Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
63CYVWIouB

Overview

General Information

Sample Name:63CYVWIouB
Analysis ID:626581
MD5:c43b1f7f5d82b0e0af11805d19221314
SHA1:1da4e06856562c57e45e2b2785060026a238ef6b
SHA256:f403c4a3db6554515ee5ee692b93baa31a4083ac1832a0ed64f62043c9467b60
Tags:32elfintelmirai
Infos:

Detection

Mirai
Score:68
Range:0 - 100
Whitelisted:false

Signatures

Yara detected Mirai
Multi AV Scanner detection for submitted file
Sample deletes itself
Uses known network protocols on non-standard ports
Machine Learning detection for sample
Sample has stripped symbol table
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Detected TCP or UDP traffic on non-standard ports
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable

Classification

Analysis Advice

All HTTP servers contacted by the sample do not answer. The sample is likely an old dropper which does no longer work.

General Information

Joe Sandbox Version:34.0.0 Boulder Opal
Analysis ID:626581
Start date and time: 14/05/202214:45:102022-05-14 14:45:10 +02:00
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 5m 7s
Hypervisor based Inspection enabled:false
Report type:light
Sample file name:63CYVWIouB
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Detection:MAL
Classification:mal68.troj.evad.lin@0/0@0/0

Warnings

  • Report size exceeded maximum capacity and may have missing network information.
  • TCP Packets have been reduced to 100

Runtime Messages

Command:/tmp/63CYVWIouB
PID:6234
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
cronus
Standard Error:

Process Tree

  • system is lnxubuntu20
  • 63CYVWIouB (PID: 6234, Parent: 6125, MD5: c43b1f7f5d82b0e0af11805d19221314) Arguments: /tmp/63CYVWIouB
  • cleanup

Yara Signatures

PCAP (Network Traffic)

SourceRuleDescriptionAuthorStrings
dump.pcapJoeSecurity_Mirai_12Yara detected MiraiJoe Security

    Snort Signatures

    No Snort rule has matched

    Joe Sandbox Signatures

    Click to jump to signature section

    Show All Signature Results

    AV Detection

    barindex
    Multi AV Scanner detection for submitted file
    Source: 63CYVWIouBVirustotal: Detection: 44%Perma Link
    Source: 63CYVWIouBMetadefender: Detection: 31%Perma Link
    Source: 63CYVWIouBReversingLabs: Detection: 60%
    Machine Learning detection for sample
    Source: 63CYVWIouBJoe Sandbox ML: detected

    Networking

    barindex
    Uses known network protocols on non-standard ports
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47720
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47746
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47760
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47784
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47812
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47842
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47870
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47898
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47924
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47950
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47992
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48018
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48118
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48136
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48150
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48170
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48196
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48220
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48238
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48258
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48274
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48300
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48326
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48348
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48374
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48398
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48432
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48466
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48490
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48518
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48548
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48572
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48602
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48638
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48666
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48686
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48710
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48742
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48760
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48774
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48796
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48808
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48824
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48844
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48864
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48886
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48916
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48936
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48954
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48974
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48992
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 49012
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 49026
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 49046
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57380
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57396
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57412
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57430
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57448
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57468
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57488
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57500
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57526
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57538
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57556
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57566
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57578
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57600
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57614
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57624
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57642
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57658
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57670
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57688
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57700
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57726
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57748
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57766
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57794
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57898
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57932
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57968
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57998
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58028
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58064
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58100
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58270
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58320
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58362
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58410
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58462
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58506
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58544
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58580
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58610
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58658
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58698
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58734
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58764
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58808
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58866
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58922
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58970
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 59020
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 59050
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 59080
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 59098
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 59116
    Source: global trafficTCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
    Source: global trafficTCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80
    Source: global trafficTCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 202.13.58.53:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 20.241.57.58:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 34.130.108.73:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 102.190.207.4:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 116.248.169.90:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 59.24.40.153:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 35.92.12.67:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 25.67.26.116:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 175.119.150.165:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 60.9.42.195:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 8.82.12.192:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 117.190.186.56:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 178.101.172.161:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 46.129.169.123:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 147.125.183.30:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 9.183.102.201:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 171.170.69.247:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 171.67.205.9:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 59.66.52.85:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 93.143.107.80:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 74.245.175.2:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 188.138.245.214:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 178.219.30.151:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 185.250.119.20:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 99.171.12.61:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 132.106.64.34:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 106.208.86.111:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 112.188.54.97:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 114.45.89.236:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 5.64.152.87:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 210.39.189.151:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 24.129.116.218:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 160.193.60.34:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 145.105.231.135:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 12.103.130.143:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 222.96.251.207:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 150.56.114.255:2323
    Source: global trafficTCP traffic: 192.168.2.23:44776 -> 109.237.96.25:5034
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 112.141.155.23:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 84.145.120.51:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 32.18.49.63:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 62.226.171.238:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 183.148.24.6:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 75.228.133.15:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 19.154.113.242:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 157.167.149.252:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 120.152.109.181:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 70.246.202.45:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 142.157.155.255:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 109.213.40.26:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 78.162.254.135:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 156.234.127.230:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 32.184.13.175:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 144.12.213.230:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 193.34.252.165:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 212.2.69.147:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 78.68.204.52:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 135.100.87.194:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 95.41.14.159:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 164.101.214.124:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 132.184.251.15:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 20.212.22.183:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 209.194.195.186:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 106.105.186.173:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 193.228.4.89:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 207.94.80.14:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 205.255.71.119:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 89.76.183.67:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 13.36.209.210:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 71.231.245.47:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 197.109.127.159:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 159.12.5.172:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 86.255.246.47:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 136.229.248.57:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 133.80.225.232:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 35.48.111.230:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 111.32.166.217:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 134.9.229.105:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 196.220.17.172:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 210.67.197.180:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 5.35.109.17:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 25.172.89.42:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 32.15.250.56:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 73.145.5.207:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 145.105.214.140:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 119.248.33.239:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 219.207.132.70:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 40.235.211.102:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 222.186.171.201:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 12.235.158.53:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 184.15.252.247:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 188.14.97.152:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 187.94.193.7:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 79.25.83.64:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 13.72.12.62:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 198.78.195.187:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 83.122.251.124:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 37.188.43.40:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 218.215.208.95:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 150.98.141.145:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 32.15.11.71:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 201.140.133.162:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 181.147.122.185:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 94.61.16.25:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 82.110.80.255:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 134.133.125.122:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 168.75.69.250:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 103.119.230.228:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 61.219.193.47:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 91.105.147.201:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 4.133.121.216:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 76.241.166.176:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 181.42.14.2:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 98.11.249.243:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 189.129.107.68:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 124.175.20.70:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 107.244.214.108:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 131.85.240.102:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 19.14.158.234:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 19.78.38.211:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 73.0.58.208:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 185.119.213.105:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 119.231.163.102:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 146.37.61.200:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 221.152.203.68:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 109.111.104.142:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 116.144.94.141:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 205.41.164.65:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 217.40.207.0:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 161.49.213.171:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 217.202.237.86:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 79.38.168.230:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 139.17.229.252:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 159.34.48.175:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 142.226.216.36:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 147.57.151.8:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 23.153.27.204:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 103.68.126.232:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 62.238.62.164:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 36.170.58.75:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 154.214.79.25:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 32.216.94.77:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 74.74.172.73:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 82.228.83.180:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 221.101.0.21:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 27.128.81.138:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 125.69.19.87:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 113.218.11.167:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 69.153.64.205:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 176.218.201.143:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 221.232.156.111:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 199.204.219.61:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 92.202.170.78:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 179.139.250.77:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 210.181.171.255:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 206.20.57.128:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 184.169.237.157:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 110.196.104.38:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 162.155.189.67:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 218.236.221.232:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 8.142.224.39:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 163.156.57.91:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 39.67.142.209:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 162.103.162.177:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 18.85.147.241:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 110.49.240.59:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 147.78.8.213:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 120.146.193.70:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 93.186.95.106:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 1.188.137.251:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 14.41.185.232:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 139.194.233.148:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 80.113.192.159:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 139.121.210.129:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 157.3.129.162:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 154.108.116.134:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 129.134.109.163:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 162.166.184.232:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 36.173.17.41:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 34.97.89.167:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 168.197.71.126:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 35.77.32.114:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 140.51.164.153:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 20.128.25.139:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 130.86.223.107:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 181.44.31.142:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 131.202.191.60:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 203.108.141.231:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 122.143.141.231:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 138.171.100.210:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 170.253.208.60:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 108.151.6.11:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 218.234.53.40:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 153.74.96.185:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 76.86.182.43:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 72.0.236.235:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 143.16.74.232:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 131.251.227.37:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 161.108.132.233:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 18.107.187.58:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 103.135.83.198:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 196.166.138.176:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 210.131.230.27:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 36.123.247.76:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 92.240.203.211:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 100.45.191.248:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 135.60.249.41:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 187.90.51.246:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 170.144.61.51:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 181.192.166.25:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 199.111.49.223:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 51.134.238.250:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 198.54.117.59:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 176.140.84.178:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 132.174.77.87:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 194.166.158.201:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 180.207.31.85:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 124.181.28.215:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 185.205.178.50:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 35.188.201.154:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 221.247.30.111:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 143.56.204.170:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 129.90.63.55:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 107.54.47.120:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 174.137.254.209:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 75.130.171.100:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 43.175.199.83:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 12.142.229.20:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 219.102.173.16:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 81.198.120.125:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 151.158.117.245:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 20.34.254.61:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 105.97.241.122:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 17.156.238.227:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 8.71.143.246:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 114.132.228.111:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 52.97.134.126:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 71.194.63.129:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 217.88.7.39:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 42.134.116.102:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 67.227.61.218:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 198.229.212.143:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 205.11.52.25:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 71.146.56.181:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 87.41.128.46:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 180.149.126.156:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 223.138.70.93:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 118.172.232.35:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 109.205.39.195:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 64.29.58.16:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 152.11.150.28:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 200.27.137.20:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 52.254.112.255:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 99.233.53.79:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 164.193.177.17:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 207.251.46.243:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 161.104.227.40:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 125.46.159.93:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 165.127.74.174:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 167.247.65.87:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 222.214.62.221:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 124.44.112.234:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 119.35.141.64:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 95.122.251.161:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 207.111.53.82:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 31.248.36.131:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 150.17.12.235:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 195.241.73.72:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 219.155.40.14:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 159.252.248.95:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 191.44.244.152:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 50.179.211.242:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 42.121.162.157:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 1.248.223.232:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 62.63.178.132:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 107.196.124.23:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 169.205.154.66:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 140.56.146.252:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 207.140.127.191:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 168.135.180.244:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 92.31.205.251:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 155.62.98.189:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 121.152.53.185:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 199.74.165.226:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 191.136.184.157:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 153.127.129.235:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 213.77.253.15:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 89.26.135.101:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 144.117.227.230:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 139.251.219.59:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 126.15.239.146:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 183.231.129.77:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 48.138.43.206:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 157.251.238.72:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 177.147.154.242:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 129.74.164.58:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 153.207.117.214:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 58.123.217.171:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 89.73.82.58:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 188.140.115.174:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 185.134.76.141:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 74.159.87.63:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 61.221.132.186:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 117.41.40.167:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 58.141.120.152:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 199.121.96.11:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 201.150.244.90:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 138.201.37.6:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 168.173.237.16:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 66.93.117.140:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 205.11.201.247:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 128.156.226.206:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 73.134.91.226:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 14.213.3.126:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 113.116.17.197:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 112.84.147.218:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 164.17.247.91:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 198.133.228.94:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 35.239.162.246:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 123.153.118.29:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 64.141.42.155:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 100.2.90.18:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 111.193.106.95:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 107.15.46.204:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 173.54.27.210:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 140.63.118.216:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 179.237.120.119:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 137.132.77.203:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 185.110.161.211:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 128.121.190.69:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 212.166.183.145:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 36.69.76.190:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 83.15.164.236:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 143.230.39.160:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 89.123.60.158:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 218.174.254.248:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 160.139.116.91:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 87.30.50.101:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 108.19.44.171:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 4.57.252.183:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 208.120.71.35:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 104.75.16.255:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 149.237.101.249:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 138.77.143.194:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 107.109.92.84:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 18.19.159.227:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 134.94.88.168:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 38.234.92.169:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 66.128.227.15:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 67.231.208.115:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 151.34.100.114:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 31.23.141.1:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 196.212.31.185:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 73.130.91.212:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 2.184.115.211:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 206.76.153.94:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 120.253.192.150:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 63.214.48.81:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 207.48.34.206:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 152.239.128.104:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 91.165.196.202:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 105.188.199.238:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 4.233.182.73:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 189.180.9.108:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 175.156.64.63:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 88.144.94.69:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 112.208.48.41:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 148.147.50.181:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 202.49.130.63:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 219.171.215.218:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 5.176.216.150:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 60.208.54.106:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 154.12.113.0:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 67.255.83.198:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 210.67.113.178:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 24.17.188.225:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 185.227.2.106:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 190.76.39.252:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 23.133.132.120:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 180.93.226.201:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 126.53.66.197:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 39.15.168.139:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 204.175.88.14:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 49.78.216.97:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 2.72.212.186:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 170.84.110.110:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 184.197.166.164:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 34.94.245.16:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 23.46.247.139:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 86.219.217.61:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 131.166.116.50:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 170.239.117.32:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 102.246.249.5:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 103.245.251.121:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 148.249.22.6:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 40.0.30.194:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 43.68.144.124:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 106.7.197.56:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 117.82.164.138:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 219.173.220.224:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 195.181.235.91:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 65.151.132.128:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 196.252.236.77:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 175.56.100.103:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 145.165.90.159:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 175.209.243.228:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 108.178.72.186:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 171.108.243.143:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 222.220.150.11:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 213.98.34.244:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 66.222.3.228:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 19.126.167.47:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 212.46.160.187:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 159.44.242.171:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 103.97.150.59:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 38.86.163.152:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 65.248.164.171:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 116.14.114.53:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 161.87.234.126:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 77.190.184.78:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 85.95.227.92:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 69.209.161.78:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 63.241.185.163:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 194.17.149.71:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 104.22.10.162:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 173.239.12.104:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 45.96.71.255:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 70.134.151.37:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 18.220.233.106:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 93.80.116.154:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 46.185.61.219:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 187.33.115.169:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 223.24.148.27:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 138.200.218.146:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 221.45.153.185:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 143.238.157.213:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 69.71.16.33:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 205.154.21.216:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 122.82.252.69:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 207.150.97.202:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 191.245.63.99:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 207.14.174.41:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 47.26.79.98:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 91.189.193.5:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 102.136.22.53:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 110.161.137.10:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 1.45.105.8:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 154.134.200.218:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 77.139.29.68:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 108.54.174.9:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 35.144.222.32:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 47.44.139.40:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 80.2.97.166:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 20.43.164.67:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 103.158.251.216:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 154.106.48.58:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 139.249.35.169:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 133.72.157.59:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 100.148.36.129:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 148.218.254.0:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 96.115.175.108:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 90.185.79.96:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 51.53.121.78:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 124.44.72.22:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 39.184.94.169:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 38.231.230.109:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 166.96.108.210:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 186.0.122.158:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 216.236.180.31:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 1.43.241.229:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 187.160.145.93:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 109.218.71.142:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 83.253.37.88:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 222.235.33.234:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 66.194.27.87:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 150.129.59.43:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 61.197.237.120:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 162.244.137.133:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 190.217.117.77:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 132.67.210.14:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 142.177.124.17:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 36.250.251.43:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 62.19.139.224:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 186.53.31.5:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 23.83.140.110:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 40.97.220.207:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 223.111.87.59:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 180.25.180.243:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 180.168.129.71:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 150.99.143.146:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 194.117.237.38:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 199.25.246.17:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 190.67.213.135:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 89.177.19.150:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 211.163.11.26:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 89.196.81.125:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 132.132.240.220:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 23.95.45.239:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 220.22.245.156:2323
    Source: global trafficTCP traffic: 192.168.2.23:28594 -> 52.179.165.222:2323
    Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
    Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443
    Source: unknownTCP traffic detected without corresponding DNS query: 202.13.58.53
    Source: unknownTCP traffic detected without corresponding DNS query: 200.187.87.121
    Source: unknownTCP traffic detected without corresponding DNS query: 35.186.186.134
    Source: unknownTCP traffic detected without corresponding DNS query: 101.43.167.140
    Source: unknownTCP traffic detected without corresponding DNS query: 164.120.39.89
    Source: unknownTCP traffic detected without corresponding DNS query: 197.78.43.52
    Source: unknownTCP traffic detected without corresponding DNS query: 44.131.77.110
    Source: unknownTCP traffic detected without corresponding DNS query: 222.253.233.235
    Source: unknownTCP traffic detected without corresponding DNS query: 51.112.39.48
    Source: unknownTCP traffic detected without corresponding DNS query: 189.119.166.53
    Source: unknownTCP traffic detected without corresponding DNS query: 182.162.92.13
    Source: unknownTCP traffic detected without corresponding DNS query: 50.212.97.130
    Source: unknownTCP traffic detected without corresponding DNS query: 20.241.57.58
    Source: unknownTCP traffic detected without corresponding DNS query: 117.69.236.59
    Source: unknownTCP traffic detected without corresponding DNS query: 125.18.217.238
    Source: unknownTCP traffic detected without corresponding DNS query: 34.130.108.73
    Source: unknownTCP traffic detected without corresponding DNS query: 129.195.181.218
    Source: unknownTCP traffic detected without corresponding DNS query: 115.177.15.79
    Source: unknownTCP traffic detected without corresponding DNS query: 20.24.17.68
    Source: unknownTCP traffic detected without corresponding DNS query: 90.184.116.122
    Source: unknownTCP traffic detected without corresponding DNS query: 90.222.11.232
    Source: unknownTCP traffic detected without corresponding DNS query: 106.79.86.164
    Source: unknownTCP traffic detected without corresponding DNS query: 145.148.200.104
    Source: unknownTCP traffic detected without corresponding DNS query: 115.184.173.126
    Source: unknownTCP traffic detected without corresponding DNS query: 162.248.27.110
    Source: unknownTCP traffic detected without corresponding DNS query: 4.201.77.176
    Source: unknownTCP traffic detected without corresponding DNS query: 102.190.207.4
    Source: unknownTCP traffic detected without corresponding DNS query: 171.20.107.41
    Source: unknownTCP traffic detected without corresponding DNS query: 217.152.221.251
    Source: unknownTCP traffic detected without corresponding DNS query: 79.1.99.134
    Source: unknownTCP traffic detected without corresponding DNS query: 42.100.70.187
    Source: unknownTCP traffic detected without corresponding DNS query: 185.203.242.23
    Source: unknownTCP traffic detected without corresponding DNS query: 4.187.187.4
    Source: unknownTCP traffic detected without corresponding DNS query: 17.135.3.178
    Source: unknownTCP traffic detected without corresponding DNS query: 70.131.156.230
    Source: unknownTCP traffic detected without corresponding DNS query: 101.145.16.160
    Source: unknownTCP traffic detected without corresponding DNS query: 176.2.21.133
    Source: unknownTCP traffic detected without corresponding DNS query: 213.188.223.212
    Source: unknownTCP traffic detected without corresponding DNS query: 83.53.53.132
    Source: unknownTCP traffic detected without corresponding DNS query: 25.181.206.184
    Source: unknownTCP traffic detected without corresponding DNS query: 193.26.227.163
    Source: unknownTCP traffic detected without corresponding DNS query: 116.248.169.90
    Source: unknownTCP traffic detected without corresponding DNS query: 156.158.4.162
    Source: unknownTCP traffic detected without corresponding DNS query: 105.235.165.56
    Source: unknownTCP traffic detected without corresponding DNS query: 27.203.125.62
    Source: unknownTCP traffic detected without corresponding DNS query: 27.30.50.93
    Source: unknownTCP traffic detected without corresponding DNS query: 172.62.84.214
    Source: unknownTCP traffic detected without corresponding DNS query: 59.24.40.153
    Source: unknownTCP traffic detected without corresponding DNS query: 58.170.40.101
    Source: unknownTCP traffic detected without corresponding DNS query: 18.75.161.179
    Source: ELF static info symbol of initial sample.symtab present: no
    Source: Initial sampleString containing 'busybox' found: /bin/busybox
    Source: Initial sampleString containing 'busybox' found: var/Challengeapp/hi3511gmDVRiboxusr/dvr_main _8182T_1108mnt/mtd/app/guivar/Kylinl0 c/udevdvar/tmp/soniahicorestm_hi3511_dvr/bin/busybox/usr/lib/systemd/systemdusr/shellmnt/sys/boot/media/srv/var/run/sbin/lib/etc/dev/home/Davincitelnetsshwatchdog/var/spool/var/Sofiasshdbashhttpdtelnetddropbearencodersystem/root/dvr_gui//root/dvr_app//anko-app//opt/anko-app/ankosample _8182T_1104/usr/libexec/openssh/sftp-server,
    Source: classification engineClassification label: mal68.troj.evad.lin@0/0@0/0

    Hooking and other Techniques for Hiding and Protection

    barindex
    Sample deletes itself
    Source: /tmp/63CYVWIouB (PID: 6234)File: /tmp/63CYVWIouBJump to behavior
    Uses known network protocols on non-standard ports
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47720
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47746
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47760
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47784
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47812
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47842
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47870
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47898
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47924
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47950
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 47992
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48018
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48118
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48136
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48150
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48170
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48196
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48220
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48238
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48258
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48274
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48300
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48326
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48348
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48374
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48398
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48432
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48466
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48490
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48518
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48548
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48572
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48602
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48638
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48666
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48686
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48710
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48742
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48760
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48774
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48796
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48808
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48824
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48844
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48864
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48886
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48916
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48936
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48954
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48974
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48992
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 49012
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 49026
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 49046
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57380
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57396
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57412
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57430
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57448
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57468
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57488
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57500
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57526
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57538
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57556
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57566
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57578
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57600
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57614
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57624
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57642
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57658
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57670
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57688
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57700
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57726
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57748
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57766
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57794
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57898
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57932
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57968
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 57998
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58028
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58064
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58100
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58270
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58320
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58362
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58410
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58462
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58506
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58544
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58580
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58610
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58658
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58698
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58734
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58764
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58808
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58866
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58922
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 58970
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 59020
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 59050
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 59080
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 59098
    Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 59116

    Stealing of Sensitive Information

    barindex
    Yara detected Mirai
    Source: Yara matchFile source: dump.pcap, type: PCAP

    Remote Access Functionality

    barindex
    Yara detected Mirai
    Source: Yara matchFile source: dump.pcap, type: PCAP

    Mitre Att&ck Matrix

    Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
    Valid AccountsWindows Management InstrumentationPath InterceptionPath Interception1
    File Deletion    		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network Medium1
    Encrypted Channel    		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
    Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth11
    Non-Standard Port    		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
    Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration1
    Application Layer Protocol    		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data

    Malware Configuration

    No configs have been found

    Behavior Graph

    Hide Legend

    Legend:

    • Process
    • Signature
    • Created File
    • DNS/IP Info
    • Is Dropped
    • Number of created Files
    • Is malicious
    • Internet
    behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 626581 Sample: 63CYVWIouB Startdate: 14/05/2022 Architecture: LINUX Score: 68 21 40.134.73.86 WINDSTREAMUS United States 2->21 23 186.237.47.112 WESTINTERNETBANDALARGABR Brazil 2->23 25 98 other IPs or domains 2->25 27 Multi AV Scanner detection for submitted file 2->27 29 Yara detected Mirai 2->29 31 Machine Learning detection for sample 2->31 33 Uses known network protocols on non-standard ports 2->33 8 63CYVWIouB 2->8         started        signatures3 process4 signatures5 35 Sample deletes itself 8->35 11 63CYVWIouB 8->11         started        process6 process7 13 63CYVWIouB 11->13         started        15 63CYVWIouB 11->15         started        17 63CYVWIouB 11->17         started        19 63CYVWIouB 11->19         started       

    Antivirus, Machine Learning and Genetic Malware Detection

    Initial Sample

    SourceDetectionScannerLabelLink
    63CYVWIouB44%VirustotalBrowse
    63CYVWIouB31%MetadefenderBrowse
    63CYVWIouB61%ReversingLabsLinux.Trojan.Mirai
    63CYVWIouB100%Joe Sandbox ML

    Dropped Files

    No Antivirus matches

    Domains

    No Antivirus matches

    URLs

    No Antivirus matches

    Domains and IPs

    Contacted Domains

    No contacted domains info

    World Map of Contacted IPs

    • No. of IPs < 25%
    • 25% < No. of IPs < 50%
    • 50% < No. of IPs < 75%
    • 75% < No. of IPs

    Public IPs

    IPDomainCountryFlagASNASN NameMalicious
    136.225.157.141
    		unknownSweden
    		158ERI-ASUSfalse
    23.40.23.231
    		unknownUnited States
    		16625AKAMAI-ASUSfalse
    65.196.3.91
    		unknownUnited States
    		701UUNETUSfalse
    105.100.195.17
    		unknownAlgeria
    		36947ALGTEL-ASDZfalse
    186.100.167.17
    		unknownArgentina
    		11315TelefonicaMovilesArgentinaSAMovistarArgentinaARfalse
    124.245.123.199
    		unknownJapan7671MCNETNTTSmartConnectCorporationJPfalse
    182.99.121.177
    		unknownChina
    		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
    41.106.43.118
    		unknownAlgeria
    		36947ALGTEL-ASDZfalse
    140.178.253.97
    		unknownUnited States
    		668DNIC-AS-00668USfalse
    84.61.19.221
    		unknownGermany
    		3209VODANETInternationalIP-BackboneofVodafoneDEfalse
    188.136.134.234
    		unknownIran (ISLAMIC Republic Of)
    		48309AGS-ASIRfalse
    77.124.162.219
    		unknownIsrael
    		9116GOLDENLINES-ASNPartnerCommunicationsMainAutonomousSystefalse
    38.253.112.215
    		unknownUnited States
    		174COGENT-174USfalse
    87.17.178.52
    		unknownItaly
    		3269ASN-IBSNAZITfalse
    152.148.171.215
    		unknownUnited States
    		10455LUCENT-CIOUSfalse
    1.248.72.166
    		unknownKorea Republic of
    		9318SKB-ASSKBroadbandCoLtdKRfalse
    149.65.120.44
    		unknownUnited States
    		188SAIC-ASUSfalse
    186.237.47.112
    		unknownBrazil
    		28255WESTINTERNETBANDALARGABRfalse
    201.63.244.79
    		unknownBrazil
    		10429TELEFONICABRASILSABRfalse
    220.198.152.187
    		unknownChina
    		17816CHINA169-GZChinaUnicomIPnetworkChina169Guangdongprovifalse
    117.141.51.100
    		unknownChina
    		9808CMNET-GDGuangdongMobileCommunicationCoLtdCNfalse
    31.148.200.113
    		unknownCzech Republic
    		56965GOTHAMADS-ASNLfalse
    62.34.129.222
    		unknownFrance
    		5410BOUYGTEL-ISPFRfalse
    90.135.191.83
    		unknownSweden
    		1257TELE2EUfalse
    12.158.226.122
    		unknownUnited States
    		7018ATT-INTERNET4USfalse
    201.225.63.198
    		unknownPanama
    		11556CableWirelessPanamaPAfalse
    178.103.193.162
    		unknownUnited Kingdom
    		12576EELtdGBfalse
    87.199.107.186
    		unknownPoland
    		41201DOLSATulWojskaPolskiego23CPLfalse
    99.64.162.0
    		unknownUnited States
    		7018ATT-INTERNET4USfalse
    208.70.241.77
    		unknownUnited States
    		13612SYSMEXUSfalse
    218.155.160.227
    		unknownKorea Republic of
    		4766KIXS-AS-KRKoreaTelecomKRfalse
    188.153.199.83
    		unknownItaly
    		30722VODAFONE-IT-ASNITfalse
    134.74.249.33
    		unknownUnited States
    		31822CITY-UNIVERSITY-OF-NEW-YORKUSfalse
    191.219.7.169
    		unknownBrazil
    		8167BrasilTelecomSA-FilialDistritoFederalBRfalse
    76.146.57.241
    		unknownUnited States
    		7922COMCAST-7922USfalse
    92.26.2.105
    		unknownUnited Kingdom
    		13285OPALTELECOM-ASTalkTalkCommunicationsLimitedGBfalse
    57.5.138.213
    		unknownBelgium
    		2686ATGS-MMD-ASUSfalse
    85.205.176.67
    		unknownGermany
    		12663VODAFONE-GROUPITfalse
    27.173.40.87
    		unknownKorea Republic of
    		9644SKTELECOM-NET-ASSKTelecomKRfalse
    193.92.123.61
    		unknownGreece
    		1241FORTHNET-GRForthnetEUfalse
    194.178.167.33
    		unknownNetherlands
    		702UUNETUSfalse
    159.246.182.29
    		unknownUnited States
    		29899GEISINGERUSfalse
    199.1.57.37
    		unknownUnited States
    		1239SPRINTLINKUSfalse
    183.44.54.26
    		unknownChina
    		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
    39.145.157.139
    		unknownChina
    		9808CMNET-GDGuangdongMobileCommunicationCoLtdCNfalse
    40.134.73.86
    		unknownUnited States
    		7029WINDSTREAMUSfalse
    69.42.38.251
    		unknownUnited States
    		18474AENEAS-CWUSfalse
    78.120.46.62
    		unknownFrance
    		8228CEGETEL-ASFRfalse
    134.155.120.140
    		unknownGermany
    		553BELWUEBelWue-KoordinationEUfalse
    158.216.116.51
    		unknownSwitzerland
    		2907SINET-ASResearchOrganizationofInformationandSystemsNfalse
    223.138.247.180
    		unknownTaiwan; Republic of China (ROC)
    		17421EMOME-NETMobileBusinessGroupTWfalse
    120.192.206.133
    		unknownChina
    		9808CMNET-GDGuangdongMobileCommunicationCoLtdCNfalse
    131.143.196.74
    		unknownUnited States
    		1742HARVARD-UNIVUSfalse
    179.105.7.56
    		unknownBrazil
    		28573CLAROSABRfalse
    13.36.254.82
    		unknownUnited States
    		7018ATT-INTERNET4USfalse
    68.80.0.80
    		unknownUnited States
    		7922COMCAST-7922USfalse
    71.174.46.144
    		unknownUnited States
    		701UUNETUSfalse
    191.215.104.101
    		unknownBrazil
    		7738TelemarNorteLesteSABRfalse
    213.37.253.63
    		unknownSpain
    		12357COMUNITELSPAINESfalse
    218.209.89.122
    		unknownKorea Republic of
    		23563VITSSEN-SUWON-AS-KRTbroadSuwonBroadcastingCorporationKfalse
    125.60.167.11
    		unknownPhilippines
    		10139SMARTBRO-PH-APSmartBroadbandIncPHfalse
    190.171.98.115
    		unknownCosta Rica
    		52263TelecableEconomicoSACRfalse
    187.254.178.141
    		unknownMexico
    		16960CablevisionRedSAdeCVMXfalse
    27.73.132.243
    		unknownViet Nam
    		7552VIETEL-AS-APViettelGroupVNfalse
    123.252.200.52
    		unknownIndia
    		17762HTIL-TTML-IN-APTataTeleservicesMaharashtraLtdINfalse
    37.154.194.0
    		unknownTurkey
    		20978TT_MOBILIstanbulTRfalse
    138.87.192.170
    		unknownUnited States
    		7386ILLINOIS-STATE-UNIVUSfalse
    126.71.66.53
    		unknownJapan17676GIGAINFRASoftbankBBCorpJPfalse
    176.124.185.235
    		unknownCzech Republic
    		59664ASOPTONCZfalse
    39.81.218.251
    		unknownChina
    		4837CHINA169-BACKBONECHINAUNICOMChina169BackboneCNfalse
    141.247.220.223
    		unknownUnited States
    		40112OPPD-ASUSfalse
    13.232.173.25
    		unknownUnited States
    		16509AMAZON-02USfalse
    203.9.36.233
    		unknownChina
    		136518WA-GOVERNMENT-AS-APWAGovernmentprojectAUfalse
    181.201.137.240
    		unknownChile
    		7418TELEFONICACHILESACLfalse
    220.140.87.227
    		unknownTaiwan; Republic of China (ROC)
    		3462HINETDataCommunicationBusinessGroupTWfalse
    200.101.106.240
    		unknownBrazil
    		8167BrasilTelecomSA-FilialDistritoFederalBRfalse
    179.209.165.147
    		unknownBrazil
    		28573CLAROSABRfalse
    44.130.57.133
    		unknownUnited States
    		7377UCSDUSfalse
    168.71.201.22
    		unknownUnited States
    		7018ATT-INTERNET4USfalse
    217.143.93.248
    		unknownSweden
    		16253BORDERLIGHT-ASVretgrand18SEfalse
    45.85.242.100
    		unknownUnited Kingdom
    		9009M247GBfalse
    134.172.186.186
    		unknownUnited States
    		18128RIKENRIKENPhysicalandChemicalResearchInstituteJPfalse
    88.9.29.165
    		unknownSpain
    		3352TELEFONICA_DE_ESPANAESfalse
    94.101.198.11
    		unknownBulgaria
    		50810MOBINNET-ASAS47823belongstoArvanCloudCDNthatismobinnfalse
    121.238.137.183
    		unknownChina
    		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
    42.12.217.6
    		unknownKorea Republic of
    		4249LILLY-ASUSfalse
    183.43.220.254
    		unknownChina
    		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
    23.51.50.78
    		unknownUnited States
    		4788TMNET-AS-APTMNetInternetServiceProviderMYfalse
    70.2.128.107
    		unknownUnited States
    		10507SPCSUSfalse
    27.61.234.156
    		unknownIndia
    		45609BHARTI-MOBILITY-AS-APBhartiAirtelLtdASforGPRSServicefalse
    112.189.85.6
    		unknownKorea Republic of
    		4766KIXS-AS-KRKoreaTelecomKRfalse
    47.91.186.107
    		unknownUnited States
    		45102CNNIC-ALIBABA-US-NET-APAlibabaUSTechnologyCoLtdCfalse
    125.76.57.67
    		unknownChina
    		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
    142.228.94.163
    		unknownCanada
    		13576SDNW-13576USfalse
    27.180.138.117
    		unknownKorea Republic of
    		9644SKTELECOM-NET-ASSKTelecomKRfalse
    2.51.225.179
    		unknownUnited Arab Emirates
    		5384EMIRATES-INTERNETEmiratesInternetAEfalse
    25.198.61.139
    		unknownUnited Kingdom
    		7922COMCAST-7922USfalse
    117.222.44.210
    		unknownIndia
    		9829BSNL-NIBNationalInternetBackboneINfalse
    4.241.66.250
    		unknownUnited States
    		3356LEVEL3USfalse
    174.208.50.11
    		unknownUnited States
    		22394CELLCOUSfalse

    Joe Sandbox View / Context

    IPs

    No context

    Domains

    No context

    ASNs

    No context

    JA3 Fingerprints

    No context

    Dropped Files

    No context

    Created / dropped Files

    No created / dropped files found

    Static File Info

    General

    File type:ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, stripped
    Entropy (8bit):6.57007357366659
    TrID:
    • ELF Executable and Linkable format (Linux) (4029/14) 50.16%
    • ELF Executable and Linkable format (generic) (4004/1) 49.84%
    File name:63CYVWIouB
    File size:46384
    MD5:c43b1f7f5d82b0e0af11805d19221314
    SHA1:1da4e06856562c57e45e2b2785060026a238ef6b
    SHA256:f403c4a3db6554515ee5ee692b93baa31a4083ac1832a0ed64f62043c9467b60
    SHA512:68c6916a6da7f756606b48d6eadeee92dd9c36bdfeb06f192c2bd79556dc732283cdcc9b011265b712e66a8b58ccebac1262fde279ecf64315f7317bff96b86a
    SSDEEP:768:WIBprzbRqekEBKcavT3AU6z3525ZY/V68AA0x/fDhX8kUSXnIYB:WyRqeBRFU6tQ3TAKHDh9USX
    TLSH:B5237E81C5C3CDB5EC2319B224BB5BB28776E59D2060FB49D36D9A35ED03702A22B35D
    File Content Preview:.ELF....................d...4...........4. ...(.....................|...|....................0...0..`... *..........Q.td............................U..S.......w....h....c...[]...$.............U......=`3...t..5....$0.....$0......u........t....h|-..........

    Static ELF Info

    ELF header

    Class:ELF32
    Data:2's complement, little endian
    Version:1 (current)
    Machine:Intel 80386
    Version Number:0x1
    Type:EXEC (Executable file)
    OS/ABI:UNIX - System V
    ABI Version:0
    Entry Point Address:0x8048164
    Flags:0x0
    ELF Header Size:52
    Program Header Offset:52
    Program Header Size:32
    Number of Program Headers:3
    Section Header Offset:45984
    Section Header Size:40
    Number of Section Headers:10
    Header String Table Index:9

    Sections

    NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
    NULL0x00x00x00x00x0000
    .initPROGBITS0x80480940x940x1c0x00x6AX001
    .textPROGBITS0x80480b00xb00x8f860x00x6AX0016
    .finiPROGBITS0x80510360x90360x170x00x6AX001
    .rodataPROGBITS0x80510600x90600x1d1c0x00x2A0032
    .ctorsPROGBITS0x80530000xb0000x80x00x3WA004
    .dtorsPROGBITS0x80530080xb0080x80x00x3WA004
    .dataPROGBITS0x80530200xb0200x3400x00x3WA0032
    .bssNOBITS0x80533600xb3600x26c00x00x3WA0032
    .shstrtabSTRTAB0x00xb3600x3e0x00x0001

    Program Segments

    TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
    LOAD0x00x80480000x80480000xad7c0xad7c3.88690x5R E0x1000.init .text .fini .rodata
    LOAD0xb0000x80530000x80530000x3600x2a202.73470x6RW 0x1000.ctors .dtors .data .bss
    GNU_STACK0x00x00x00x00x00.00000x6RW 0x4

    Network Behavior

    Network Port Distribution

    TCP Packets

    TimestampSource PortDest PortSource IPDest IP
    May 14, 2022 14:45:54.726941109 CEST285942323192.168.2.23202.13.58.53
    May 14, 2022 14:45:54.726950884 CEST2859423192.168.2.23200.187.87.121
    May 14, 2022 14:45:54.726999044 CEST2859423192.168.2.2335.186.186.134
    May 14, 2022 14:45:54.727005959 CEST2859423192.168.2.23101.43.167.140
    May 14, 2022 14:45:54.727004051 CEST2859423192.168.2.23164.120.39.89
    May 14, 2022 14:45:54.727005005 CEST2859423192.168.2.23197.78.43.52
    May 14, 2022 14:45:54.727010012 CEST2859423192.168.2.2344.131.77.110
    May 14, 2022 14:45:54.727014065 CEST2859423192.168.2.23222.253.233.235
    May 14, 2022 14:45:54.727019072 CEST2859423192.168.2.2351.112.39.48
    May 14, 2022 14:45:54.727020025 CEST2859423192.168.2.23189.119.166.53
    May 14, 2022 14:45:54.727022886 CEST2859423192.168.2.23182.162.92.13
    May 14, 2022 14:45:54.727030039 CEST2859423192.168.2.2350.212.97.130
    May 14, 2022 14:45:54.727036953 CEST285942323192.168.2.2320.241.57.58
    May 14, 2022 14:45:54.727039099 CEST2859423192.168.2.23117.69.236.59
    May 14, 2022 14:45:54.727044106 CEST2859423192.168.2.23125.18.217.238
    May 14, 2022 14:45:54.727046967 CEST285942323192.168.2.2334.130.108.73
    May 14, 2022 14:45:54.727050066 CEST2859423192.168.2.23129.195.181.218
    May 14, 2022 14:45:54.727058887 CEST2859423192.168.2.23115.177.15.79
    May 14, 2022 14:45:54.727062941 CEST2859423192.168.2.2320.24.17.68
    May 14, 2022 14:45:54.727063894 CEST2859423192.168.2.2390.184.116.122
    May 14, 2022 14:45:54.727073908 CEST2859423192.168.2.2390.222.11.232
    May 14, 2022 14:45:54.727077961 CEST2859423192.168.2.23106.79.86.164
    May 14, 2022 14:45:54.727078915 CEST2859423192.168.2.23145.148.200.104
    May 14, 2022 14:45:54.727082968 CEST2859423192.168.2.23115.184.173.126
    May 14, 2022 14:45:54.727086067 CEST2859423192.168.2.23110.226.218.32
    May 14, 2022 14:45:54.727089882 CEST2859423192.168.2.23162.248.27.110
    May 14, 2022 14:45:54.727092981 CEST2859423192.168.2.234.201.77.176
    May 14, 2022 14:45:54.727096081 CEST285942323192.168.2.23102.190.207.4
    May 14, 2022 14:45:54.727097034 CEST2859423192.168.2.23171.20.107.41
    May 14, 2022 14:45:54.727102041 CEST2859423192.168.2.23217.152.221.251
    May 14, 2022 14:45:54.727103949 CEST2859423192.168.2.2379.1.99.134
    May 14, 2022 14:45:54.727104902 CEST2859423192.168.2.2342.100.70.187
    May 14, 2022 14:45:54.727109909 CEST2859423192.168.2.23185.203.242.23
    May 14, 2022 14:45:54.727113008 CEST2859423192.168.2.234.187.187.4
    May 14, 2022 14:45:54.727118969 CEST2859423192.168.2.2317.135.3.178
    May 14, 2022 14:45:54.727122068 CEST2859423192.168.2.2370.131.156.230
    May 14, 2022 14:45:54.727127075 CEST2859423192.168.2.23101.145.16.160
    May 14, 2022 14:45:54.727130890 CEST2859423192.168.2.23176.2.21.133
    May 14, 2022 14:45:54.727143049 CEST2859423192.168.2.23213.188.223.212
    May 14, 2022 14:45:54.727144957 CEST2859423192.168.2.2383.53.53.132
    May 14, 2022 14:45:54.727149010 CEST2859423192.168.2.2325.181.206.184
    May 14, 2022 14:45:54.727159023 CEST2859423192.168.2.23193.26.227.163
    May 14, 2022 14:45:54.727164984 CEST285942323192.168.2.23116.248.169.90
    May 14, 2022 14:45:54.727168083 CEST2859423192.168.2.23156.158.4.162
    May 14, 2022 14:45:54.727188110 CEST2859423192.168.2.23105.235.165.56
    May 14, 2022 14:45:54.727191925 CEST2859423192.168.2.2327.203.125.62
    May 14, 2022 14:45:54.727197886 CEST2859423192.168.2.23110.235.89.182
    May 14, 2022 14:45:54.727202892 CEST2859423192.168.2.2327.30.50.93
    May 14, 2022 14:45:54.727205038 CEST2859423192.168.2.23172.62.84.214
    May 14, 2022 14:45:54.727206945 CEST285942323192.168.2.2359.24.40.153
    May 14, 2022 14:45:54.727207899 CEST2859423192.168.2.2358.170.40.101
    May 14, 2022 14:45:54.727221966 CEST2859423192.168.2.2318.75.161.179
    May 14, 2022 14:45:54.727226019 CEST2859423192.168.2.23102.121.117.245
    May 14, 2022 14:45:54.727229118 CEST2859423192.168.2.2344.174.19.246
    May 14, 2022 14:45:54.727241039 CEST2859423192.168.2.238.172.170.235
    May 14, 2022 14:45:54.727245092 CEST2859423192.168.2.2394.73.135.43
    May 14, 2022 14:45:54.727252007 CEST2859423192.168.2.23121.110.146.219
    May 14, 2022 14:45:54.727260113 CEST2859423192.168.2.23135.93.74.52
    May 14, 2022 14:45:54.727277994 CEST2859423192.168.2.23123.147.119.157
    May 14, 2022 14:45:54.727282047 CEST285942323192.168.2.2335.92.12.67
    May 14, 2022 14:45:54.727293968 CEST2859423192.168.2.2354.243.148.35
    May 14, 2022 14:45:54.727297068 CEST2859423192.168.2.2375.103.76.65
    May 14, 2022 14:45:54.727308035 CEST2859423192.168.2.2323.131.78.111
    May 14, 2022 14:45:54.727327108 CEST2859423192.168.2.23137.21.16.176
    May 14, 2022 14:45:54.727391958 CEST2859423192.168.2.23165.26.31.15
    May 14, 2022 14:45:54.727396965 CEST2859423192.168.2.23182.193.230.21
    May 14, 2022 14:45:54.727402925 CEST2859423192.168.2.2312.169.106.149
    May 14, 2022 14:45:54.727410078 CEST2859423192.168.2.23162.213.159.173
    May 14, 2022 14:45:54.727425098 CEST2859423192.168.2.23124.183.208.89
    May 14, 2022 14:45:54.727421045 CEST2859423192.168.2.2338.184.5.132
    May 14, 2022 14:45:54.727437019 CEST2859423192.168.2.2381.253.150.40
    May 14, 2022 14:45:54.727437973 CEST285942323192.168.2.2325.67.26.116
    May 14, 2022 14:45:54.727443933 CEST2859423192.168.2.23176.115.128.235
    May 14, 2022 14:45:54.727452040 CEST2859423192.168.2.231.148.71.142
    May 14, 2022 14:45:54.727466106 CEST2859423192.168.2.2393.12.96.12
    May 14, 2022 14:45:54.727473974 CEST2859423192.168.2.23165.42.120.204
    May 14, 2022 14:45:54.727489948 CEST2859423192.168.2.23107.58.92.139
    May 14, 2022 14:45:54.727492094 CEST2859423192.168.2.23201.187.81.174
    May 14, 2022 14:45:54.727499008 CEST2859423192.168.2.2366.198.231.62
    May 14, 2022 14:45:54.727499962 CEST285942323192.168.2.23175.119.150.165
    May 14, 2022 14:45:54.727509022 CEST2859423192.168.2.23179.8.38.235
    May 14, 2022 14:45:54.727554083 CEST2859423192.168.2.2370.100.149.185
    May 14, 2022 14:45:54.727564096 CEST2859423192.168.2.23205.217.170.22
    May 14, 2022 14:45:54.727565050 CEST2859423192.168.2.23201.220.57.120
    May 14, 2022 14:45:54.727572918 CEST2859423192.168.2.23101.27.227.101
    May 14, 2022 14:45:54.727575064 CEST2859423192.168.2.23165.71.101.212
    May 14, 2022 14:45:54.727576971 CEST2859423192.168.2.23208.17.236.43
    May 14, 2022 14:45:54.727579117 CEST2859423192.168.2.23104.234.209.33
    May 14, 2022 14:45:54.727583885 CEST2859423192.168.2.2382.154.47.145
    May 14, 2022 14:45:54.727591038 CEST2859423192.168.2.23112.103.176.12
    May 14, 2022 14:45:54.727598906 CEST2859423192.168.2.23217.214.93.71
    May 14, 2022 14:45:54.727601051 CEST285942323192.168.2.2360.9.42.195
    May 14, 2022 14:45:54.727603912 CEST2859423192.168.2.23202.246.173.87
    May 14, 2022 14:45:54.727610111 CEST2859423192.168.2.23118.241.26.247
    May 14, 2022 14:45:54.727622032 CEST2859423192.168.2.2341.91.173.63
    May 14, 2022 14:45:54.727622986 CEST2859423192.168.2.23158.201.82.108
    May 14, 2022 14:45:54.727665901 CEST2859423192.168.2.23108.17.145.163
    May 14, 2022 14:45:54.727677107 CEST2859423192.168.2.2395.169.204.82
    May 14, 2022 14:45:54.727679968 CEST2859423192.168.2.2390.23.76.39
    May 14, 2022 14:45:54.727695942 CEST2859423192.168.2.23169.107.215.135

    System Behavior

    General

    Start time:14:45:53
    Start date:14/05/2022
    Path:/tmp/63CYVWIouB
    Arguments:/tmp/63CYVWIouB
    File size:46384 bytes
    MD5 hash:c43b1f7f5d82b0e0af11805d19221314

    General

    Start time:14:45:53
    Start date:14/05/2022
    Path:/tmp/63CYVWIouB
    Arguments:n/a
    File size:46384 bytes
    MD5 hash:c43b1f7f5d82b0e0af11805d19221314

    General

    Start time:14:45:53
    Start date:14/05/2022
    Path:/tmp/63CYVWIouB
    Arguments:n/a
    File size:46384 bytes
    MD5 hash:c43b1f7f5d82b0e0af11805d19221314

    General

    Start time:14:45:53
    Start date:14/05/2022
    Path:/tmp/63CYVWIouB
    Arguments:n/a
    File size:46384 bytes
    MD5 hash:c43b1f7f5d82b0e0af11805d19221314

    General

    Start time:14:45:53
    Start date:14/05/2022
    Path:/tmp/63CYVWIouB
    Arguments:n/a
    File size:46384 bytes
    MD5 hash:c43b1f7f5d82b0e0af11805d19221314

    General

    Start time:14:45:53
    Start date:14/05/2022
    Path:/tmp/63CYVWIouB
    Arguments:n/a
    File size:46384 bytes
    MD5 hash:c43b1f7f5d82b0e0af11805d19221314