34.0.0 Boulder Opal
IR
635419
CloudBasic
21:26:32
27/05/2022
shAwKMD85K
defaultlinuxfilecookbook.jbs
Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
LINUX
e0c4f532b0a9fda3ee7d800775deb908
63f144f5b1f316e34510f15d4f93c3fc41d0b73e
aa18cc657da907f749d8bf4aae9867152acc7320f518aa1f9a33bba195e19328
ELF Executable and Linkable format (generic) (4004/1) 100.00%
true
false
false
false
68
0
100
136.254.214.133
28.228.21.175
195.29.138.1
174.70.114.79
53.59.26.92
192.56.173.43
248.201.75.77
194.67.57.227
119.162.54.226
199.163.235.129
23.117.172.126
150.205.154.182
6.212.101.86
54.138.90.26
248.213.170.174
160.226.233.205
86.126.4.50
253.14.220.175
198.242.181.154
195.133.157.153
68.207.70.127
126.214.54.224
104.189.55.132
183.186.246.100
125.171.111.182
51.236.88.62
205.103.66.165
98.81.120.23
175.74.138.216
118.167.170.25
104.150.9.208
136.138.233.92
172.212.107.176
18.30.220.199
79.85.94.147
77.19.124.193
177.159.140.161
81.43.163.136
161.152.221.235
169.246.49.42
144.73.195.181
221.20.125.203
177.44.205.251
3.164.141.135
150.135.225.41
159.178.244.61
164.137.126.173
184.226.57.208
40.57.240.237
137.55.229.174
89.126.163.87
75.35.144.106
210.27.170.113
3.221.46.249
197.191.38.224
164.184.8.109
15.246.89.191
219.205.35.16
218.148.64.29
166.130.159.187
49.239.222.105
60.186.225.144
201.43.5.197
86.93.169.12
180.68.95.71
105.143.188.13
108.194.245.34
29.103.97.167
150.97.135.253
92.63.171.7
180.131.171.17
59.213.224.239
118.82.150.187
165.239.233.2
201.19.125.109
196.233.130.47
66.67.247.157
100.154.190.21
190.239.136.114
91.0.219.10
144.192.204.109
188.2.186.193
253.81.9.10
50.49.184.122
167.248.94.90
41.125.243.153
4.69.47.250
39.6.249.2
188.131.137.206
141.192.80.40
120.135.246.182
150.84.99.173
84.218.165.36
37.12.240.43
158.16.70.229
196.154.22.45
202.235.239.206
211.91.48.181
28.216.162.76
143.153.23.32
Uses known network protocols on non-standard ports
Yara detected Mirai
Sample tries to kill multiple processes (SIGKILL)
Multi AV Scanner detection for submitted file
Connects to many ports of the same IP (likely port scanning)