | |
siegheil.hiter.su.V'ff66a0PV!EH(}37|=5t=V'fNNPV!a0E@ic@@.=j5,gq= | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'f66a0PV!E((L2a3;5>u)V'fNNPV!a0E@Q@@.3;5,)kzadolfhitlersusV'f366a0PV!.E((]2P3;.52) | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'fXb66a0PV!E((q2<3;5DV'fBcNNPV!a0E@] | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'fG66a0PV!E((6565dV'fJJPV!a0E<p@@.@F}^3!V'f66a0PV!E((@0F}^PI.'fUUPV!a0EGrw@@=153%?sexsecure-cyber-.ecurityV'f56UUa0PV!EHG=3-=513/?sexsecure-cyber-securityV.f6UUPV!a0EGr@@ | unknown | unknown | true | low | |
sex.secure-cyber-security.V'f66a0PV!E((/E3M5A+mV'fVVPV!a0EHU@@.n3Mx542+msexsecure-cyber-securitysV'f(66a0PV!.E(( | unknown | unknown | true | low | |
siegheil.hiter.su.V'f66a0PV!EH({37~=5 =V'fNNPV!a0E@i@@@.=t5,`g= | unknown | unknown | true | unknown | |
siegheil.hiter.su.V'f#>66a0PV!EH(m37=5=V'f>NNPV!a0E@i7@@.=5,= | unknown | unknown | true | unknown | |
siegheil.hiter.su.V'fqh66a0PV!EH(E28=5v=V'fiNNPV!a0E@i@@.=5,R=..siegheil.hiter.su.V'f#>66a0PV!EH(m37=5=V'f>NNPV!a0E@i7@@.=5,= | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'f66a0PV!E((%475!TV'fHNNPV!a0E@q@@.. 5,Q. | unknown | unknown | true | unknown | |
sex.secure-cyber-security.V'f(66a0PV!E((/E-3M56+mV'f*VVPV!a0EHUr@@.3M54c+msexsecure-cyber-securitysV'f66a0PV!.E(( | unknown | unknown | true | low | |
siegheil.hiter.su.V'fo66a0PV!EH(28i=5j=V'fyJJPV!a0E<@@.FNIXV'fr.66 | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'f66a0PV!E((23;5SV'fNNPV!a0E@].@@D^3;L5,5kzadolfhitlersunV'fVt66a0PV!E((' | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'f;NNPV!a0E@@@8P5,mkzadolfhitlersunW'fJ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'f^66a0PV!EH(\4T5GJEV'f<_NNPV!a0E@\@@. | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'f366a0PV!E((23;5%)V'fNNPV!a0E@QU@@.h3;5,f)kzadolfhitlersusV'f66a0PV!.E(($23;.5+) | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'fc66a0PV!E((L2a3;5ouV'f:NNPV!a0E@] | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'ft66a0PV!E((o2>3;5#))V'fJJPV!a0E<@@.F|~XV'fz66a0PV!.E((@ | unknown | unknown | true | unknown | |
siegheil.hiter.su.V'f:66a0PV!EH(6}w5KOV'f;NNPV!a0E@8@@ | unknown | unknown | true | unknown | |
siegheil.hiter.su.V'f;NNPV!a0E@5@@^ru5,usiegheilhitersusV'fBNN | unknown | unknown | true | unknown | |
siegheil.hiter.su.V'f;`NNPV!a0E@@@c^r5,cusiegheilhitersusV'fnJJ | unknown | unknown | true | unknown | |
siegheil.hiter.su.V'f[66a0PV!EH(\6}5=[V'f^\NNPV!a0E@7@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'fNNPV!a0E@@@q5,IImkzadolfhitlersunW'f;N | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'f66a0PV!E((575=8V'fNNPV!a0E@a@@..!5,i. | unknown | unknown | true | unknown | |
siegheil.hiter.su.V'fnJJPV!a0E<ld@@LF|(V'fti66a | unknown | unknown | true | unknown | |
sex.secure-cyber-security.V'f66a0PV!E((/E#3M5+mV'f&VVPV!a0EHUx@@.3M54r+msexsecure-cyber-securitysV'f/X66a0PV!.E(( | unknown | unknown | true | low | |
kz.adolfhitler.su.W'fJJPV!a0E<m@@NCF)jBW'f66 | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'fC66a0PV!E((485mV'f{DNNPV!a0E@V@@..=5,9. | unknown | unknown | true | unknown | |
security.rebirth-network.su | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'fD66a0PV!EH(3U5EV'ftENNPV!a0E@@@. | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'f66a0PV!E(($23;5+)V'f!NNPV!a0E@Q}@@.@3;>5,n6)kzadolfhitlersusV'f66a0PV!.E((L2a3;.5>u) | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'f66a0PV!EH(w5S5EV'fNNPV!a0E@_@@. | unknown | unknown | true | unknown | |
sex.secure-cyber-security.V'f/X66a0PV!E((/E3M5+mV'fYVVPV!a0EHU@@.3M54N+msexsecure-cyber-securitysV'f66a0PV!.E(( | unknown | unknown | true | low | |
siegheil.hiter.su.V'f66a0PV!EH(6}X56V'fJJPV!a0E<B@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'fPx66a0PV!EH(4Tc5EV'fqyJJPV!a0E<B@@.nFXl5~V'fEr66a0PV!E(( | unknown | unknown | true | unknown | |
sex.secure-cyber-security.V'f(66a0PV!E(( /D3M5x+mV'fJJPV!a0E<2@@ | unknown | unknown | true | low | |
security.rebirth-network.su. | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'fVt66a0PV!E(('23;5LV'fvNNPV!a0E@].@@DA3;5,6kzadolfhitlersunV'fc66a0PV!E((L2a3;5ou | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'fNNPV!a0E@;@@!5,mkzadolfhitlersunW'fN | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'f3V66a0PV!E((/565 UV'fVNNPV!a0E@w@@..d5,~. | unknown | unknown | true | low | |
siegheil.hiter.su.V'fBBPV!a0E4@@}9H ``veCIPV'f%QNNPV!a0.E@|@ | unknown | unknown | true | unknown | |
sex.secure-cyber-security | unknown | unknown | true | unknown | |
siegheil.hiter.su.V'f66a0PV!EH(}6}{5N\V'f+NNPV!a0E@7@@ | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'f=66a0PV!E((2+3;5SpV'fJJPV!a0E< | unknown | unknown | true | unknown | |
kz.adolfhitler.su.W'fNNPV!a0E@@@1!5,.mkzadolfhitlersunW'fN | unknown | unknown | true | unknown | |
kz.adolfhitler.su.V'f366a0PV!E((]2P3;52)V'f4NNPV!a0E@Q@@.3;5,)kzadolfhitlersusV'ft66a0PV!.E((o2>3;.5#)) | unknown | unknown | true | unknown | |
siegheil.hiter.su.V'fBNNPV!a0E@@@0^r5,LusiegheilhitersusV'fBB | unknown | unknown | true | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
212.70.149.14 | unknown | Bulgaria | 208410 | INTERNET-HOSTINGBG | false | |
185.125.190.26 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
212.70.149.14 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
185.125.190.26 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Gafgyt | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai, Okiru | Browse | |||
Get hash | malicious | Mirai, Okiru | Browse | |||
Get hash | malicious | Mirai, Okiru | Browse | |||
Get hash | malicious | Mirai, Okiru | Browse |
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
CANONICAL-ASGB | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Gafgyt | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
INTERNET-HOSTINGBG | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 7.986436130927218 |
TrID: |
|
File name: | SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf |
File size: | 67'972 bytes |
MD5: | 55caac50c41205377ba38c44d268cb7f |
SHA1: | 5c95ce4b9de9d57cfa3b6c9622a7f6e882885c4b |
SHA256: | 2932daa36ba6b8eebed723b1549d85673811a4abeb41f9bc37cc02569811e10e |
SHA512: | 0c4338acf00eebac45cde9660d5061bb9c2b9a97e8dbfb0ae0f3ec16666ef64057fdcd0ba3289bd0703164e46d8463b36730ee91f3d3089dff164aa2f65f897a |
SSDEEP: | 1536:KV0wHFTC9M1s5lnIxRRSb2gzczhcmiM0sWUMyo:KPHAFryRXQvMXw |
TLSH: | 31630274E00774E0F3BA26B8F71000912506C76CD9E774566EA2AB6CECD06716BBF45E |
File Content Preview: | .ELF..............(.........4...........4. ...(.........................`...........................................Q.td..............................t.sfga....................k..........?.E.h;....#..$...o...~...0..>........d9.h:g}.q...J..g.DmO;..1X.TP... |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 0 |
Section Header Size: | 40 |
Number of Section Headers: | 0 |
Header String Table Index: | 0 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x8000 | 0x8000 | 0x1000 | 0x2fc60 | 7.8835 | 0x6 | RW | 0x8000 | ||
LOAD | 0x0 | 0x38000 | 0x38000 | 0xc0db | 0xc0db | 7.9779 | 0x5 | R E | 0x8000 | ||
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x7 | RWE | 0x4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 23, 2024 08:35:20.167182922 CEST | 54444 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:35:20.361977100 CEST | 35342 | 54444 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:35:23.173065901 CEST | 54446 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:35:23.367738008 CEST | 35342 | 54446 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:35:26.293351889 CEST | 54448 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:35:26.488066912 CEST | 35342 | 54448 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:35:27.982060909 CEST | 46540 | 443 | 192.168.2.14 | 185.125.190.26 |
Apr 23, 2024 08:35:29.344407082 CEST | 54450 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:35:29.539318085 CEST | 35342 | 54450 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:35:32.380369902 CEST | 54452 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:35:32.576057911 CEST | 35342 | 54452 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:35:35.424304962 CEST | 54454 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:35:35.619076967 CEST | 35342 | 54454 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:35:38.060478926 CEST | 54456 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:35:38.255486965 CEST | 35342 | 54456 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:35:40.700905085 CEST | 54458 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:35:40.895908117 CEST | 35342 | 54458 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:35:43.815124989 CEST | 54460 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:35:44.009845018 CEST | 35342 | 54460 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:35:58.184827089 CEST | 46540 | 443 | 192.168.2.14 | 185.125.190.26 |
Apr 23, 2024 08:36:11.028318882 CEST | 54462 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:36:11.223603964 CEST | 35342 | 54462 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:36:13.670128107 CEST | 54464 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:36:13.865052938 CEST | 35342 | 54464 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:36:16.706345081 CEST | 54466 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:36:16.901057959 CEST | 35342 | 54466 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:36:19.710910082 CEST | 54468 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:36:19.906456947 CEST | 35342 | 54468 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:36:22.822535992 CEST | 54470 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:36:23.018024921 CEST | 35342 | 54470 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:36:50.030867100 CEST | 54472 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:36:50.225785017 CEST | 35342 | 54472 | 212.70.149.14 | 192.168.2.14 |
Apr 23, 2024 08:37:17.247951984 CEST | 54474 | 35342 | 192.168.2.14 | 212.70.149.14 |
Apr 23, 2024 08:37:17.442764997 CEST | 35342 | 54474 | 212.70.149.14 | 192.168.2.14 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 23, 2024 08:35:19.992228031 CEST | 38990 | 53 | 192.168.2.14 | 194.36.144.87 |
Apr 23, 2024 08:35:20.166565895 CEST | 53 | 38990 | 194.36.144.87 | 192.168.2.14 |
Apr 23, 2024 08:35:22.362653017 CEST | 38344 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 23, 2024 08:35:22.526386976 CEST | 53 | 38344 | 51.254.162.59 | 192.168.2.14 |
Apr 23, 2024 08:35:22.526573896 CEST | 36878 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 23, 2024 08:35:22.688261032 CEST | 53 | 36878 | 51.254.162.59 | 192.168.2.14 |
Apr 23, 2024 08:35:22.688416958 CEST | 60222 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 23, 2024 08:35:22.851613045 CEST | 53 | 60222 | 51.254.162.59 | 192.168.2.14 |
Apr 23, 2024 08:35:22.851726055 CEST | 49281 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 23, 2024 08:35:23.013186932 CEST | 53 | 49281 | 51.254.162.59 | 192.168.2.14 |
Apr 23, 2024 08:35:23.013314009 CEST | 39051 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 23, 2024 08:35:23.172915936 CEST | 53 | 39051 | 51.254.162.59 | 192.168.2.14 |
Apr 23, 2024 08:35:25.368079901 CEST | 59033 | 53 | 192.168.2.14 | 185.181.61.24 |
Apr 23, 2024 08:35:25.551024914 CEST | 53 | 59033 | 185.181.61.24 | 192.168.2.14 |
Apr 23, 2024 08:35:25.551193953 CEST | 54298 | 53 | 192.168.2.14 | 185.181.61.24 |
Apr 23, 2024 08:35:25.736803055 CEST | 53 | 54298 | 185.181.61.24 | 192.168.2.14 |
Apr 23, 2024 08:35:25.736968040 CEST | 39151 | 53 | 192.168.2.14 | 185.181.61.24 |
Apr 23, 2024 08:35:25.923011065 CEST | 53 | 39151 | 185.181.61.24 | 192.168.2.14 |
Apr 23, 2024 08:35:25.923165083 CEST | 50804 | 53 | 192.168.2.14 | 185.181.61.24 |
Apr 23, 2024 08:35:26.105829954 CEST | 53 | 50804 | 185.181.61.24 | 192.168.2.14 |
Apr 23, 2024 08:35:26.106007099 CEST | 49002 | 53 | 192.168.2.14 | 185.181.61.24 |
Apr 23, 2024 08:35:26.290725946 CEST | 53 | 49002 | 185.181.61.24 | 192.168.2.14 |
Apr 23, 2024 08:35:28.488375902 CEST | 59458 | 53 | 192.168.2.14 | 51.77.149.139 |
Apr 23, 2024 08:35:28.663325071 CEST | 53 | 59458 | 51.77.149.139 | 192.168.2.14 |
Apr 23, 2024 08:35:28.663475037 CEST | 43192 | 53 | 192.168.2.14 | 51.77.149.139 |
Apr 23, 2024 08:35:28.832791090 CEST | 53 | 43192 | 51.77.149.139 | 192.168.2.14 |
Apr 23, 2024 08:35:28.832947969 CEST | 32792 | 53 | 192.168.2.14 | 51.77.149.139 |
Apr 23, 2024 08:35:29.004040956 CEST | 53 | 32792 | 51.77.149.139 | 192.168.2.14 |
Apr 23, 2024 08:35:29.004194021 CEST | 59944 | 53 | 192.168.2.14 | 51.77.149.139 |
Apr 23, 2024 08:35:29.173382998 CEST | 53 | 59944 | 51.77.149.139 | 192.168.2.14 |
Apr 23, 2024 08:35:29.173527956 CEST | 56298 | 53 | 192.168.2.14 | 51.77.149.139 |
Apr 23, 2024 08:35:29.344261885 CEST | 53 | 56298 | 51.77.149.139 | 192.168.2.14 |
Apr 23, 2024 08:35:31.539614916 CEST | 36503 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 23, 2024 08:35:31.707444906 CEST | 53 | 36503 | 195.10.195.195 | 192.168.2.14 |
Apr 23, 2024 08:35:31.707602978 CEST | 49981 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 23, 2024 08:35:31.875448942 CEST | 53 | 49981 | 195.10.195.195 | 192.168.2.14 |
Apr 23, 2024 08:35:31.875613928 CEST | 53394 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 23, 2024 08:35:32.043654919 CEST | 53 | 53394 | 195.10.195.195 | 192.168.2.14 |
Apr 23, 2024 08:35:32.043818951 CEST | 53067 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 23, 2024 08:35:32.211704016 CEST | 53 | 53067 | 195.10.195.195 | 192.168.2.14 |
Apr 23, 2024 08:35:32.211950064 CEST | 59602 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 23, 2024 08:35:32.380120993 CEST | 53 | 59602 | 195.10.195.195 | 192.168.2.14 |
Apr 23, 2024 08:35:34.576350927 CEST | 44871 | 53 | 192.168.2.14 | 178.254.22.166 |
Apr 23, 2024 08:35:34.745120049 CEST | 53 | 44871 | 178.254.22.166 | 192.168.2.14 |
Apr 23, 2024 08:35:34.745275974 CEST | 60873 | 53 | 192.168.2.14 | 178.254.22.166 |
Apr 23, 2024 08:35:34.913690090 CEST | 53 | 60873 | 178.254.22.166 | 192.168.2.14 |
Apr 23, 2024 08:35:34.913860083 CEST | 36534 | 53 | 192.168.2.14 | 178.254.22.166 |
Apr 23, 2024 08:35:35.083158016 CEST | 53 | 36534 | 178.254.22.166 | 192.168.2.14 |
Apr 23, 2024 08:35:35.083316088 CEST | 59348 | 53 | 192.168.2.14 | 178.254.22.166 |
Apr 23, 2024 08:35:35.252713919 CEST | 53 | 59348 | 178.254.22.166 | 192.168.2.14 |
Apr 23, 2024 08:35:35.252899885 CEST | 54950 | 53 | 192.168.2.14 | 178.254.22.166 |
Apr 23, 2024 08:35:35.424015999 CEST | 53 | 54950 | 178.254.22.166 | 192.168.2.14 |
Apr 23, 2024 08:35:37.619405031 CEST | 59328 | 53 | 192.168.2.14 | 8.8.4.4 |
Apr 23, 2024 08:35:37.707123041 CEST | 53 | 59328 | 8.8.4.4 | 192.168.2.14 |
Apr 23, 2024 08:35:37.707330942 CEST | 58951 | 53 | 192.168.2.14 | 8.8.4.4 |
Apr 23, 2024 08:35:37.795418978 CEST | 53 | 58951 | 8.8.4.4 | 192.168.2.14 |
Apr 23, 2024 08:35:37.795599937 CEST | 58423 | 53 | 192.168.2.14 | 8.8.4.4 |
Apr 23, 2024 08:35:37.883805037 CEST | 53 | 58423 | 8.8.4.4 | 192.168.2.14 |
Apr 23, 2024 08:35:37.883994102 CEST | 47504 | 53 | 192.168.2.14 | 8.8.4.4 |
Apr 23, 2024 08:35:37.971890926 CEST | 53 | 47504 | 8.8.4.4 | 192.168.2.14 |
Apr 23, 2024 08:35:37.972068071 CEST | 47270 | 53 | 192.168.2.14 | 8.8.4.4 |
Apr 23, 2024 08:35:38.060288906 CEST | 53 | 47270 | 8.8.4.4 | 192.168.2.14 |
Apr 23, 2024 08:35:40.255831957 CEST | 41837 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 23, 2024 08:35:40.345083952 CEST | 53 | 41837 | 134.195.4.2 | 192.168.2.14 |
Apr 23, 2024 08:35:40.345211029 CEST | 55101 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 23, 2024 08:35:40.433923960 CEST | 53 | 55101 | 134.195.4.2 | 192.168.2.14 |
Apr 23, 2024 08:35:40.434155941 CEST | 43041 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 23, 2024 08:35:40.522917986 CEST | 53 | 43041 | 134.195.4.2 | 192.168.2.14 |
Apr 23, 2024 08:35:40.523080111 CEST | 49184 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 23, 2024 08:35:40.611891031 CEST | 53 | 49184 | 134.195.4.2 | 192.168.2.14 |
Apr 23, 2024 08:35:40.612025023 CEST | 37476 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 23, 2024 08:35:40.700742960 CEST | 53 | 37476 | 134.195.4.2 | 192.168.2.14 |
Apr 23, 2024 08:35:42.896248102 CEST | 52017 | 53 | 192.168.2.14 | 185.181.61.24 |
Apr 23, 2024 08:35:43.079412937 CEST | 53 | 52017 | 185.181.61.24 | 192.168.2.14 |
Apr 23, 2024 08:35:43.079607010 CEST | 45885 | 53 | 192.168.2.14 | 185.181.61.24 |
Apr 23, 2024 08:35:43.262542963 CEST | 53 | 45885 | 185.181.61.24 | 192.168.2.14 |
Apr 23, 2024 08:35:43.262728930 CEST | 46312 | 53 | 192.168.2.14 | 185.181.61.24 |
Apr 23, 2024 08:35:43.448688030 CEST | 53 | 46312 | 185.181.61.24 | 192.168.2.14 |
Apr 23, 2024 08:35:43.448884010 CEST | 37086 | 53 | 192.168.2.14 | 185.181.61.24 |
Apr 23, 2024 08:35:43.631479025 CEST | 53 | 37086 | 185.181.61.24 | 192.168.2.14 |
Apr 23, 2024 08:35:43.631679058 CEST | 46885 | 53 | 192.168.2.14 | 185.181.61.24 |
Apr 23, 2024 08:35:43.814944029 CEST | 53 | 46885 | 185.181.61.24 | 192.168.2.14 |
Apr 23, 2024 08:35:46.010396004 CEST | 40936 | 53 | 192.168.2.14 | 94.16.114.254 |
Apr 23, 2024 08:35:51.015234947 CEST | 59765 | 53 | 192.168.2.14 | 94.16.114.254 |
Apr 23, 2024 08:35:56.017043114 CEST | 46616 | 53 | 192.168.2.14 | 94.16.114.254 |
Apr 23, 2024 08:36:01.020772934 CEST | 43382 | 53 | 192.168.2.14 | 94.16.114.254 |
Apr 23, 2024 08:36:06.024635077 CEST | 40588 | 53 | 192.168.2.14 | 94.16.114.254 |
Apr 23, 2024 08:36:13.224167109 CEST | 45442 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 23, 2024 08:36:13.313081026 CEST | 53 | 45442 | 134.195.4.2 | 192.168.2.14 |
Apr 23, 2024 08:36:13.313359976 CEST | 40010 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 23, 2024 08:36:13.402129889 CEST | 53 | 40010 | 134.195.4.2 | 192.168.2.14 |
Apr 23, 2024 08:36:13.402303934 CEST | 45789 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 23, 2024 08:36:13.491425991 CEST | 53 | 45789 | 134.195.4.2 | 192.168.2.14 |
Apr 23, 2024 08:36:13.491727114 CEST | 52358 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 23, 2024 08:36:13.580486059 CEST | 53 | 52358 | 134.195.4.2 | 192.168.2.14 |
Apr 23, 2024 08:36:13.580760002 CEST | 33016 | 53 | 192.168.2.14 | 134.195.4.2 |
Apr 23, 2024 08:36:13.669936895 CEST | 53 | 33016 | 134.195.4.2 | 192.168.2.14 |
Apr 23, 2024 08:36:15.865638971 CEST | 41654 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 23, 2024 08:36:16.033701897 CEST | 53 | 41654 | 195.10.195.195 | 192.168.2.14 |
Apr 23, 2024 08:36:16.034008026 CEST | 33189 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 23, 2024 08:36:16.201632977 CEST | 53 | 33189 | 195.10.195.195 | 192.168.2.14 |
Apr 23, 2024 08:36:16.201884985 CEST | 38181 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 23, 2024 08:36:16.369745970 CEST | 53 | 38181 | 195.10.195.195 | 192.168.2.14 |
Apr 23, 2024 08:36:16.369959116 CEST | 58303 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 23, 2024 08:36:16.538091898 CEST | 53 | 58303 | 195.10.195.195 | 192.168.2.14 |
Apr 23, 2024 08:36:16.538265944 CEST | 59997 | 53 | 192.168.2.14 | 195.10.195.195 |
Apr 23, 2024 08:36:16.706151962 CEST | 53 | 59997 | 195.10.195.195 | 192.168.2.14 |
Apr 23, 2024 08:36:18.901480913 CEST | 40019 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 23, 2024 08:36:19.066735029 CEST | 53 | 40019 | 51.254.162.59 | 192.168.2.14 |
Apr 23, 2024 08:36:19.066962004 CEST | 44876 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 23, 2024 08:36:19.226389885 CEST | 53 | 44876 | 51.254.162.59 | 192.168.2.14 |
Apr 23, 2024 08:36:19.226819038 CEST | 53910 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 23, 2024 08:36:19.385634899 CEST | 53 | 53910 | 51.254.162.59 | 192.168.2.14 |
Apr 23, 2024 08:36:19.385849953 CEST | 40260 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 23, 2024 08:36:19.549463987 CEST | 53 | 40260 | 51.254.162.59 | 192.168.2.14 |
Apr 23, 2024 08:36:19.549698114 CEST | 53587 | 53 | 192.168.2.14 | 51.254.162.59 |
Apr 23, 2024 08:36:19.710716963 CEST | 53 | 53587 | 51.254.162.59 | 192.168.2.14 |
Apr 23, 2024 08:36:21.906913996 CEST | 37093 | 53 | 192.168.2.14 | 51.77.149.139 |
Apr 23, 2024 08:36:22.076020002 CEST | 53 | 37093 | 51.77.149.139 | 192.168.2.14 |
Apr 23, 2024 08:36:22.076473951 CEST | 48383 | 53 | 192.168.2.14 | 51.77.149.139 |
Apr 23, 2024 08:36:22.246789932 CEST | 53 | 48383 | 51.77.149.139 | 192.168.2.14 |
Apr 23, 2024 08:36:22.247077942 CEST | 44556 | 53 | 192.168.2.14 | 51.77.149.139 |
Apr 23, 2024 08:36:22.415791035 CEST | 53 | 44556 | 51.77.149.139 | 192.168.2.14 |
Apr 23, 2024 08:36:22.416156054 CEST | 34251 | 53 | 192.168.2.14 | 51.77.149.139 |
Apr 23, 2024 08:36:22.586703062 CEST | 53 | 34251 | 51.77.149.139 | 192.168.2.14 |
Apr 23, 2024 08:36:22.586994886 CEST | 60792 | 53 | 192.168.2.14 | 51.77.149.139 |
Apr 23, 2024 08:36:22.822312117 CEST | 53 | 60792 | 51.77.149.139 | 192.168.2.14 |
Apr 23, 2024 08:36:25.018502951 CEST | 38922 | 53 | 192.168.2.14 | 91.217.137.37 |
Apr 23, 2024 08:36:30.019613028 CEST | 35158 | 53 | 192.168.2.14 | 91.217.137.37 |
Apr 23, 2024 08:36:35.021723032 CEST | 38322 | 53 | 192.168.2.14 | 91.217.137.37 |
Apr 23, 2024 08:36:40.025890112 CEST | 34425 | 53 | 192.168.2.14 | 91.217.137.37 |
Apr 23, 2024 08:36:45.027098894 CEST | 57219 | 53 | 192.168.2.14 | 91.217.137.37 |
Apr 23, 2024 08:36:52.226407051 CEST | 58402 | 53 | 192.168.2.14 | 1.0.0.1 |
Apr 23, 2024 08:36:57.231403112 CEST | 57889 | 53 | 192.168.2.14 | 1.0.0.1 |
Apr 23, 2024 08:37:02.235718012 CEST | 49441 | 53 | 192.168.2.14 | 1.0.0.1 |
Apr 23, 2024 08:37:07.238028049 CEST | 42645 | 53 | 192.168.2.14 | 1.0.0.1 |
Apr 23, 2024 08:37:12.243002892 CEST | 57424 | 53 | 192.168.2.14 | 1.0.0.1 |
Apr 23, 2024 08:37:19.443166971 CEST | 55904 | 53 | 192.168.2.14 | 94.16.114.254 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 23, 2024 08:35:19.992228031 CEST | 192.168.2.14 | 194.36.144.87 | 0x6615 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:22.362653017 CEST | 192.168.2.14 | 51.254.162.59 | 0x29eb | Standard query (0) | 0 | 0 | false | |
Apr 23, 2024 08:35:22.526573896 CEST | 192.168.2.14 | 51.254.162.59 | 0x29eb | Standard query (0) | 0 | 0 | false | |
Apr 23, 2024 08:35:22.688416958 CEST | 192.168.2.14 | 51.254.162.59 | 0x29eb | Standard query (0) | 0 | 0 | false | |
Apr 23, 2024 08:35:22.851726055 CEST | 192.168.2.14 | 51.254.162.59 | 0x29eb | Standard query (0) | 0 | 0 | false | |
Apr 23, 2024 08:35:23.013314009 CEST | 192.168.2.14 | 51.254.162.59 | 0x29eb | Standard query (0) | 12294 | 7837 | false | |
Apr 23, 2024 08:35:25.368079901 CEST | 192.168.2.14 | 185.181.61.24 | 0x3dfb | Standard query (0) | 1024 | 1024 | false | |
Apr 23, 2024 08:35:25.551193953 CEST | 192.168.2.14 | 185.181.61.24 | 0x3dfb | Standard query (0) | 1024 | 1024 | false | |
Apr 23, 2024 08:35:25.736968040 CEST | 192.168.2.14 | 185.181.61.24 | 0x3dfb | Standard query (0) | 1024 | 1024 | false | |
Apr 23, 2024 08:35:25.923165083 CEST | 192.168.2.14 | 185.181.61.24 | 0x3dfb | Standard query (0) | 1024 | 1024 | false | |
Apr 23, 2024 08:35:26.106007099 CEST | 192.168.2.14 | 185.181.61.24 | 0x3dfb | Standard query (0) | 236 | 62651 | false | |
Apr 23, 2024 08:35:28.488375902 CEST | 192.168.2.14 | 51.77.149.139 | 0xbeee | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:28.663475037 CEST | 192.168.2.14 | 51.77.149.139 | 0xbeee | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:28.832947969 CEST | 192.168.2.14 | 51.77.149.139 | 0xbeee | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:29.004194021 CEST | 192.168.2.14 | 51.77.149.139 | 0xbeee | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:29.173527956 CEST | 192.168.2.14 | 51.77.149.139 | 0xbeee | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:31.539614916 CEST | 192.168.2.14 | 195.10.195.195 | 0x161c | Standard query (0) | 29120 | 43010 | false | |
Apr 23, 2024 08:35:31.707602978 CEST | 192.168.2.14 | 195.10.195.195 | 0x161c | Standard query (0) | 19648 | 43010 | false | |
Apr 23, 2024 08:35:31.875613928 CEST | 192.168.2.14 | 195.10.195.195 | 0x161c | Standard query (0) | 12224 | 43010 | false | |
Apr 23, 2024 08:35:32.043818951 CEST | 192.168.2.14 | 195.10.195.195 | 0x161c | Standard query (0) | 8896 | 43010 | false | |
Apr 23, 2024 08:35:32.211950064 CEST | 192.168.2.14 | 195.10.195.195 | 0x161c | Standard query (0) | 38592 | 43010 | false | |
Apr 23, 2024 08:35:34.576350927 CEST | 192.168.2.14 | 178.254.22.166 | 0x45a2 | Standard query (0) | 53 | 44 | false | |
Apr 23, 2024 08:35:34.745275974 CEST | 192.168.2.14 | 178.254.22.166 | 0x45a2 | Standard query (0) | 53 | 44 | false | |
Apr 23, 2024 08:35:34.913860083 CEST | 192.168.2.14 | 178.254.22.166 | 0x45a2 | Standard query (0) | 53 | 44 | false | |
Apr 23, 2024 08:35:35.083316088 CEST | 192.168.2.14 | 178.254.22.166 | 0x45a2 | Standard query (0) | 53 | 44 | false | |
Apr 23, 2024 08:35:35.252899885 CEST | 192.168.2.14 | 178.254.22.166 | 0x45a2 | Standard query (0) | 16384 | 12294 | false | |
Apr 23, 2024 08:35:37.619405031 CEST | 192.168.2.14 | 8.8.4.4 | 0xa115 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:37.707330942 CEST | 192.168.2.14 | 8.8.4.4 | 0xa115 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:37.795599937 CEST | 192.168.2.14 | 8.8.4.4 | 0xa115 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:37.883994102 CEST | 192.168.2.14 | 8.8.4.4 | 0xa115 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:37.972068071 CEST | 192.168.2.14 | 8.8.4.4 | 0xa115 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:40.255831957 CEST | 192.168.2.14 | 134.195.4.2 | 0xbd9d | Standard query (0) | 256 | 1024 | false | |
Apr 23, 2024 08:35:40.345211029 CEST | 192.168.2.14 | 134.195.4.2 | 0xbd9d | Standard query (0) | 256 | 1024 | false | |
Apr 23, 2024 08:35:40.434155941 CEST | 192.168.2.14 | 134.195.4.2 | 0xbd9d | Standard query (0) | 256 | 1024 | false | |
Apr 23, 2024 08:35:40.523080111 CEST | 192.168.2.14 | 134.195.4.2 | 0xbd9d | Standard query (0) | 256 | 1024 | false | |
Apr 23, 2024 08:35:40.612025023 CEST | 192.168.2.14 | 134.195.4.2 | 0xbd9d | Standard query (0) | 43010 | 3769 | false | |
Apr 23, 2024 08:35:42.896248102 CEST | 192.168.2.14 | 185.181.61.24 | 0xb63f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:43.079607010 CEST | 192.168.2.14 | 185.181.61.24 | 0xb63f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:43.262728930 CEST | 192.168.2.14 | 185.181.61.24 | 0xb63f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:43.448884010 CEST | 192.168.2.14 | 185.181.61.24 | 0xb63f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:43.631679058 CEST | 192.168.2.14 | 185.181.61.24 | 0xb63f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:46.010396004 CEST | 192.168.2.14 | 94.16.114.254 | 0x8875 | Standard query (0) | 20566 | 42785 | false | |
Apr 23, 2024 08:35:51.015234947 CEST | 192.168.2.14 | 94.16.114.254 | 0x8875 | Standard query (0) | 20566 | 42785 | false | |
Apr 23, 2024 08:35:56.017043114 CEST | 192.168.2.14 | 94.16.114.254 | 0x8875 | Standard query (0) | 16401 | 45163 | false | |
Apr 23, 2024 08:36:01.020772934 CEST | 192.168.2.14 | 94.16.114.254 | 0x8875 | Standard query (0) | 20566 | 42785 | false | |
Apr 23, 2024 08:36:06.024635077 CEST | 192.168.2.14 | 94.16.114.254 | 0x8875 | Standard query (0) | 12288 | 20566 | false | |
Apr 23, 2024 08:36:13.224167109 CEST | 192.168.2.14 | 134.195.4.2 | 0xd8ed | Standard query (0) | 256 | 477 | false | |
Apr 23, 2024 08:36:13.313359976 CEST | 192.168.2.14 | 134.195.4.2 | 0xd8ed | Standard query (0) | 256 | 477 | false | |
Apr 23, 2024 08:36:13.402303934 CEST | 192.168.2.14 | 134.195.4.2 | 0xd8ed | Standard query (0) | 256 | 477 | false | |
Apr 23, 2024 08:36:13.491727114 CEST | 192.168.2.14 | 134.195.4.2 | 0xd8ed | Standard query (0) | 256 | 477 | false | |
Apr 23, 2024 08:36:13.580760002 CEST | 192.168.2.14 | 134.195.4.2 | 0xd8ed | Standard query (0) | 256 | 477 | false | |
Apr 23, 2024 08:36:15.865638971 CEST | 192.168.2.14 | 195.10.195.195 | 0x860e | Standard query (0) | 256 | 480 | false | |
Apr 23, 2024 08:36:16.034008026 CEST | 192.168.2.14 | 195.10.195.195 | 0x860e | Standard query (0) | 256 | 480 | false | |
Apr 23, 2024 08:36:16.201884985 CEST | 192.168.2.14 | 195.10.195.195 | 0x860e | Standard query (0) | 256 | 480 | false | |
Apr 23, 2024 08:36:16.369959116 CEST | 192.168.2.14 | 195.10.195.195 | 0x860e | Standard query (0) | 256 | 480 | false | |
Apr 23, 2024 08:36:16.538265944 CEST | 192.168.2.14 | 195.10.195.195 | 0x860e | Standard query (0) | 256 | 480 | false | |
Apr 23, 2024 08:36:18.901480913 CEST | 192.168.2.14 | 51.254.162.59 | 0xa393 | Standard query (0) | 12817 | 57734 | false | |
Apr 23, 2024 08:36:19.066962004 CEST | 192.168.2.14 | 51.254.162.59 | 0xa393 | Standard query (0) | 0 | 227 | false | |
Apr 23, 2024 08:36:19.226819038 CEST | 192.168.2.14 | 51.254.162.59 | 0xa393 | Standard query (0) | 16384 | 16401 | false | |
Apr 23, 2024 08:36:19.385849953 CEST | 192.168.2.14 | 51.254.162.59 | 0xa393 | Standard query (0) | 16384 | 16401 | false | |
Apr 23, 2024 08:36:19.549698114 CEST | 192.168.2.14 | 51.254.162.59 | 0xa393 | Standard query (0) | 16384 | 16390 | false | |
Apr 23, 2024 08:36:21.906913996 CEST | 192.168.2.14 | 51.77.149.139 | 0x2b6d | Standard query (0) | 12049 | 17699 | false | |
Apr 23, 2024 08:36:22.076473951 CEST | 192.168.2.14 | 51.77.149.139 | 0x2b6d | Standard query (0) | 12049 | 17688 | false | |
Apr 23, 2024 08:36:22.247077942 CEST | 192.168.2.14 | 51.77.149.139 | 0x2b6d | Standard query (0) | 12049 | 17677 | false | |
Apr 23, 2024 08:36:22.416156054 CEST | 192.168.2.14 | 51.77.149.139 | 0x2b6d | Standard query (0) | 12049 | 17646 | false | |
Apr 23, 2024 08:36:22.586994886 CEST | 192.168.2.14 | 51.77.149.139 | 0x2b6d | Standard query (0) | 60864 | 43010 | false | |
Apr 23, 2024 08:36:25.018502951 CEST | 192.168.2.14 | 91.217.137.37 | 0x412c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:36:30.019613028 CEST | 192.168.2.14 | 91.217.137.37 | 0x412c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:36:35.021723032 CEST | 192.168.2.14 | 91.217.137.37 | 0x412c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:36:40.025890112 CEST | 192.168.2.14 | 91.217.137.37 | 0x412c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:36:45.027098894 CEST | 192.168.2.14 | 91.217.137.37 | 0x412c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:36:52.226407051 CEST | 192.168.2.14 | 1.0.0.1 | 0x6dba | Standard query (0) | 19968 | 0 | false | |
Apr 23, 2024 08:36:57.231403112 CEST | 192.168.2.14 | 1.0.0.1 | 0x6dba | Standard query (0) | 19968 | 0 | false | |
Apr 23, 2024 08:37:02.235718012 CEST | 192.168.2.14 | 1.0.0.1 | 0x6dba | Standard query (0) | 19968 | 0 | false | |
Apr 23, 2024 08:37:07.238028049 CEST | 192.168.2.14 | 1.0.0.1 | 0x6dba | Standard query (0) | 18944 | 0 | false | |
Apr 23, 2024 08:37:12.243002892 CEST | 192.168.2.14 | 1.0.0.1 | 0x6dba | Standard query (0) | 60660 | 47969 | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 23, 2024 08:35:20.166565895 CEST | 194.36.144.87 | 192.168.2.14 | 0x6615 | Format error (1) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:28.663325071 CEST | 51.77.149.139 | 192.168.2.14 | 0xbeee | Format error (1) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:28.832791090 CEST | 51.77.149.139 | 192.168.2.14 | 0xbeee | Format error (1) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:29.004040956 CEST | 51.77.149.139 | 192.168.2.14 | 0xbeee | Format error (1) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:29.173382998 CEST | 51.77.149.139 | 192.168.2.14 | 0xbeee | Format error (1) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:29.344261885 CEST | 51.77.149.139 | 192.168.2.14 | 0xbeee | Format error (1) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:43.079412937 CEST | 185.181.61.24 | 192.168.2.14 | 0xb63f | Format error (1) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:43.262542963 CEST | 185.181.61.24 | 192.168.2.14 | 0xb63f | Format error (1) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:43.448688030 CEST | 185.181.61.24 | 192.168.2.14 | 0xb63f | Format error (1) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:43.631479025 CEST | 185.181.61.24 | 192.168.2.14 | 0xb63f | Format error (1) | none | none | A (IP address) | IN (0x0001) | false | |
Apr 23, 2024 08:35:43.814944029 CEST | 185.181.61.24 | 192.168.2.14 | 0xb63f | Format error (1) | none | none | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 06:35:08 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 06:35:08 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/rm |
Arguments: | rm -f /tmp/tmp.RPy1iTl5xo /tmp/tmp.VOkGWvI04c /tmp/tmp.pAxIvNGzLh |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
Start time (UTC): | 06:35:08 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 06:35:08 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/cat |
Arguments: | cat /tmp/tmp.RPy1iTl5xo |
File size: | 43416 bytes |
MD5 hash: | 7e9d213e404ad3bb82e4ebb2e1f2c1b3 |
Start time (UTC): | 06:35:08 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 06:35:08 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/head |
Arguments: | head -n 10 |
File size: | 47480 bytes |
MD5 hash: | fd96a67145172477dd57131396fc9608 |
Start time (UTC): | 06:35:08 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 06:35:08 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/tr |
Arguments: | tr -d \\000-\\011\\013\\014\\016-\\037 |
File size: | 51544 bytes |
MD5 hash: | fbd1402dd9f72d8ebfff00ce7c3a7bb5 |
Start time (UTC): | 06:35:08 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 06:35:08 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/cut |
Arguments: | cut -c -80 |
File size: | 47480 bytes |
MD5 hash: | d8ed0ea8f22c0de0f8692d4d9f1759d3 |
Start time (UTC): | 06:35:09 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 06:35:09 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/cat |
Arguments: | cat /tmp/tmp.RPy1iTl5xo |
File size: | 43416 bytes |
MD5 hash: | 7e9d213e404ad3bb82e4ebb2e1f2c1b3 |
Start time (UTC): | 06:35:09 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 06:35:09 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/head |
Arguments: | head -n 10 |
File size: | 47480 bytes |
MD5 hash: | fd96a67145172477dd57131396fc9608 |
Start time (UTC): | 06:35:09 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 06:35:09 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/tr |
Arguments: | tr -d \\000-\\011\\013\\014\\016-\\037 |
File size: | 51544 bytes |
MD5 hash: | fbd1402dd9f72d8ebfff00ce7c3a7bb5 |
Start time (UTC): | 06:35:09 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 06:35:09 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/cut |
Arguments: | cut -c -80 |
File size: | 47480 bytes |
MD5 hash: | d8ed0ea8f22c0de0f8692d4d9f1759d3 |
Start time (UTC): | 06:35:09 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 06:35:09 |
Start date (UTC): | 23/04/2024 |
Path: | /usr/bin/rm |
Arguments: | rm -f /tmp/tmp.RPy1iTl5xo /tmp/tmp.VOkGWvI04c /tmp/tmp.pAxIvNGzLh |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
Start time (UTC): | 06:35:18 |
Start date (UTC): | 23/04/2024 |
Path: | /tmp/SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf |
Arguments: | /tmp/SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf |
File size: | 4956856 bytes |
MD5 hash: | 5ebfcae4fe2471fcc5695c2394773ff1 |
Start time (UTC): | 06:35:18 |
Start date (UTC): | 23/04/2024 |
Path: | /tmp/SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf |
Arguments: | - |
File size: | 4956856 bytes |
MD5 hash: | 5ebfcae4fe2471fcc5695c2394773ff1 |
Start time (UTC): | 06:35:18 |
Start date (UTC): | 23/04/2024 |
Path: | /tmp/SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf |
Arguments: | - |
File size: | 4956856 bytes |
MD5 hash: | 5ebfcae4fe2471fcc5695c2394773ff1 |
Start time (UTC): | 06:35:18 |
Start date (UTC): | 23/04/2024 |
Path: | /tmp/SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf |
Arguments: | - |
File size: | 4956856 bytes |
MD5 hash: | 5ebfcae4fe2471fcc5695c2394773ff1 |
Start time (UTC): | 06:35:18 |
Start date (UTC): | 23/04/2024 |
Path: | /tmp/SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf |
Arguments: | - |
File size: | 4956856 bytes |
MD5 hash: | 5ebfcae4fe2471fcc5695c2394773ff1 |
Start time (UTC): | 06:35:18 |
Start date (UTC): | 23/04/2024 |
Path: | /tmp/SecuriteInfo.com.Linux.Mirai.8362.8829.19078.elf |
Arguments: | - |
File size: | 4956856 bytes |
MD5 hash: | 5ebfcae4fe2471fcc5695c2394773ff1 |