Linux Analysis Report pty3
Overview
General Information
Sample Name: | pty3 |
Analysis ID: | 543493 |
MD5: | 12cedf7cd63208ee8fd9d0359637c46c |
SHA1: | 6c376c3a9d7811100e0c470fc3d4d05de06fb30b |
SHA256: | 4a719439027a279b14a05d650691bed6e0a437ae87fb55895406616a55c6c720 |
Tags: | elflog4j |
Infos: |
Detection
Score: | 96 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Classification
Analysis Advice |
---|
All HTTP servers contacted by the sample do not answer. Likely the sample is an old dropper which does no longer work |
All domains contacted by the sample do not resolve. Likely the sample is an old dropper which does no longer work |
General Information |
---|
Joe Sandbox Version: | 34.0.0 Boulder Opal |
Analysis ID: | 543493 |
Start date: | 21.12.2021 |
Start time: | 15:41:22 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 6m 29s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | pty3 |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Detection: | MAL |
Classification: | mal96.troj.evad.lin@0/23@8/0 |
Warnings: | Show All
|
Process Tree |
---|
|
Yara Overview |
---|
Memory Dumps |
---|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Tsunami | Yara detected Tsunami | Joe Security | ||
JoeSecurity_Muhstik | Yara detected Muhstik | Joe Security | ||
JoeSecurity_Tsunami | Yara detected Tsunami | Joe Security | ||
JoeSecurity_Muhstik | Yara detected Muhstik | Joe Security | ||
JoeSecurity_Tsunami | Yara detected Tsunami | Joe Security | ||
Click to see the 19 entries |
Jbx Signature Overview |
---|
Click to jump to signature section
AV Detection: |
---|
Multi AV Scanner detection for submitted file | Show sources |
Source: | Virustotal: | Perma Link | ||
Source: | Metadefender: | Perma Link | ||
Source: | ReversingLabs: |
Networking: |
---|
Snort IDS alert for network traffic (e.g. based on Emerging Threat rules) | Show sources |
Source: | Snort IDS: |
Uses IRC for communication with a C&C | Show sources |
Source: | IRC traffic detected: |
Uses known network protocols on non-standard ports | Show sources |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | Program segment: |
Source: | Classification label: |
Persistence and Installation Behavior: |
---|
Writes identical ELF files to multiple locations | Show sources |
Source: | File with SHA-256 4A719439027A279B14A05D650691BED6E0A437AE87FB55895406616A55C6C720 written: | Jump to dropped file | ||
Source: | File with SHA-256 4A719439027A279B14A05D650691BED6E0A437AE87FB55895406616A55C6C720 written: | Jump to dropped file | ||
Source: | File with SHA-256 4A719439027A279B14A05D650691BED6E0A437AE87FB55895406616A55C6C720 written: | Jump to dropped file | ||
Source: | File with SHA-256 4A719439027A279B14A05D650691BED6E0A437AE87FB55895406616A55C6C720 written: | Jump to dropped file |
Sample tries to persist itself using cron | Show sources |
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior | ||
Source: | File: | Jump to behavior |
Explicitly modifies time stamps using the "touch" command | Show sources |
Source: | Touch executable uses timestamp modification options: | Jump to behavior | ||
Source: | Touch executable uses timestamp modification options: | Jump to behavior | ||
Source: | Touch executable uses timestamp modification options: | Jump to behavior | ||
Source: | Touch executable uses timestamp modification options: | Jump to behavior | ||
Source: | Touch executable uses timestamp modification options: | Jump to behavior |
Executes the "crontab" command typically for achieving persistence | Show sources |
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior | ||
Source: | Crontab executable: | Jump to behavior |
Source: | File written: | Jump to dropped file | ||
Source: | File written: | Jump to dropped file | ||
Source: | File written: | Jump to dropped file | ||
Source: | File written: | Jump to dropped file |
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior | ||
Source: | Grep executable: | Jump to behavior |
Source: | Crontab like entry written: | Jump to dropped file | ||
Source: | Crontab like entry written: | Jump to dropped file | ||
Source: | Crontab like entry written: | Jump to dropped file | ||
Source: | Crontab like entry written: | Jump to dropped file | ||
Source: | Crontab like entry written: | Jump to dropped file |
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior |
Source: | Rm executable: | Jump to behavior | ||
Source: | Rm executable: | Jump to behavior | ||
Source: | Rm executable: | Jump to behavior | ||
Source: | Rm executable: | Jump to behavior | ||
Source: | Rm executable: | Jump to behavior |
Source: | Touch executable: | Jump to behavior | ||
Source: | Touch executable: | Jump to behavior | ||
Source: | Touch executable: | Jump to behavior | ||
Source: | Touch executable: | Jump to behavior | ||
Source: | Touch executable: | Jump to behavior |
Source: | Stderr: cat: /etc/inittabno crontab for rootno crontab for root: No such file or directoryno crontab for root: |
Hooking and other Techniques for Hiding and Protection: |
---|
Uses known network protocols on non-standard ports | Show sources |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Stealing of Sensitive Information: |
---|
Yara detected Muhstik | Show sources |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Yara detected Tsunami | Show sources |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality: |
---|
Yara detected Muhstik | Show sources |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Yara detected Tsunami | Show sources |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Mitre Att&ck Matrix |
---|
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | Scheduled Task/Job11 | Scheduled Task/Job11 | Scheduled Task/Job11 | Scripting1 | OS Credential Dumping | Security Software Discovery1 | Remote Services | Data from Local System | Exfiltration Over Other Network Medium | Encrypted Channel1 | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | Scripting1 | At (Linux)1 | At (Linux)1 | Timestomp1 | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | Non-Standard Port11 | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | At (Linux)1 | Logon Script (Windows) | Logon Script (Windows) | Indicator Removal on Host1 | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | Non-Application Layer Protocol1 | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | File Deletion1 | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | Application Layer Protocol12 | SIM Card Swap | Carrier Billing Fraud |
Malware Configuration |
---|
No configs have been found |
---|
Behavior Graph |
---|
Antivirus, Machine Learning and Genetic Malware Detection |
---|
Initial Sample |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
52% | Virustotal | Browse | ||
32% | Metadefender | Browse | ||
51% | ReversingLabs | Linux.Trojan.Tsunami |
Dropped Files |
---|
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
32% | Metadefender | Browse | ||
51% | ReversingLabs | Linux.Trojan.Tsunami | ||
32% | Metadefender | Browse | ||
51% | ReversingLabs | Linux.Trojan.Tsunami |
Domains |
---|
No Antivirus matches |
---|
URLs |
---|
No Antivirus matches |
---|
Domains and IPs |
---|
Contacted Domains |
---|
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
l.deutschland-zahlung.net | unknown | unknown | true | unknown |
Contacted IPs |
---|
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
Public |
---|
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
144.172.71.180 | unknown | United States | 397031 | GALAXYGATEUS | true | |
109.202.202.202 | unknown | Switzerland | 13030 | INIT7CH | false | |
91.189.91.43 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false | |
91.189.91.42 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false |
Runtime Messages |
---|
Command: | /tmp/pty3 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | |
Standard Error: | cat: /etc/inittabno crontab for root no crontab for root : No such file or directory no crontab for root |
Joe Sandbox View / Context |
---|
IPs |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
144.172.71.180 | Get hash | malicious | Browse | ||
109.202.202.202 | Get hash | malicious | Browse | ||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
91.189.91.43 | Get hash | malicious | Browse | ||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse |
Domains |
---|
No context |
---|
ASN |
---|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
CANONICAL-ASGB | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
GALAXYGATEUS | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
INIT7CH | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
JA3 Fingerprints |
---|
No context |
---|
Dropped Files |
---|
No context |
---|
Created / dropped Files |
---|
Process: | /usr/bin/cp |
File Type: | |
Category: | dropped |
Size (bytes): | 48964 |
Entropy (8bit): | 7.872626881117998 |
Encrypted: | false |
SSDEEP: | 768:M02iLxh+reNihi1th2C8k+glPiDtQzUk5MZpbwMraJl7nyIsrJPudcNm9d/sjucW:M01Pe2XggtWtQQk5MZpB+l7nYrEdc89Z |
MD5: | 12CEDF7CD63208EE8FD9D0359637C46C |
SHA1: | 6C376C3A9D7811100E0C470FC3D4D05DE06FB30B |
SHA-256: | 4A719439027A279B14A05D650691BED6E0A437AE87FB55895406616A55C6C720 |
SHA-512: | 53C97FDFD5299B92CA91FA2D4F0899C3535C587AEAC3C49D05676270FED64C771369D65E74BB26E3519C3190A83FE3FFE3120B8FFD3F66CD3AAAED9F97B38F35 |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
|
Process: | /usr/bin/cat |
File Type: | |
Category: | dropped |
Size (bytes): | 142 |
Entropy (8bit): | 4.326664977926882 |
Encrypted: | false |
SSDEEP: | 3:IQfXzstFXzsm3V9vtXzsqsRFXzsqjKYAXzsqG:IQo37uTR |
MD5: | 5FF9D0108FCFD3FE6D507A5C71471FF7 |
SHA1: | DC713D40F4F57F8C428C4E69D8773CE4BAA39299 |
SHA-256: | BF7A744DCB866FE6C59F07C77D2B579C84B057F79321028B6B45320E4F6A2EED |
SHA-512: | FFCA8F8BAC306F7910A8D62AB68083AE78206BDBB7EFCD4AAEB5BBF7A0BB56841FA70E359DAF3954912C649779E409284C40E5AD3C7E562FE04C359C038BB834 |
Malicious: | true |
Reputation: | low |
Preview: |
|
Process: | /bin/sh |
File Type: | |
Category: | dropped |
Size (bytes): | 29 |
Entropy (8bit): | 4.090234012145145 |
Encrypted: | false |
SSDEEP: | 3:IQfXzsqG:IQK |
MD5: | 56FB9AFECF429F855832A7B43D82F4A4 |
SHA1: | 9C516C4B773BC052FA25BD26AAFB34232BEFF257 |
SHA-256: | 2DF88CC9DB68E3E385BC0790FDAC424B8C0E81BED9E562FD82CCBF7C84680E78 |
SHA-512: | A5F505C6E94F158859D8559D2BEEB4DA1106B3F6260E2B2ABD16630BBB6A218CE2E832EFB69F8C45F0B8413BF2BF645BC64D855738E0D2C63F5A034873363DB5 |
Malicious: | false |
Reputation: | low |
Preview: |
|
Process: | /usr/bin/cp |
File Type: | |
Category: | dropped |
Size (bytes): | 48964 |
Entropy (8bit): | 7.872626881117998 |
Encrypted: | false |
SSDEEP: | 768:M02iLxh+reNihi1th2C8k+glPiDtQzUk5MZpbwMraJl7nyIsrJPudcNm9d/sjucW:M01Pe2XggtWtQQk5MZpB+l7nYrEdc89Z |
MD5: | 12CEDF7CD63208EE8FD9D0359637C46C |
SHA1: | 6C376C3A9D7811100E0C470FC3D4D05DE06FB30B |
SHA-256: | 4A719439027A279B14A05D650691BED6E0A437AE87FB55895406616A55C6C720 |
SHA-512: | 53C97FDFD5299B92CA91FA2D4F0899C3535C587AEAC3C49D05676270FED64C771369D65E74BB26E3519C3190A83FE3FFE3120B8FFD3F66CD3AAAED9F97B38F35 |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
|
Process: | /usr/bin/cp |
File Type: | |
Category: | dropped |
Size (bytes): | 48964 |
Entropy (8bit): | 7.872626881117998 |
Encrypted: | false |
SSDEEP: | 768:M02iLxh+reNihi1th2C8k+glPiDtQzUk5MZpbwMraJl7nyIsrJPudcNm9d/sjucW:M01Pe2XggtWtQQk5MZpB+l7nYrEdc89Z |
MD5: | 12CEDF7CD63208EE8FD9D0359637C46C |
SHA1: | 6C376C3A9D7811100E0C470FC3D4D05DE06FB30B |
SHA-256: | 4A719439027A279B14A05D650691BED6E0A437AE87FB55895406616A55C6C720 |
SHA-512: | 53C97FDFD5299B92CA91FA2D4F0899C3535C587AEAC3C49D05676270FED64C771369D65E74BB26E3519C3190A83FE3FFE3120B8FFD3F66CD3AAAED9F97B38F35 |
Malicious: | true |
Reputation: | low |
Preview: |
|
Process: | /usr/bin/crontab |
File Type: | |
Category: | dropped |
Size (bytes): | 257 |
Entropy (8bit): | 5.044470124684252 |
Encrypted: | false |
SSDEEP: | 6:SUrpqoqQjEOP1KmREJOBFQLvoq/GMQ5UYLtCFt39YBtGF5qzK37hGFz:8QjHig8PeHLU9YfsqzKda |
MD5: | DF95A2C7C3B0CD129B811ACB5B3F1AE2 |
SHA1: | 6EC8911B9A2E3118E7C0266CD9C5773560847561 |
SHA-256: | 6E0A8836D397C79499B91924D125E4A61ECCC754B3E8F8C5ADC54F2730F91FCB |
SHA-512: | D10E25C7A26CF2734B5B013EFCD4F8064AF6A622D332ECDA32898E2D6112AD85769DF9A2EC2DD8C4CEEA7D1E7747760A658499596075A4F5654FC59D6B908E03 |
Malicious: | true |
Reputation: | low |
Preview: |
|
Process: | /usr/bin/crontab |
File Type: | |
Category: | dropped |
Size (bytes): | 214 |
Entropy (8bit): | 5.08265322520662 |
Encrypted: | false |
SSDEEP: | 6:SUrpqoqQjEOP1KmREJOBFQLvoVMGMQ5UYLtCFt39YBtGFz:8QjHig81eHLU9Yfa |
MD5: | EAE2C6FCF5EABDAA69293E977CFADD46 |
SHA1: | 48380E921376A39BCA7394431D75C5D7784FAC4A |
SHA-256: | 466969C2F234EF9AE5D4D5211F538E3D9484FDDBF2F05D0F8492766CD786F7F3 |
SHA-512: | C9671A2ED8308A688264E8F1F6C80171CF2F6503547D50D19268C59C88D65CB7AA1F304024D853D10015846AF12A929706EA19AB92796B60F2A907A1557AEDC3 |
Malicious: | true |
Preview: |
|
Process: | /usr/bin/crontab |
File Type: | |
Category: | dropped |
Size (bytes): | 344 |
Entropy (8bit): | 4.939921822102709 |
Encrypted: | false |
SSDEEP: | 6:SUrpqoqQjEOP1KmREJOBFQLvo6tGMQ5UYLtCFt39YBtGF5qzK37hGF5qIajbGF5f:8QjHig8BeHLU9YfsqzKdsq1bsq0Ya |
MD5: | B763760C5B7244C7F8D5820EEA8FDFEF |
SHA1: | 486F8DA270FDD9F9CF632683A83BC3D096698852 |
SHA-256: | 4115FFF1095E3A1A33E1AADDCAB3BA4237F61BD042C5387B6984C768F7D9C33B |
SHA-512: | 0D5C811C63CC1B309F8B6DCEEAF19E5134984E4501D9B5A58EE15791AD5B5FDCD1456338E72DE66483661614584D786B91B2D1D85724A5FEBF80E048E875FC76 |
Malicious: | true |
Preview: |
|
Process: | /usr/bin/crontab |
File Type: | |
Category: | dropped |
Size (bytes): | 387 |
Entropy (8bit): | 4.878171815272619 |
Encrypted: | false |
SSDEEP: | 12:8QjHig8MqeHLU9YfsqzKdsq1bsq0Ysqha:8+kALUqkqLqSqeq4 |
MD5: | 47FB44CEA709598934EF70711333C669 |
SHA1: | 2F7BFE9E83A60D695CCDC1C2696751C67FFAF0C3 |
SHA-256: | 3DE200DD9B08562F2BE7B77BCF41378AA5FE0A950B10B08020080D6D30BE8A58 |
SHA-512: | 36D4853540AE23D604E7F73FCB401AAC087300370A8222FDDD5978B7175BE9FA24783AA0FE7662C1E8115F8F4CABE2DB5556BC77FF97BC6EB2C6BC09E90C5928 |
Malicious: | true |
Preview: |
|
Process: | /usr/bin/crontab |
File Type: | |
Category: | dropped |
Size (bytes): | 300 |
Entropy (8bit): | 4.979349083506767 |
Encrypted: | false |
SSDEEP: | 6:SUrpqoqQjEOP1KmREJOBFQLvoq/GMQ5UYLtCFt39YBtGF5qzK37hGF5qIajbGFz:8QjHig8PeHLU9YfsqzKdsq1ba |
MD5: | 6DE043946D868F92817F556D924A8D8A |
SHA1: | 32CDFB2C428F9837AE47E0E89EDF30EFAA8BDB83 |
SHA-256: | 96902F1E136319C8025FF88BDE04A9B8CFC97E68C4EB113378220C5D5E6D00A8 |
SHA-512: | C9D320AE360E12A80F59224AC9902189062DB831CA1836683DF273E923A5117A23D46ED727E1A7940FBD08F2D2ED6D6270D9F48F5C37A1C7BC54816E5E57FCC2 |
Malicious: | true |
Preview: |
|
Process: | /usr/bin/cp |
File Type: | |
Category: | dropped |
Size (bytes): | 48964 |
Entropy (8bit): | 7.872626881117998 |
Encrypted: | false |
SSDEEP: | 768:M02iLxh+reNihi1th2C8k+glPiDtQzUk5MZpbwMraJl7nyIsrJPudcNm9d/sjucW:M01Pe2XggtWtQQk5MZpB+l7nYrEdc89Z |
MD5: | 12CEDF7CD63208EE8FD9D0359637C46C |
SHA1: | 6C376C3A9D7811100E0C470FC3D4D05DE06FB30B |
SHA-256: | 4A719439027A279B14A05D650691BED6E0A437AE87FB55895406616A55C6C720 |
SHA-512: | 53C97FDFD5299B92CA91FA2D4F0899C3535C587AEAC3C49D05676270FED64C771369D65E74BB26E3519C3190A83FE3FFE3120B8FFD3F66CD3AAAED9F97B38F35 |
Malicious: | true |
Preview: |
|
Static File Info |
---|
General | |
---|---|
File type: | |
Entropy (8bit): | 7.872626881117998 |
TrID: |
|
File name: | pty3 |
File size: | 48964 |
MD5: | 12cedf7cd63208ee8fd9d0359637c46c |
SHA1: | 6c376c3a9d7811100e0c470fc3d4d05de06fb30b |
SHA256: | 4a719439027a279b14a05d650691bed6e0a437ae87fb55895406616a55c6c720 |
SHA512: | 53c97fdfd5299b92ca91fa2d4f0899c3535c587aeac3c49d05676270fed64c771369d65e74bb26e3519c3190a83fe3ffe3120b8ffd3f66cd3aaaed9f97b38f35 |
SSDEEP: | 768:M02iLxh+reNihi1th2C8k+glPiDtQzUk5MZpbwMraJl7nyIsrJPudcNm9d/sjucW:M01Pe2XggtWtQQk5MZpB+l7nYrEdc89Z |
File Content Preview: | .ELF..............>.............@...................@.8...@.....................................................................P.......P.Q.....P.Q............................./l......l...................b.........!..ELF......>....@.m.m...H.#..v..8......+ |
Static ELF Info |
---|
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | |
Entry Point Address: | |
Flags: | |
ELF Header Size: | |
Program Header Offset: | |
Program Header Size: | |
Number of Program Headers: | |
Section Header Offset: | |
Section Header Size: | |
Number of Section Headers: | |
Header String Table Index: |
Program Segments |
---|
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x100000 | 0x100000 | 0xbde4 | 0xbde4 | 4.3838 | 0x5 | R E | 0x100000 | ||
LOAD | 0x1ad50 | 0x51ad50 | 0x51ad50 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x100000 |
Network Behavior |
---|
Snort IDS Alerts |
---|
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
12/21/21-15:42:16.929658 | TCP | 2034743 | ET TROJAN ELF/Muhstik Botnet CnC Activity | 35994 | 8080 | 192.168.2.23 | 144.172.71.180 |
Network Port Distribution |
---|
TCP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Dec 21, 2021 15:42:08.019571066 CET | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Dec 21, 2021 15:42:08.275553942 CET | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Dec 21, 2021 15:42:15.912678957 CET | 35994 | 8080 | 192.168.2.23 | 144.172.71.180 |
Dec 21, 2021 15:42:16.049130917 CET | 8080 | 35994 | 144.172.71.180 | 192.168.2.23 |
Dec 21, 2021 15:42:16.049240112 CET | 35994 | 8080 | 192.168.2.23 | 144.172.71.180 |
Dec 21, 2021 15:42:16.929657936 CET | 35994 | 8080 | 192.168.2.23 | 144.172.71.180 |
Dec 21, 2021 15:42:17.066152096 CET | 8080 | 35994 | 144.172.71.180 | 192.168.2.23 |
Dec 21, 2021 15:42:17.066185951 CET | 8080 | 35994 | 144.172.71.180 | 192.168.2.23 |
Dec 21, 2021 15:42:17.066231012 CET | 35994 | 8080 | 192.168.2.23 | 144.172.71.180 |
Dec 21, 2021 15:42:17.071268082 CET | 35994 | 8080 | 192.168.2.23 | 144.172.71.180 |
Dec 21, 2021 15:42:17.207802057 CET | 8080 | 35994 | 144.172.71.180 | 192.168.2.23 |
Dec 21, 2021 15:42:17.207875013 CET | 35994 | 8080 | 192.168.2.23 | 144.172.71.180 |
Dec 21, 2021 15:42:17.214865923 CET | 35994 | 8080 | 192.168.2.23 | 144.172.71.180 |
Dec 21, 2021 15:42:17.391129971 CET | 8080 | 35994 | 144.172.71.180 | 192.168.2.23 |
Dec 21, 2021 15:42:17.391232967 CET | 35994 | 8080 | 192.168.2.23 | 144.172.71.180 |
Dec 21, 2021 15:42:17.527667046 CET | 8080 | 35994 | 144.172.71.180 | 192.168.2.23 |
Dec 21, 2021 15:42:17.527698994 CET | 8080 | 35994 | 144.172.71.180 | 192.168.2.23 |
Dec 21, 2021 15:42:17.527792931 CET | 35994 | 8080 | 192.168.2.23 | 144.172.71.180 |
Dec 21, 2021 15:42:23.891464949 CET | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Dec 21, 2021 15:42:34.131242990 CET | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Dec 21, 2021 15:42:38.227170944 CET | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Dec 21, 2021 15:43:04.850769043 CET | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
UDP Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Dec 21, 2021 15:42:14.978840113 CET | 34938 | 53 | 192.168.2.23 | 1.1.1.1 |
Dec 21, 2021 15:42:15.310522079 CET | 53 | 34938 | 1.1.1.1 | 192.168.2.23 |
Dec 21, 2021 15:42:15.310771942 CET | 34938 | 53 | 192.168.2.23 | 1.1.1.1 |
Dec 21, 2021 15:42:15.326884985 CET | 53 | 34938 | 1.1.1.1 | 192.168.2.23 |
Dec 21, 2021 15:42:15.332324028 CET | 57599 | 53 | 192.168.2.23 | 1.1.1.1 |
Dec 21, 2021 15:42:15.532357931 CET | 53 | 57599 | 1.1.1.1 | 192.168.2.23 |
Dec 21, 2021 15:42:15.532561064 CET | 57599 | 53 | 192.168.2.23 | 1.1.1.1 |
Dec 21, 2021 15:42:15.548819065 CET | 53 | 57599 | 1.1.1.1 | 192.168.2.23 |
Dec 21, 2021 15:42:15.564263105 CET | 43324 | 53 | 192.168.2.23 | 1.1.1.1 |
Dec 21, 2021 15:42:15.600769997 CET | 53 | 43324 | 1.1.1.1 | 192.168.2.23 |
Dec 21, 2021 15:42:15.600950003 CET | 43324 | 53 | 192.168.2.23 | 1.1.1.1 |
Dec 21, 2021 15:42:15.618341923 CET | 53 | 43324 | 1.1.1.1 | 192.168.2.23 |
Dec 21, 2021 15:42:15.630446911 CET | 55842 | 53 | 192.168.2.23 | 1.1.1.1 |
Dec 21, 2021 15:42:15.895953894 CET | 53 | 55842 | 1.1.1.1 | 192.168.2.23 |
Dec 21, 2021 15:42:15.896136045 CET | 55842 | 53 | 192.168.2.23 | 1.1.1.1 |
Dec 21, 2021 15:42:15.912287951 CET | 53 | 55842 | 1.1.1.1 | 192.168.2.23 |
DNS Queries |
---|
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Dec 21, 2021 15:42:14.978840113 CET | 192.168.2.23 | 1.1.1.1 | 0x3b86 | Standard query (0) | A (IP address) | IN (0x0001) | |
Dec 21, 2021 15:42:15.310771942 CET | 192.168.2.23 | 1.1.1.1 | 0x3b86 | Standard query (0) | A (IP address) | IN (0x0001) | |
Dec 21, 2021 15:42:15.332324028 CET | 192.168.2.23 | 1.1.1.1 | 0xec14 | Standard query (0) | A (IP address) | IN (0x0001) | |
Dec 21, 2021 15:42:15.532561064 CET | 192.168.2.23 | 1.1.1.1 | 0xec14 | Standard query (0) | A (IP address) | IN (0x0001) | |
Dec 21, 2021 15:42:15.564263105 CET | 192.168.2.23 | 1.1.1.1 | 0xbaad | Standard query (0) | A (IP address) | IN (0x0001) | |
Dec 21, 2021 15:42:15.600950003 CET | 192.168.2.23 | 1.1.1.1 | 0xbaad | Standard query (0) | A (IP address) | IN (0x0001) | |
Dec 21, 2021 15:42:15.630446911 CET | 192.168.2.23 | 1.1.1.1 | 0x3128 | Standard query (0) | A (IP address) | IN (0x0001) | |
Dec 21, 2021 15:42:15.896136045 CET | 192.168.2.23 | 1.1.1.1 | 0x3128 | Standard query (0) | A (IP address) | IN (0x0001) |
DNS Answers |
---|
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Dec 21, 2021 15:42:15.310522079 CET | 1.1.1.1 | 192.168.2.23 | 0x3b86 | Name error (3) | none | none | A (IP address) | IN (0x0001) | |
Dec 21, 2021 15:42:15.326884985 CET | 1.1.1.1 | 192.168.2.23 | 0x3b86 | Name error (3) | none | none | A (IP address) | IN (0x0001) | |
Dec 21, 2021 15:42:15.532357931 CET | 1.1.1.1 | 192.168.2.23 | 0xec14 | Name error (3) | none | none | A (IP address) | IN (0x0001) | |
Dec 21, 2021 15:42:15.548819065 CET | 1.1.1.1 | 192.168.2.23 | 0xec14 | Name error (3) | none | none | A (IP address) | IN (0x0001) | |
Dec 21, 2021 15:42:15.600769997 CET | 1.1.1.1 | 192.168.2.23 | 0xbaad | Name error (3) | none | none | A (IP address) | IN (0x0001) | |
Dec 21, 2021 15:42:15.618341923 CET | 1.1.1.1 | 192.168.2.23 | 0xbaad | Name error (3) | none | none | A (IP address) | IN (0x0001) | |
Dec 21, 2021 15:42:15.895953894 CET | 1.1.1.1 | 192.168.2.23 | 0x3128 | Name error (3) | none | none | A (IP address) | IN (0x0001) | |
Dec 21, 2021 15:42:15.912287951 CET | 1.1.1.1 | 192.168.2.23 | 0x3128 | Name error (3) | none | none | A (IP address) | IN (0x0001) |
IRC Packets |
---|
Timestamp | Source Port | Dest Port | Source IP | Dest IP | Commands |
---|---|---|---|---|---|
Dec 21, 2021 15:42:16.929657936 CET | 35994 | 8080 | 192.168.2.23 | 144.172.71.180 | |
Dec 21, 2021 15:42:17.391232967 CET | 35994 | 8080 | 192.168.2.23 | 144.172.71.180 |
System Behavior |
---|
General |
---|
Start time: | 15:42:06 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | /tmp/pty3 |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:06 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:06 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "pidof -x strace > /dev/null" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:06 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:06 |
Start date: | 21/12/2021 |
Path: | /usr/bin/pidof |
Arguments: | pidof -x strace |
File size: | 27016 bytes |
MD5 hash: | f58f67968fc50f1497f9ea9e9c22b6e8 |
General |
---|
Start time: | 15:42:09 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:09 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "pidof -x tcpdump > /dev/null" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:09 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:09 |
Start date: | 21/12/2021 |
Path: | /usr/bin/pidof |
Arguments: | pidof -x tcpdump |
File size: | 27016 bytes |
MD5 hash: | f58f67968fc50f1497f9ea9e9c22b6e8 |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "crontab -r" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab -r |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "crontab -l | grep /tmp/pty3 | grep -v \"no cron\" || (crontab -l ; echo \"* * * * * /tmp/pty3 > /dev/null 2>&1 &\") | crontab -" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab -l |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep /tmp/pty3 |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -v "no cron" |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab -l |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab - |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "cat /etc/inittab | grep -v \"/tmp/pty3\" > /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /usr/bin/cat |
Arguments: | cat /etc/inittab |
File size: | 43416 bytes |
MD5 hash: | 7e9d213e404ad3bb82e4ebb2e1f2c1b3 |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -v /tmp/pty3 |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "echo \"0:2345:respawn:/tmp/pty3\" >> /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "cat /etc/inittab2 > /etc/inittab" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /usr/bin/cat |
Arguments: | cat /etc/inittab2 |
File size: | 43416 bytes |
MD5 hash: | 7e9d213e404ad3bb82e4ebb2e1f2c1b3 |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "rm -rf /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:12 |
Start date: | 21/12/2021 |
Path: | /usr/bin/rm |
Arguments: | rm -rf /etc/inittab2 |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "touch -acmr /bin/ls /etc/inittab" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /usr/bin/touch |
Arguments: | touch -acmr /bin/ls /etc/inittab |
File size: | 100728 bytes |
MD5 hash: | 3859c173f5d3b37be3e531b7c84a9c68 |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "cp -f /tmp/pty3 /dev/shm/pty3" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /usr/bin/cp |
Arguments: | cp -f /tmp/pty3 /dev/shm/pty3 |
File size: | 153976 bytes |
MD5 hash: | 40f10ae7ea3e44218d1a8c306f79c83f |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "crontab -l | grep /dev/shm/pty3 | grep -v \"no cron\" || (crontab -l ; echo \"* * * * * /dev/shm/pty3 > /dev/null 2>&1 &\") | crontab -" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab -l |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep /dev/shm/pty3 |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -v "no cron" |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab -l |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab - |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "cat /etc/inittab | grep -v \"/dev/shm/pty3\" > /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/cat |
Arguments: | cat /etc/inittab |
File size: | 43416 bytes |
MD5 hash: | 7e9d213e404ad3bb82e4ebb2e1f2c1b3 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -v /dev/shm/pty3 |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "echo \"0:2345:respawn:/dev/shm/pty3\" >> /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "cat /etc/inittab2 > /etc/inittab" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/cat |
Arguments: | cat /etc/inittab2 |
File size: | 43416 bytes |
MD5 hash: | 7e9d213e404ad3bb82e4ebb2e1f2c1b3 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "rm -rf /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/rm |
Arguments: | rm -rf /etc/inittab2 |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "touch -acmr /bin/ls /etc/inittab" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/touch |
Arguments: | touch -acmr /bin/ls /etc/inittab |
File size: | 100728 bytes |
MD5 hash: | 3859c173f5d3b37be3e531b7c84a9c68 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "cp -f /tmp/pty3 /var/tmp/pty3" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/cp |
Arguments: | cp -f /tmp/pty3 /var/tmp/pty3 |
File size: | 153976 bytes |
MD5 hash: | 40f10ae7ea3e44218d1a8c306f79c83f |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "crontab -l | grep /var/tmp/pty3 | grep -v \"no cron\" || (crontab -l ; echo \"* * * * * /var/tmp/pty3 > /dev/null 2>&1 &\") | crontab -" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab -l |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep /var/tmp/pty3 |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -v "no cron" |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab -l |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab - |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "cat /etc/inittab | grep -v \"/var/tmp/pty3\" > /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/cat |
Arguments: | cat /etc/inittab |
File size: | 43416 bytes |
MD5 hash: | 7e9d213e404ad3bb82e4ebb2e1f2c1b3 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -v /var/tmp/pty3 |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "echo \"0:2345:respawn:/var/tmp/pty3\" >> /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "cat /etc/inittab2 > /etc/inittab" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/cat |
Arguments: | cat /etc/inittab2 |
File size: | 43416 bytes |
MD5 hash: | 7e9d213e404ad3bb82e4ebb2e1f2c1b3 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "rm -rf /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/rm |
Arguments: | rm -rf /etc/inittab2 |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "touch -acmr /bin/ls /etc/inittab" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/touch |
Arguments: | touch -acmr /bin/ls /etc/inittab |
File size: | 100728 bytes |
MD5 hash: | 3859c173f5d3b37be3e531b7c84a9c68 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "cp -f /tmp/pty3 /var/lock/pty3" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/cp |
Arguments: | cp -f /tmp/pty3 /var/lock/pty3 |
File size: | 153976 bytes |
MD5 hash: | 40f10ae7ea3e44218d1a8c306f79c83f |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "crontab -l | grep /var/lock/pty3 | grep -v \"no cron\" || (crontab -l ; echo \"* * * * * /var/lock/pty3 > /dev/null 2>&1 &\") | crontab -" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab -l |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:15 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep /var/lock/pty3 |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:15 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:15 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -v "no cron" |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:15 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:15 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:15 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab -l |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:15 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:15 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab - |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "cat /etc/inittab | grep -v \"/var/lock/pty3\" > /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/cat |
Arguments: | cat /etc/inittab |
File size: | 43416 bytes |
MD5 hash: | 7e9d213e404ad3bb82e4ebb2e1f2c1b3 |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:14 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -v /var/lock/pty3 |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:15 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:15 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "echo \"0:2345:respawn:/var/lock/pty3\" >> /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "cat /etc/inittab2 > /etc/inittab" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /usr/bin/cat |
Arguments: | cat /etc/inittab2 |
File size: | 43416 bytes |
MD5 hash: | 7e9d213e404ad3bb82e4ebb2e1f2c1b3 |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "rm -rf /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /usr/bin/rm |
Arguments: | rm -rf /etc/inittab2 |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "touch -acmr /bin/ls /etc/inittab" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /usr/bin/touch |
Arguments: | touch -acmr /bin/ls /etc/inittab |
File size: | 100728 bytes |
MD5 hash: | 3859c173f5d3b37be3e531b7c84a9c68 |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "cp -f /tmp/pty3 /var/run/pty3" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /usr/bin/cp |
Arguments: | cp -f /tmp/pty3 /var/run/pty3 |
File size: | 153976 bytes |
MD5 hash: | 40f10ae7ea3e44218d1a8c306f79c83f |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "crontab -l | grep /var/run/pty3 | grep -v \"no cron\" || (crontab -l ; echo \"* * * * * /var/run/pty3 > /dev/null 2>&1 &\") | crontab -" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab -l |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep /var/run/pty3 |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -v "no cron" |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:17 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:17 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:17 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab -l |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:17 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:17 |
Start date: | 21/12/2021 |
Path: | /usr/bin/crontab |
Arguments: | crontab - |
File size: | 43720 bytes |
MD5 hash: | 66e521d421ac9b407699061bf21806f5 |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "cat /etc/inittab | grep -v \"/var/run/pty3\" > /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /usr/bin/cat |
Arguments: | cat /etc/inittab |
File size: | 43416 bytes |
MD5 hash: | 7e9d213e404ad3bb82e4ebb2e1f2c1b3 |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:16 |
Start date: | 21/12/2021 |
Path: | /usr/bin/grep |
Arguments: | grep -v /var/run/pty3 |
File size: | 199136 bytes |
MD5 hash: | 1e6ebb9dd094f774478f72727bdba0f5 |
General |
---|
Start time: | 15:42:17 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:17 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "echo \"0:2345:respawn:/var/run/pty3\" >> /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:18 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:18 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "cat /etc/inittab2 > /etc/inittab" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:18 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:18 |
Start date: | 21/12/2021 |
Path: | /usr/bin/cat |
Arguments: | cat /etc/inittab2 |
File size: | 43416 bytes |
MD5 hash: | 7e9d213e404ad3bb82e4ebb2e1f2c1b3 |
General |
---|
Start time: | 15:42:18 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:18 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "rm -rf /etc/inittab2" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:18 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:18 |
Start date: | 21/12/2021 |
Path: | /usr/bin/rm |
Arguments: | rm -rf /etc/inittab2 |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
General |
---|
Start time: | 15:42:18 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:18 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "touch -acmr /bin/ls /etc/inittab" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:18 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:18 |
Start date: | 21/12/2021 |
Path: | /usr/bin/touch |
Arguments: | touch -acmr /bin/ls /etc/inittab |
File size: | 100728 bytes |
MD5 hash: | 3859c173f5d3b37be3e531b7c84a9c68 |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /tmp/pty3 |
Arguments: | n/a |
File size: | 48964 bytes |
MD5 hash: | 12cedf7cd63208ee8fd9d0359637c46c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | sh -c "/bin/uname -n" |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /bin/sh |
Arguments: | n/a |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
General |
---|
Start time: | 15:42:13 |
Start date: | 21/12/2021 |
Path: | /bin/uname |
Arguments: | /bin/uname -n |
File size: | 39288 bytes |
MD5 hash: | 4ac7c634c5bec95753c480e9d421dcc2 |