Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_fa3ad9d0 Author: unknown |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_93fc3657 Author: unknown |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_804f8e7c Author: unknown |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_99d78950 Author: unknown |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_a68e498c Author: unknown |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_ae9d0fa6 Author: unknown |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_fa3ad9d0 Author: unknown |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_93fc3657 Author: unknown |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_804f8e7c Author: unknown |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_99d78950 Author: unknown |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_a68e498c Author: unknown |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_ae9d0fa6 Author: unknown |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_fa3ad9d0 Author: unknown |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_93fc3657 Author: unknown |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_804f8e7c Author: unknown |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_99d78950 Author: unknown |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_a68e498c Author: unknown |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_88de437f Author: unknown |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_ae9d0fa6 Author: unknown |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_cc93863b Author: unknown |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious single byte XORed keyword \'Mozilla/5.0\' - it uses yara\'s XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key., score = , reference = https://gchq.github.io/CyberChef/#recipe=XOR_Brute_Force(), modified = 2022-05-13 |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_fa3ad9d0 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = fe93a3552b72b107f95cc5a7e59da64fe84d31df833bf36c81d8f31d8d79d7ca, id = fa3ad9d0-7c55-4621-90fc-6b154c44a67b, last_modified = 2021-09-16 |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16 |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_93fc3657 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = d01a9e85a01fad913ca048b60bda1e5a2762f534e5308132c1d3098ac3f561ee, id = 93fc3657-fd21-4e93-a728-c084fc0a6a4a, last_modified = 2021-09-16 |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_804f8e7c reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 1080d8502848d532a0b38861437485d98a41d945acaf3cb676a7a2a2f6793ac6, id = 804f8e7c-4786-42bc-92e4-c68c24ca530e, last_modified = 2021-09-16 |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_99d78950 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3008edc4e7a099b64139a77d15ec0e2c3c1b55fc23ab156304571c4d14bc654c, id = 99d78950-ea23-4166-a85a-7a029209f5b1, last_modified = 2021-09-16 |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_a68e498c reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 951c9dfcba531e5112c872395f6c144c4bc8b71c666d2c7d9d8574a23c163883, id = a68e498c-0768-4321-ab65-42dd6ef85323, last_modified = 2021-09-16 |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16 |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_ae9d0fa6 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = ca2bf2771844bec95563800d19a35dd230413f8eff0bd44c8ab0b4c596f81bfc, id = ae9d0fa6-be06-4656-9b13-8edfc0ee9e71, last_modified = 2021-09-16 |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26 |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26 |
Source: tknjinyyHK, type: SAMPLE |
Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26 |
Source: 6235.1.000000000905c000.000000000905d000.rw-.sdmp, type: MEMORY |
Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious single byte XORed keyword \'Mozilla/5.0\' - it uses yara\'s XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key., score = , reference = https://gchq.github.io/CyberChef/#recipe=XOR_Brute_Force(), modified = 2022-05-13 |
Source: 6237.1.000000000905c000.000000000905d000.rw-.sdmp, type: MEMORY |
Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious single byte XORed keyword \'Mozilla/5.0\' - it uses yara\'s XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key., score = , reference = https://gchq.github.io/CyberChef/#recipe=XOR_Brute_Force(), modified = 2022-05-13 |
Source: 6235.1.0000000008062000.0000000008063000.rw-.sdmp, type: MEMORY |
Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious single byte XORed keyword \'Mozilla/5.0\' - it uses yara\'s XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key., score = , reference = https://gchq.github.io/CyberChef/#recipe=XOR_Brute_Force(), modified = 2022-05-13 |
Source: 6237.1.0000000008062000.0000000008063000.rw-.sdmp, type: MEMORY |
Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious single byte XORed keyword \'Mozilla/5.0\' - it uses yara\'s XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key., score = , reference = https://gchq.github.io/CyberChef/#recipe=XOR_Brute_Force(), modified = 2022-05-13 |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious single byte XORed keyword \'Mozilla/5.0\' - it uses yara\'s XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key., score = , reference = https://gchq.github.io/CyberChef/#recipe=XOR_Brute_Force(), modified = 2022-05-13 |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_fa3ad9d0 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = fe93a3552b72b107f95cc5a7e59da64fe84d31df833bf36c81d8f31d8d79d7ca, id = fa3ad9d0-7c55-4621-90fc-6b154c44a67b, last_modified = 2021-09-16 |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16 |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_93fc3657 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = d01a9e85a01fad913ca048b60bda1e5a2762f534e5308132c1d3098ac3f561ee, id = 93fc3657-fd21-4e93-a728-c084fc0a6a4a, last_modified = 2021-09-16 |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_804f8e7c reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 1080d8502848d532a0b38861437485d98a41d945acaf3cb676a7a2a2f6793ac6, id = 804f8e7c-4786-42bc-92e4-c68c24ca530e, last_modified = 2021-09-16 |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_99d78950 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3008edc4e7a099b64139a77d15ec0e2c3c1b55fc23ab156304571c4d14bc654c, id = 99d78950-ea23-4166-a85a-7a029209f5b1, last_modified = 2021-09-16 |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_a68e498c reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 951c9dfcba531e5112c872395f6c144c4bc8b71c666d2c7d9d8574a23c163883, id = a68e498c-0768-4321-ab65-42dd6ef85323, last_modified = 2021-09-16 |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16 |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_ae9d0fa6 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = ca2bf2771844bec95563800d19a35dd230413f8eff0bd44c8ab0b4c596f81bfc, id = ae9d0fa6-be06-4656-9b13-8edfc0ee9e71, last_modified = 2021-09-16 |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26 |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26 |
Source: 6235.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26 |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious single byte XORed keyword \'Mozilla/5.0\' - it uses yara\'s XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key., score = , reference = https://gchq.github.io/CyberChef/#recipe=XOR_Brute_Force(), modified = 2022-05-13 |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_fa3ad9d0 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = fe93a3552b72b107f95cc5a7e59da64fe84d31df833bf36c81d8f31d8d79d7ca, id = fa3ad9d0-7c55-4621-90fc-6b154c44a67b, last_modified = 2021-09-16 |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16 |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_93fc3657 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = d01a9e85a01fad913ca048b60bda1e5a2762f534e5308132c1d3098ac3f561ee, id = 93fc3657-fd21-4e93-a728-c084fc0a6a4a, last_modified = 2021-09-16 |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_804f8e7c reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 1080d8502848d532a0b38861437485d98a41d945acaf3cb676a7a2a2f6793ac6, id = 804f8e7c-4786-42bc-92e4-c68c24ca530e, last_modified = 2021-09-16 |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_99d78950 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3008edc4e7a099b64139a77d15ec0e2c3c1b55fc23ab156304571c4d14bc654c, id = 99d78950-ea23-4166-a85a-7a029209f5b1, last_modified = 2021-09-16 |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_a68e498c reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 951c9dfcba531e5112c872395f6c144c4bc8b71c666d2c7d9d8574a23c163883, id = a68e498c-0768-4321-ab65-42dd6ef85323, last_modified = 2021-09-16 |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16 |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_ae9d0fa6 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = ca2bf2771844bec95563800d19a35dd230413f8eff0bd44c8ab0b4c596f81bfc, id = ae9d0fa6-be06-4656-9b13-8edfc0ee9e71, last_modified = 2021-09-16 |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26 |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26 |
Source: 6237.1.0000000008048000.0000000008062000.r-x.sdmp, type: MEMORY |
Matched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26 |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/6236/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1582/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2033/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2275/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/3088/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/6195/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/6194/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1612/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1579/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1699/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1335/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1698/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2028/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1334/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1576/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2302/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/3236/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2025/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2146/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/910/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/6227/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/912/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/517/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/759/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2307/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/918/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1594/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2285/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2281/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1349/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1623/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/761/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1622/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/884/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1983/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2038/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1344/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1465/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1586/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1463/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2156/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/800/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/801/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1629/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1627/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1900/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/3021/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/491/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2294/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2050/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1877/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/772/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1633/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1599/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1632/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/774/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1477/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/654/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/896/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1476/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1872/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2048/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/655/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1475/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2289/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/777/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/656/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/657/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/4466/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/658/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/4467/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/4468/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/4469/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/4502/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/419/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/936/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1639/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1638/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2208/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2180/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1809/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1494/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1890/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2063/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2062/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1888/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1886/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/420/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1489/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/785/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1642/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/788/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/667/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/789/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/1648/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/4491/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/4498/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/6158/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2078/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2077/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2074/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2195/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/670/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/2746/exe |
Jump to behavior |
Source: /tmp/tknjinyyHK (PID: 6236) |
File opened: /proc/793/exe |
Jump to behavior |