Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
GUBLtzXxUa.elf

Overview

General Information

Sample Name:GUBLtzXxUa.elf
Analysis ID:772534
MD5:1faa1af6c27ace22e101646179cc4b33
SHA1:d4ebd2f5c1aa6001ec5f2e948fbe1542ee541d15
SHA256:d5427ba0012a40b30fb3a584a2fae261e8f08d935f02b04470424f11527a4194
Tags:32elfintelmirai
Infos:

Detection

Mirai
Score:68
Range:0 - 100
Whitelisted:false

Signatures

Malicious sample detected (through community Yara rule)
Yara detected Mirai
Multi AV Scanner detection for submitted file
Machine Learning detection for sample
Yara signature match
Sample has stripped symbol table
Enumerates processes within the "proc" file system
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Detected TCP or UDP traffic on non-standard ports
Sample tries to kill a process (SIGKILL)

Classification

Analysis Advice

All HTTP servers contacted by the sample do not answer. The sample is likely an old dropper which does no longer work.

General Information

Joe Sandbox Version:36.0.0 Rainbow Opal
Analysis ID:772534
Start date and time:2022-12-23 05:50:03 +01:00
Joe Sandbox Product:CloudBasic
Overall analysis duration:0h 4m 18s
Hypervisor based Inspection enabled:false
Report type:full
Sample file name:GUBLtzXxUa.elf
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Detection:MAL
Classification:mal68.troj.linELF@0/0@0/0

Runtime Messages

Command:/tmp/GUBLtzXxUa.elf
PID:6226
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:

Standard Error:

Process Tree

  • system is lnxubuntu20
  • cleanup

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
GUBLtzXxUa.elfJoeSecurity_Mirai_8Yara detected MiraiJoe Security
    GUBLtzXxUa.elfLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
    • 0xe7f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe804:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe818:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe82c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe840:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe854:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe868:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe87c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe890:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe8a4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe8b8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe8cc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe8e0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe8f4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe908:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe91c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe930:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe944:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe958:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe96c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xe980:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    GUBLtzXxUa.elfLinux_Trojan_Mirai_fa3ad9d0unknownunknown
    • 0xdf8:$a: CB 08 C1 CB 10 66 C1 CB 08 31 C9 8A 4F 14 D3 E8 01 D8 66 C1
    GUBLtzXxUa.elfLinux_Trojan_Mirai_b14f4c5dunknownunknown
    • 0x6210:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
    GUBLtzXxUa.elfLinux_Trojan_Mirai_93fc3657unknownunknown
    • 0xe82:$a: 00 00 00 89 44 24 60 89 D1 31 C0 8B 7C 24 28 FC F3 AB 89 D1 8B 7C
    Click to see the 7 entries

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    6226.1.0000000008048000.0000000008059000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
      6226.1.0000000008048000.0000000008059000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
      • 0xe7f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe804:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe818:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe82c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe840:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe854:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe868:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe87c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe890:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe8a4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe8b8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe8cc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe8e0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe8f4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe908:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe91c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe930:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe944:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe958:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe96c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xe980:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      6226.1.0000000008048000.0000000008059000.r-x.sdmpLinux_Trojan_Mirai_fa3ad9d0unknownunknown
      • 0xdf8:$a: CB 08 C1 CB 10 66 C1 CB 08 31 C9 8A 4F 14 D3 E8 01 D8 66 C1
      6226.1.0000000008048000.0000000008059000.r-x.sdmpLinux_Trojan_Mirai_b14f4c5dunknownunknown
      • 0x6210:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
      6226.1.0000000008048000.0000000008059000.r-x.sdmpLinux_Trojan_Mirai_93fc3657unknownunknown
      • 0xe82:$a: 00 00 00 89 44 24 60 89 D1 31 C0 8B 7C 24 28 FC F3 AB 89 D1 8B 7C
      Click to see the 34 entries

      Snort Signatures

      No Snort rule has matched

      Joe Sandbox Signatures

      Click to jump to signature section

      Show All Signature Results

      AV Detection

      barindex
      Multi AV Scanner detection for submitted file
      Source: GUBLtzXxUa.elfVirustotal: Detection: 53%Perma Link
      Machine Learning detection for sample
      Source: GUBLtzXxUa.elfJoe Sandbox ML: detected
      Source: global trafficTCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
      Source: global trafficTCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80
      Source: global trafficTCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 20.17.108.150:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 4.17.189.42:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 5.114.209.52:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 9.60.253.218:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 18.193.121.171:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 22.249.178.243:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 17.18.104.119:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 13.3.192.250:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 17.171.73.222:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 1.74.55.116:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 22.172.176.27:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 12.251.141.176:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 1.156.8.211:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 5.237.94.6:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 1.40.25.96:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 1.11.252.7:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 23.191.221.193:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 19.90.182.251:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 4.33.0.134:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 19.249.49.29:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 4.153.40.37:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 14.120.14.191:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 17.133.188.62:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 14.196.222.48:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 12.85.62.132:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 13.221.232.88:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 8.131.210.25:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 5.127.240.195:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 22.156.3.188:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 18.121.164.247:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 13.230.70.60:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 13.181.222.149:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 20.246.58.99:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 22.104.121.53:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 13.122.223.60:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 19.214.252.195:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 18.81.44.26:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 8.57.243.243:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 20.154.44.15:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 23.153.248.99:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 14.166.26.253:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 14.26.67.179:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 20.180.251.78:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 23.208.249.252:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 5.185.161.43:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 14.198.223.30:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 20.144.60.157:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 23.122.70.183:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 23.44.164.88:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 5.10.39.76:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 17.241.85.251:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 12.246.208.101:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 9.51.97.219:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 14.35.183.38:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 18.104.234.176:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 14.2.103.251:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 23.127.131.4:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 9.236.106.76:2323
      Source: global trafficTCP traffic: 192.168.2.23:11577 -> 1.60.193.19:2323
      Source: global trafficTCP traffic: 192.168.2.23:38540 -> 159.253.120.185:420
      Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
      Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443
      Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
      Source: unknownTCP traffic detected without corresponding DNS query: 9.228.67.3
      Source: unknownTCP traffic detected without corresponding DNS query: 1.197.107.73
      Source: unknownTCP traffic detected without corresponding DNS query: 23.255.193.130
      Source: unknownTCP traffic detected without corresponding DNS query: 4.45.40.79
      Source: unknownTCP traffic detected without corresponding DNS query: 18.38.8.135
      Source: unknownTCP traffic detected without corresponding DNS query: 23.72.15.68
      Source: unknownTCP traffic detected without corresponding DNS query: 5.102.211.61
      Source: unknownTCP traffic detected without corresponding DNS query: 18.196.180.134
      Source: unknownTCP traffic detected without corresponding DNS query: 20.17.108.150
      Source: unknownTCP traffic detected without corresponding DNS query: 4.17.189.42
      Source: unknownTCP traffic detected without corresponding DNS query: 18.6.170.128
      Source: unknownTCP traffic detected without corresponding DNS query: 8.55.30.188
      Source: unknownTCP traffic detected without corresponding DNS query: 17.223.32.47
      Source: unknownTCP traffic detected without corresponding DNS query: 8.207.65.136
      Source: unknownTCP traffic detected without corresponding DNS query: 19.67.33.164
      Source: unknownTCP traffic detected without corresponding DNS query: 18.7.134.231
      Source: unknownTCP traffic detected without corresponding DNS query: 4.248.120.121
      Source: unknownTCP traffic detected without corresponding DNS query: 19.237.148.131
      Source: unknownTCP traffic detected without corresponding DNS query: 5.114.209.52
      Source: unknownTCP traffic detected without corresponding DNS query: 5.123.233.87
      Source: unknownTCP traffic detected without corresponding DNS query: 14.224.134.35
      Source: unknownTCP traffic detected without corresponding DNS query: 13.101.187.63
      Source: unknownTCP traffic detected without corresponding DNS query: 19.111.189.37
      Source: unknownTCP traffic detected without corresponding DNS query: 13.253.223.15
      Source: unknownTCP traffic detected without corresponding DNS query: 23.68.57.212
      Source: unknownTCP traffic detected without corresponding DNS query: 18.151.32.77
      Source: unknownTCP traffic detected without corresponding DNS query: 20.249.174.83
      Source: unknownTCP traffic detected without corresponding DNS query: 12.62.125.81
      Source: unknownTCP traffic detected without corresponding DNS query: 9.60.253.218
      Source: unknownTCP traffic detected without corresponding DNS query: 23.50.169.247
      Source: unknownTCP traffic detected without corresponding DNS query: 20.49.24.176
      Source: unknownTCP traffic detected without corresponding DNS query: 4.157.216.3
      Source: unknownTCP traffic detected without corresponding DNS query: 18.14.220.88
      Source: unknownTCP traffic detected without corresponding DNS query: 23.192.233.100
      Source: unknownTCP traffic detected without corresponding DNS query: 18.193.121.171
      Source: unknownTCP traffic detected without corresponding DNS query: 1.94.25.87
      Source: unknownTCP traffic detected without corresponding DNS query: 12.74.171.210
      Source: unknownTCP traffic detected without corresponding DNS query: 20.88.100.2
      Source: unknownTCP traffic detected without corresponding DNS query: 14.181.214.30
      Source: unknownTCP traffic detected without corresponding DNS query: 23.174.44.99
      Source: unknownTCP traffic detected without corresponding DNS query: 5.69.222.59
      Source: unknownTCP traffic detected without corresponding DNS query: 13.13.222.73
      Source: unknownTCP traffic detected without corresponding DNS query: 12.249.39.183
      Source: unknownTCP traffic detected without corresponding DNS query: 8.197.72.156
      Source: unknownTCP traffic detected without corresponding DNS query: 12.29.146.170
      Source: unknownTCP traffic detected without corresponding DNS query: 4.3.247.182
      Source: unknownTCP traffic detected without corresponding DNS query: 8.193.37.74
      Source: unknownTCP traffic detected without corresponding DNS query: 19.201.226.115
      Source: unknownTCP traffic detected without corresponding DNS query: 5.135.21.66

      System Summary

      barindex
      Malicious sample detected (through community Yara rule)
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_fa3ad9d0 Author: unknown
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_93fc3657 Author: unknown
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_99d78950 Author: unknown
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_a68e498c Author: unknown
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_88de437f Author: unknown
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_ae9d0fa6 Author: unknown
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_fa3ad9d0 Author: unknown
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_93fc3657 Author: unknown
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_99d78950 Author: unknown
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_a68e498c Author: unknown
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_88de437f Author: unknown
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_ae9d0fa6 Author: unknown
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_fa3ad9d0 Author: unknown
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_93fc3657 Author: unknown
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_99d78950 Author: unknown
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_a68e498c Author: unknown
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_88de437f Author: unknown
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_ae9d0fa6 Author: unknown
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_fa3ad9d0 Author: unknown
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_93fc3657 Author: unknown
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_99d78950 Author: unknown
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_a68e498c Author: unknown
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_88de437f Author: unknown
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_ae9d0fa6 Author: unknown
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_389ee3e9 Author: unknown
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
      Source: Process Memory Space: GUBLtzXxUa.elf PID: 6226, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
      Source: Process Memory Space: GUBLtzXxUa.elf PID: 6228, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
      Source: Process Memory Space: GUBLtzXxUa.elf PID: 6229, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_fa3ad9d0 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = fe93a3552b72b107f95cc5a7e59da64fe84d31df833bf36c81d8f31d8d79d7ca, id = fa3ad9d0-7c55-4621-90fc-6b154c44a67b, last_modified = 2021-09-16
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_93fc3657 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = d01a9e85a01fad913ca048b60bda1e5a2762f534e5308132c1d3098ac3f561ee, id = 93fc3657-fd21-4e93-a728-c084fc0a6a4a, last_modified = 2021-09-16
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_99d78950 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3008edc4e7a099b64139a77d15ec0e2c3c1b55fc23ab156304571c4d14bc654c, id = 99d78950-ea23-4166-a85a-7a029209f5b1, last_modified = 2021-09-16
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_a68e498c reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 951c9dfcba531e5112c872395f6c144c4bc8b71c666d2c7d9d8574a23c163883, id = a68e498c-0768-4321-ab65-42dd6ef85323, last_modified = 2021-09-16
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_ae9d0fa6 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = ca2bf2771844bec95563800d19a35dd230413f8eff0bd44c8ab0b4c596f81bfc, id = ae9d0fa6-be06-4656-9b13-8edfc0ee9e71, last_modified = 2021-09-16
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
      Source: GUBLtzXxUa.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_fa3ad9d0 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = fe93a3552b72b107f95cc5a7e59da64fe84d31df833bf36c81d8f31d8d79d7ca, id = fa3ad9d0-7c55-4621-90fc-6b154c44a67b, last_modified = 2021-09-16
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_93fc3657 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = d01a9e85a01fad913ca048b60bda1e5a2762f534e5308132c1d3098ac3f561ee, id = 93fc3657-fd21-4e93-a728-c084fc0a6a4a, last_modified = 2021-09-16
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_99d78950 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3008edc4e7a099b64139a77d15ec0e2c3c1b55fc23ab156304571c4d14bc654c, id = 99d78950-ea23-4166-a85a-7a029209f5b1, last_modified = 2021-09-16
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_a68e498c reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 951c9dfcba531e5112c872395f6c144c4bc8b71c666d2c7d9d8574a23c163883, id = a68e498c-0768-4321-ab65-42dd6ef85323, last_modified = 2021-09-16
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_ae9d0fa6 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = ca2bf2771844bec95563800d19a35dd230413f8eff0bd44c8ab0b4c596f81bfc, id = ae9d0fa6-be06-4656-9b13-8edfc0ee9e71, last_modified = 2021-09-16
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
      Source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_fa3ad9d0 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = fe93a3552b72b107f95cc5a7e59da64fe84d31df833bf36c81d8f31d8d79d7ca, id = fa3ad9d0-7c55-4621-90fc-6b154c44a67b, last_modified = 2021-09-16
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_93fc3657 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = d01a9e85a01fad913ca048b60bda1e5a2762f534e5308132c1d3098ac3f561ee, id = 93fc3657-fd21-4e93-a728-c084fc0a6a4a, last_modified = 2021-09-16
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_99d78950 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3008edc4e7a099b64139a77d15ec0e2c3c1b55fc23ab156304571c4d14bc654c, id = 99d78950-ea23-4166-a85a-7a029209f5b1, last_modified = 2021-09-16
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_a68e498c reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 951c9dfcba531e5112c872395f6c144c4bc8b71c666d2c7d9d8574a23c163883, id = a68e498c-0768-4321-ab65-42dd6ef85323, last_modified = 2021-09-16
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_ae9d0fa6 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = ca2bf2771844bec95563800d19a35dd230413f8eff0bd44c8ab0b4c596f81bfc, id = ae9d0fa6-be06-4656-9b13-8edfc0ee9e71, last_modified = 2021-09-16
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
      Source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_fa3ad9d0 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = fe93a3552b72b107f95cc5a7e59da64fe84d31df833bf36c81d8f31d8d79d7ca, id = fa3ad9d0-7c55-4621-90fc-6b154c44a67b, last_modified = 2021-09-16
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_93fc3657 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = d01a9e85a01fad913ca048b60bda1e5a2762f534e5308132c1d3098ac3f561ee, id = 93fc3657-fd21-4e93-a728-c084fc0a6a4a, last_modified = 2021-09-16
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_99d78950 reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3008edc4e7a099b64139a77d15ec0e2c3c1b55fc23ab156304571c4d14bc654c, id = 99d78950-ea23-4166-a85a-7a029209f5b1, last_modified = 2021-09-16
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_a68e498c reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 951c9dfcba531e5112c872395f6c144c4bc8b71c666d2c7d9d8574a23c163883, id = a68e498c-0768-4321-ab65-42dd6ef85323, last_modified = 2021-09-16
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_ae9d0fa6 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = ca2bf2771844bec95563800d19a35dd230413f8eff0bd44c8ab0b4c596f81bfc, id = ae9d0fa6-be06-4656-9b13-8edfc0ee9e71, last_modified = 2021-09-16
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_389ee3e9 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 59f2359dc1f41d385d639d157b4cd9fc73d76d8abb7cc09d47632bb4c9a39e6e, id = 389ee3e9-70c1-4c93-a999-292cf6ff1652, last_modified = 2022-01-26
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
      Source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
      Source: Process Memory Space: GUBLtzXxUa.elf PID: 6226, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
      Source: Process Memory Space: GUBLtzXxUa.elf PID: 6228, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
      Source: Process Memory Space: GUBLtzXxUa.elf PID: 6229, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
      Source: ELF static info symbol of initial sample.symtab present: no
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)SIGKILL sent: pid: 6229, result: successfulJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)SIGKILL sent: pid: 6191, result: successfulJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)SIGKILL sent: pid: 6291, result: successfulJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)SIGKILL sent: pid: 6295, result: successfulJump to behavior
      Source: classification engineClassification label: mal68.troj.linELF@0/0@0/0
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/6231/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/6231/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1582/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1582/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/3088/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/3088/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/230/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/230/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/231/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/231/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/110/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/110/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1579/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1579/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/232/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/232/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/111/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/111/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1699/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1699/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/233/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/233/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/112/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/112/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1698/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1698/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1335/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1335/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/234/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/234/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/113/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/113/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/2302/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/2302/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1576/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1576/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1334/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1334/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/235/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/235/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/114/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/114/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/236/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/236/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/115/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/115/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/237/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/237/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/116/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/116/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/117/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/117/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/910/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/910/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/118/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/118/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/119/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/119/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/6229/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/6229/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/912/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/912/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/2307/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/2307/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/10/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/10/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/918/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/918/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/11/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/11/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/12/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/12/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/13/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/13/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/14/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/14/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/15/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/15/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/16/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/16/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/17/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/17/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/18/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/18/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1594/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1594/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/120/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/120/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1349/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1349/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/121/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/121/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/243/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/243/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/122/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/122/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/1/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/123/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/123/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/2/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/2/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/124/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/124/cmdlineJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/3/statusJump to behavior
      Source: /tmp/GUBLtzXxUa.elf (PID: 6230)File opened: /proc/3/cmdlineJump to behavior

      Stealing of Sensitive Information

      barindex
      Yara detected Mirai
      Source: Yara matchFile source: GUBLtzXxUa.elf, type: SAMPLE
      Source: Yara matchFile source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY
      Source: Yara matchFile source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY
      Source: Yara matchFile source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY

      Remote Access Functionality

      barindex
      Yara detected Mirai
      Source: Yara matchFile source: GUBLtzXxUa.elf, type: SAMPLE
      Source: Yara matchFile source: 6226.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY
      Source: Yara matchFile source: 6228.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY
      Source: Yara matchFile source: 6229.1.0000000008048000.0000000008059000.r-x.sdmp, type: MEMORY

      Mitre Att&ck Matrix

      Initial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionExfiltrationCommand and ControlNetwork EffectsRemote Service EffectsImpact
      Valid AccountsWindows Management InstrumentationPath InterceptionPath InterceptionDirect Volume Access1
      OS Credential Dumping      		System Service DiscoveryRemote ServicesData from Local SystemExfiltration Over Other Network Medium1
      Encrypted Channel      		Eavesdrop on Insecure Network CommunicationRemotely Track Device Without AuthorizationModify System Partition
      Default AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable MediaExfiltration Over Bluetooth1
      Non-Standard Port      		Exploit SS7 to Redirect Phone Calls/SMSRemotely Wipe Data Without AuthorizationDevice Lockout
      Domain AccountsAt (Linux)Logon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared DriveAutomated Exfiltration1
      Application Layer Protocol      		Exploit SS7 to Track Device LocationObtain Device Cloud BackupsDelete Device Data

      Malware Configuration

      No configs have been found

      Behavior Graph

      Hide Legend

      Legend:

      • Process
      • Signature
      • Created File
      • DNS/IP Info
      • Is Dropped
      • Number of created Files
      • Is malicious
      • Internet
      behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 772534 Sample: GUBLtzXxUa.elf Startdate: 23/12/2022 Architecture: LINUX Score: 68 18 13.28.65.135, 23 XEROX-WVUS United States 2->18 20 13.13.222.73, 23 XEROX-WBUS United States 2->20 22 98 other IPs or domains 2->22 24 Malicious sample detected (through community Yara rule) 2->24 26 Multi AV Scanner detection for submitted file 2->26 28 Yara detected Mirai 2->28 30 Machine Learning detection for sample 2->30 8 GUBLtzXxUa.elf 2->8         started        signatures3 process4 process5 10 GUBLtzXxUa.elf 8->10         started        process6 12 GUBLtzXxUa.elf 10->12         started        14 GUBLtzXxUa.elf 10->14         started        16 GUBLtzXxUa.elf 10->16         started       

      Antivirus, Machine Learning and Genetic Malware Detection

      Initial Sample

      SourceDetectionScannerLabelLink
      GUBLtzXxUa.elf53%VirustotalBrowse
      GUBLtzXxUa.elf100%Joe Sandbox ML

      Dropped Files

      No Antivirus matches

      Domains

      No Antivirus matches

      URLs

      No Antivirus matches

      Domains and IPs

      Contacted Domains

      No contacted domains info

      World Map of Contacted IPs

      • No. of IPs < 25%
      • 25% < No. of IPs < 50%
      • 50% < No. of IPs < 75%
      • 75% < No. of IPs

      Public IPs

      IPDomainCountryFlagASNASN NameMalicious
      19.39.144.80
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      8.99.213.220
      		unknownUnited States
      		3356LEVEL3USfalse
      19.87.243.120
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      9.45.47.120
      		unknownUnited States
      		3356LEVEL3USfalse
      5.118.197.30
      		unknownIran (ISLAMIC Republic Of)
      		44244IRANCELL-ASIRfalse
      23.106.180.211
      		unknownUnited States
      		395954LEASEWEB-USA-LAX-11USfalse
      1.189.180.162
      		unknownChina
      		4837CHINA169-BACKBONECHINAUNICOMChina169BackboneCNfalse
      18.53.221.32
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      17.201.183.193
      		unknownUnited States
      		714APPLE-ENGINEERINGUSfalse
      5.49.49.177
      		unknownFrance
      		5410BOUYGTEL-ISPFRfalse
      4.128.25.59
      		unknownUnited States
      		3356LEVEL3USfalse
      4.153.40.37
      		unknownUnited States
      		3356LEVEL3USfalse
      19.178.108.231
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      4.253.93.162
      		unknownUnited States
      		3356LEVEL3USfalse
      22.208.195.141
      		unknownUnited States
      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
      18.182.21.45
      		unknownUnited States
      		16509AMAZON-02USfalse
      13.41.35.92
      		unknownUnited States
      		7018ATT-INTERNET4USfalse
      17.142.74.23
      		unknownUnited States
      		714APPLE-ENGINEERINGUSfalse
      1.62.138.146
      		unknownChina
      		4837CHINA169-BACKBONECHINAUNICOMChina169BackboneCNfalse
      19.228.54.100
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      17.53.169.24
      		unknownUnited States
      		714APPLE-ENGINEERINGUSfalse
      23.20.166.147
      		unknownUnited States
      		14618AMAZON-AESUSfalse
      159.253.120.185
      		unknownRussian Federation
      		42955TKDIALOG-ASRUfalse
      23.198.178.43
      		unknownUnited States
      		12956TELEFONICATELXIUSESfalse
      23.72.15.68
      		unknownUnited States
      		16625AKAMAI-ASUSfalse
      19.106.225.58
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      22.149.163.212
      		unknownUnited States
      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
      8.168.131.50
      		unknownSingapore
      		37963CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtdfalse
      23.241.1.176
      		unknownUnited States
      		20001TWC-20001-PACWESTUSfalse
      19.237.148.131
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      17.247.183.194
      		unknownUnited States
      		714APPLE-ENGINEERINGUSfalse
      1.74.55.116
      		unknownJapan9605DOCOMONTTDOCOMOINCJPfalse
      23.178.101.54
      		unknownReserved
      		397347NORTH-AS1USfalse
      8.170.227.187
      		unknownSingapore
      		37963CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtdfalse
      14.138.134.236
      		unknownKorea Republic of
      		9943KNCTV-ASKangNamCableTVKRfalse
      8.31.249.33
      		unknownUnited States
      		31849PINNACLEUSfalse
      8.131.210.25
      		unknownSingapore
      		37963CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtdfalse
      22.61.108.13
      		unknownUnited States
      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
      5.117.174.180
      		unknownIran (ISLAMIC Republic Of)
      		44244IRANCELL-ASIRfalse
      22.71.104.7
      		unknownUnited States
      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
      12.183.204.142
      		unknownUnited States
      		7018ATT-INTERNET4USfalse
      1.197.107.73
      		unknownChina
      		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
      12.152.199.230
      		unknownUnited States
      		16618FUC-AS-16618USfalse
      8.252.85.49
      		unknownUnited States
      		3356LEVEL3USfalse
      13.217.51.210
      		unknownUnited States
      		16509AMAZON-02USfalse
      23.22.231.7
      		unknownUnited States
      		14618AMAZON-AESUSfalse
      13.0.80.82
      		unknownUnited States
      		7018ATT-INTERNET4USfalse
      12.37.107.246
      		unknownUnited States
      		12152AS12152USfalse
      9.53.120.241
      		unknownUnited States
      		3356LEVEL3USfalse
      13.28.65.135
      		unknownUnited States
      		26662XEROX-WVUSfalse
      9.96.160.143
      		unknownUnited States
      		3356LEVEL3USfalse
      5.160.202.186
      		unknownIran (ISLAMIC Republic Of)
      		59838NAK-ASIRfalse
      9.183.149.8
      		unknownUnited States
      		3356LEVEL3USfalse
      9.217.167.47
      		unknownUnited States
      		3356LEVEL3USfalse
      8.242.74.212
      		unknownUnited States
      		3356LEVEL3USfalse
      4.45.40.79
      		unknownUnited States
      		3356LEVEL3USfalse
      20.154.44.15
      		unknownUnited States
      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
      4.102.247.91
      		unknownUnited States
      		3356LEVEL3USfalse
      20.119.234.199
      		unknownUnited States
      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
      23.50.169.247
      		unknownUnited States
      		16625AKAMAI-ASUSfalse
      4.34.135.15
      		unknownUnited States
      		3356LEVEL3USfalse
      9.139.195.248
      		unknownUnited States
      		3356LEVEL3USfalse
      22.89.51.48
      		unknownUnited States
      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
      19.54.47.43
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      19.220.13.70
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      17.194.20.50
      		unknownUnited States
      		714APPLE-ENGINEERINGUSfalse
      20.8.166.235
      		unknownUnited States
      		8075MICROSOFT-CORP-MSN-AS-BLOCKUSfalse
      14.121.98.97
      		unknownChina
      		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
      1.94.25.87
      		unknownChina
      		4808CHINA169-BJChinaUnicomBeijingProvinceNetworkCNfalse
      19.201.145.32
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      23.187.119.120
      		unknownReserved
      		54285LAXUSfalse
      14.36.101.224
      		unknownKorea Republic of
      		4766KIXS-AS-KRKoreaTelecomKRfalse
      9.10.30.100
      		unknownUnited States
      		3356LEVEL3USfalse
      17.213.139.249
      		unknownUnited States
      		714APPLE-ENGINEERINGUSfalse
      14.118.33.165
      		unknownChina
      		4134CHINANET-BACKBONENo31Jin-rongStreetCNfalse
      23.126.185.132
      		unknownUnited States
      		7018ATT-INTERNET4USfalse
      13.13.222.73
      		unknownUnited States
      		22390XEROX-WBUSfalse
      14.98.203.245
      		unknownIndia
      		45820TTSL-MEISISPTataTeleservicesISPASINfalse
      8.56.197.252
      		unknownUnited States
      		3356LEVEL3USfalse
      8.22.6.126
      		unknownUnited States
      		35873MOVE-NETWORKSUSfalse
      19.26.147.237
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      9.137.245.53
      		unknownUnited States
      		3356LEVEL3USfalse
      5.36.112.93
      		unknownOman
      		28885OMANTEL-NAP-ASOmanTelNAPOMfalse
      8.197.72.156
      		unknownUnited States
      		3356LEVEL3USfalse
      17.30.147.229
      		unknownUnited States
      		714APPLE-ENGINEERINGUSfalse
      18.206.181.55
      		unknownUnited States
      		14618AMAZON-AESUSfalse
      19.119.199.248
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      18.174.52.116
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      4.181.133.32
      		unknownUnited States
      		3356LEVEL3USfalse
      9.21.160.145
      		unknownUnited States
      		3356LEVEL3USfalse
      19.128.30.238
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      4.157.216.3
      		unknownUnited States
      		3356LEVEL3USfalse
      19.90.182.251
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      17.128.188.140
      		unknownUnited States
      		714APPLE-ENGINEERINGUSfalse
      1.172.198.69
      		unknownTaiwan; Republic of China (ROC)
      		3462HINETDataCommunicationBusinessGroupTWfalse
      13.169.90.175
      		unknownUnited States
      		7018ATT-INTERNET4USfalse
      18.107.39.192
      		unknownUnited States
      		3MIT-GATEWAYSUSfalse
      5.137.176.110
      		unknownRussian Federation
      		12389ROSTELECOM-ASRUfalse
      18.153.247.121
      		unknownUnited States
      		16509AMAZON-02USfalse
      9.237.43.40
      		unknownUnited States
      		3356LEVEL3USfalse

      Joe Sandbox View / Context

      IPs

      MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
      159.253.120.185gl79GHpPw5.elfGet hashmaliciousBrowse

        Domains

        No context

        ASNs

        MatchAssociated Sample Name / URLSHA 256DetectionLinkContext
        MIT-GATEWAYSUSxIwkOnjSIa.dllGet hashmaliciousBrowse
        • 18.74.78.152
        mbXvGlj2dR.dllGet hashmaliciousBrowse
        • 18.118.213.192
        gL5vZH3AvK.elfGet hashmaliciousBrowse
        • 19.215.28.179
        OHjeOA7E8A.elfGet hashmaliciousBrowse
        • 19.239.166.252
        fapERCU4lF.elfGet hashmaliciousBrowse
        • 19.129.71.190
        gXjp7HgNea.elfGet hashmaliciousBrowse
        • 19.86.107.7
        3vdX34ASp2.elfGet hashmaliciousBrowse
        • 19.190.240.74
        CqTq62KCaq.elfGet hashmaliciousBrowse
        • 19.27.14.162
        rkLmMQcLCU.elfGet hashmaliciousBrowse
        • 19.38.201.215
        https://www.5mno3.com/scripts/un981c6l?a_aid=e1b43ef7&a_bid=e4af19a5&data1=%E5%BB%A3%E6%9D%B1%E8%A9%B1+%E5%A5%91%E5%BC%9F&data2=9kd4h95jvq71Get hashmaliciousBrowse
        • 18.66.112.65
        mPQQqzukqh.elfGet hashmaliciousBrowse
        • 19.207.44.41
        bo74pgWMOj.elfGet hashmaliciousBrowse
        • 18.31.84.180
        IROAn40T4R.iqyGet hashmaliciousBrowse
        • 18.161.216.57
        https://my.trajectordisability.com/docs/?k=f1029041c1acdcc4093a8b2c310278c90261be374ca40c58c136a47e74a2dc40575775__;!!I3RUE2pyLw!zEv4LQ6qp2xeo1zrVboYekkVXj7LtnS5G2RFfXprKWml_JhblC3M0mSi1YJ-39N8lhYAAou4Ow1pAUERYlpPH758tzIKG1WILV_WgBZHBpg$Get hashmaliciousBrowse
        • 18.66.218.23
        file.exeGet hashmaliciousBrowse
        • 18.119.154.66
        file.exeGet hashmaliciousBrowse
        • 18.119.154.66
        icKRjsDL47.exeGet hashmaliciousBrowse
        • 18.119.154.66
        foNMlXr86C.exeGet hashmaliciousBrowse
        • 18.119.154.66
        https://s.id/1t5jjGet hashmaliciousBrowse
        • 18.66.218.5
        jr7Vd9THho.elfGet hashmaliciousBrowse
        • 18.11.193.108

        JA3 Fingerprints

        No context

        Dropped Files

        No context

        Created / dropped Files

        No created / dropped files found

        Static File Info

        General

        File type:ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, stripped
        Entropy (8bit):6.542383410965767
        TrID:
        • ELF Executable and Linkable format (Linux) (4029/14) 50.16%
        • ELF Executable and Linkable format (generic) (4004/1) 49.84%
        File name:GUBLtzXxUa.elf
        File size:68368
        MD5:1faa1af6c27ace22e101646179cc4b33
        SHA1:d4ebd2f5c1aa6001ec5f2e948fbe1542ee541d15
        SHA256:d5427ba0012a40b30fb3a584a2fae261e8f08d935f02b04470424f11527a4194
        SHA512:43a111bd6762ef3a2d16773223490d474d31875caf7dc5fba25fdef46e85f6fbec3217b79ad57119a7a97f6f1cea9da74d8080c00ac103bae5750eaf56efd854
        SSDEEP:1536:V2vrPEO8RbVTILlOrNgpTPwOQJUTtD77c/t9cSAc:VcrPEZlWLlsMw3J0D3AtAc
        TLSH:79636CC5F643E4F5D817063031BBEF338A76E6FD2168DA47D3A4A573A962602E503A4C
        File Content Preview:.ELF....................d...4...........4. ...(......................................................... )..........Q.td............................U..S............h........[]...$.............U......=@....t..5...................u........t....h............

        Static ELF Info

        ELF header

        Class:
        Data:
        Version:
        Machine:
        Version Number:
        Type:
        OS/ABI:
        ABI Version:
        Entry Point Address:
        Flags:
        ELF Header Size:
        Program Header Offset:
        Program Header Size:
        Number of Program Headers:
        Section Header Offset:
        Section Header Size:
        Number of Section Headers:
        Header String Table Index:

        Sections

        NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
        NULL0x00x00x00x00x0000
        .initPROGBITS0x80480940x940x1c0x00x6AX001
        .textPROGBITS0x80480b00xb00xdff60x00x6AX0016
        .finiPROGBITS0x80560a60xe0a60x170x00x6AX001
        .rodataPROGBITS0x80560c00xe0c00x25dc0x00x2A0032
        .ctorsPROGBITS0x80596a00x106a00x80x00x3WA004
        .dtorsPROGBITS0x80596a80x106a80x80x00x3WA004
        .dataPROGBITS0x80596c00x106c00x2800x00x3WA0032
        .bssNOBITS0x80599400x109400x26800x00x3WA0032
        .shstrtabSTRTAB0x00x109400x3e0x00x0001

        Program Segments

        TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
        LOAD0x00x80480000x80480000x1069c0x1069c6.57360x5R E0x1000.init .text .fini .rodata
        LOAD0x106a00x80596a00x80596a00x2a00x29203.50950x6RW 0x1000.ctors .dtors .data .bss
        GNU_STACK0x00x00x00x00x00.00000x6RW 0x4

        Network Behavior

        Network Port Distribution

        TCP Packets

        TimestampSource PortDest PortSource IPDest IP
        Dec 23, 2022 05:50:51.606317997 CET42836443192.168.2.2391.189.91.43
        Dec 23, 2022 05:50:51.646702051 CET1157723192.168.2.239.228.67.3
        Dec 23, 2022 05:50:51.646707058 CET1157723192.168.2.231.197.107.73
        Dec 23, 2022 05:50:51.646717072 CET1157723192.168.2.2323.255.193.130
        Dec 23, 2022 05:50:51.646717072 CET1157723192.168.2.234.45.40.79
        Dec 23, 2022 05:50:51.646717072 CET1157723192.168.2.2318.38.8.135
        Dec 23, 2022 05:50:51.646727085 CET1157723192.168.2.2323.72.15.68
        Dec 23, 2022 05:50:51.646739960 CET1157723192.168.2.235.102.211.61
        Dec 23, 2022 05:50:51.646759033 CET1157723192.168.2.2318.196.180.134
        Dec 23, 2022 05:50:51.646764040 CET115772323192.168.2.2320.17.108.150
        Dec 23, 2022 05:50:51.646765947 CET115772323192.168.2.234.17.189.42
        Dec 23, 2022 05:50:51.646764040 CET1157723192.168.2.2318.6.170.128
        Dec 23, 2022 05:50:51.646759033 CET1157723192.168.2.238.55.30.188
        Dec 23, 2022 05:50:51.646765947 CET1157723192.168.2.2317.223.32.47
        Dec 23, 2022 05:50:51.646764040 CET1157723192.168.2.238.207.65.136
        Dec 23, 2022 05:50:51.646759033 CET1157723192.168.2.2319.67.33.164
        Dec 23, 2022 05:50:51.646766901 CET1157723192.168.2.2318.7.134.231
        Dec 23, 2022 05:50:51.646759033 CET1157723192.168.2.234.248.120.121
        Dec 23, 2022 05:50:51.646764040 CET1157723192.168.2.2319.237.148.131
        Dec 23, 2022 05:50:51.646759033 CET115772323192.168.2.235.114.209.52
        Dec 23, 2022 05:50:51.646759033 CET1157723192.168.2.235.123.233.87
        Dec 23, 2022 05:50:51.646759987 CET1157723192.168.2.2314.224.134.35
        Dec 23, 2022 05:50:51.646780014 CET1157723192.168.2.2313.101.187.63
        Dec 23, 2022 05:50:51.646780014 CET1157723192.168.2.2319.111.189.37
        Dec 23, 2022 05:50:51.646786928 CET1157723192.168.2.2313.253.223.15
        Dec 23, 2022 05:50:51.646786928 CET1157723192.168.2.2323.68.57.212
        Dec 23, 2022 05:50:51.646786928 CET1157723192.168.2.2318.151.32.77
        Dec 23, 2022 05:50:51.646787882 CET1157723192.168.2.2320.249.174.83
        Dec 23, 2022 05:50:51.646796942 CET1157723192.168.2.2312.62.125.81
        Dec 23, 2022 05:50:51.646796942 CET115772323192.168.2.239.60.253.218
        Dec 23, 2022 05:50:51.646836042 CET1157723192.168.2.2323.50.169.247
        Dec 23, 2022 05:50:51.646837950 CET1157723192.168.2.2320.49.24.176
        Dec 23, 2022 05:50:51.646837950 CET1157723192.168.2.234.157.216.3
        Dec 23, 2022 05:50:51.646837950 CET1157723192.168.2.2318.14.220.88
        Dec 23, 2022 05:50:51.646837950 CET1157723192.168.2.2323.192.233.100
        Dec 23, 2022 05:50:51.646845102 CET115772323192.168.2.2318.193.121.171
        Dec 23, 2022 05:50:51.646858931 CET1157723192.168.2.231.94.25.87
        Dec 23, 2022 05:50:51.646859884 CET1157723192.168.2.2312.74.171.210
        Dec 23, 2022 05:50:51.646886110 CET1157723192.168.2.2320.88.100.2
        Dec 23, 2022 05:50:51.646861076 CET1157723192.168.2.2314.181.214.30
        Dec 23, 2022 05:50:51.646894932 CET1157723192.168.2.2323.174.44.99
        Dec 23, 2022 05:50:51.646894932 CET1157723192.168.2.235.69.222.59
        Dec 23, 2022 05:50:51.646894932 CET1157723192.168.2.2313.13.222.73
        Dec 23, 2022 05:50:51.646915913 CET1157723192.168.2.2312.249.39.183
        Dec 23, 2022 05:50:51.646915913 CET1157723192.168.2.238.197.72.156
        Dec 23, 2022 05:50:51.646919966 CET1157723192.168.2.2312.29.146.170
        Dec 23, 2022 05:50:51.646917105 CET1157723192.168.2.234.3.247.182
        Dec 23, 2022 05:50:51.646922112 CET1157723192.168.2.238.193.37.74
        Dec 23, 2022 05:50:51.646917105 CET1157723192.168.2.2319.201.226.115
        Dec 23, 2022 05:50:51.646934032 CET1157723192.168.2.235.135.21.66
        Dec 23, 2022 05:50:51.646935940 CET1157723192.168.2.2312.122.68.139
        Dec 23, 2022 05:50:51.646935940 CET115772323192.168.2.2322.249.178.243
        Dec 23, 2022 05:50:51.646964073 CET1157723192.168.2.2319.109.35.153
        Dec 23, 2022 05:50:51.646966934 CET1157723192.168.2.2323.196.30.144
        Dec 23, 2022 05:50:51.646975994 CET1157723192.168.2.231.198.38.139
        Dec 23, 2022 05:50:51.646987915 CET1157723192.168.2.2323.162.34.255
        Dec 23, 2022 05:50:51.646987915 CET1157723192.168.2.2313.70.30.241
        Dec 23, 2022 05:50:51.647000074 CET1157723192.168.2.2323.152.5.199
        Dec 23, 2022 05:50:51.647025108 CET1157723192.168.2.2320.57.165.161
        Dec 23, 2022 05:50:51.647032976 CET1157723192.168.2.239.139.195.248
        Dec 23, 2022 05:50:51.647033930 CET115772323192.168.2.2317.18.104.119
        Dec 23, 2022 05:50:51.647032976 CET1157723192.168.2.2318.53.221.32
        Dec 23, 2022 05:50:51.647039890 CET1157723192.168.2.2314.11.147.212
        Dec 23, 2022 05:50:51.647052050 CET1157723192.168.2.2322.35.36.110
        Dec 23, 2022 05:50:51.647066116 CET1157723192.168.2.231.146.201.11
        Dec 23, 2022 05:50:51.647068024 CET1157723192.168.2.2318.98.10.131
        Dec 23, 2022 05:50:51.647077084 CET1157723192.168.2.231.84.188.125
        Dec 23, 2022 05:50:51.647078037 CET115772323192.168.2.2313.3.192.250
        Dec 23, 2022 05:50:51.647079945 CET1157723192.168.2.2317.253.94.70
        Dec 23, 2022 05:50:51.647079945 CET1157723192.168.2.2318.166.84.14
        Dec 23, 2022 05:50:51.647100925 CET1157723192.168.2.235.107.32.216
        Dec 23, 2022 05:50:51.647129059 CET1157723192.168.2.2320.143.11.120
        Dec 23, 2022 05:50:51.647345066 CET1157723192.168.2.2317.190.158.223
        Dec 23, 2022 05:50:51.647384882 CET1157723192.168.2.2319.178.108.231
        Dec 23, 2022 05:50:51.647384882 CET1157723192.168.2.2320.112.243.42
        Dec 23, 2022 05:50:51.647396088 CET1157723192.168.2.2320.74.70.1
        Dec 23, 2022 05:50:51.647402048 CET1157723192.168.2.2323.24.74.140
        Dec 23, 2022 05:50:51.647408009 CET1157723192.168.2.239.129.152.255
        Dec 23, 2022 05:50:51.647409916 CET1157723192.168.2.2312.85.204.202
        Dec 23, 2022 05:50:51.647411108 CET1157723192.168.2.238.27.6.103
        Dec 23, 2022 05:50:51.647416115 CET1157723192.168.2.235.214.109.168
        Dec 23, 2022 05:50:51.647416115 CET1157723192.168.2.2317.218.25.121
        Dec 23, 2022 05:50:51.647412062 CET1157723192.168.2.2314.251.168.116
        Dec 23, 2022 05:50:51.647443056 CET1157723192.168.2.238.13.186.211
        Dec 23, 2022 05:50:51.647450924 CET1157723192.168.2.2319.228.54.100
        Dec 23, 2022 05:50:51.647473097 CET1157723192.168.2.234.234.2.66
        Dec 23, 2022 05:50:51.647480965 CET1157723192.168.2.2318.75.192.54
        Dec 23, 2022 05:50:51.647480965 CET115772323192.168.2.2317.171.73.222
        Dec 23, 2022 05:50:51.647485971 CET1157723192.168.2.238.31.249.33
        Dec 23, 2022 05:50:51.647485971 CET1157723192.168.2.231.89.99.13
        Dec 23, 2022 05:50:51.647495031 CET1157723192.168.2.231.62.138.146
        Dec 23, 2022 05:50:51.647505045 CET1157723192.168.2.239.187.149.177
        Dec 23, 2022 05:50:51.647530079 CET1157723192.168.2.2313.86.39.102
        Dec 23, 2022 05:50:51.647532940 CET1157723192.168.2.2319.36.36.7
        Dec 23, 2022 05:50:51.647545099 CET1157723192.168.2.2320.47.17.171
        Dec 23, 2022 05:50:51.647566080 CET1157723192.168.2.234.91.4.129
        Dec 23, 2022 05:50:51.647597075 CET1157723192.168.2.2318.160.218.12
        Dec 23, 2022 05:50:51.647598028 CET1157723192.168.2.2320.246.8.159
        Dec 23, 2022 05:50:51.647598028 CET1157723192.168.2.239.50.102.110
        Dec 23, 2022 05:50:51.647600889 CET115772323192.168.2.231.74.55.116
        Dec 23, 2022 05:50:51.647602081 CET1157723192.168.2.234.121.227.16
        Dec 23, 2022 05:50:51.647602081 CET1157723192.168.2.2320.189.96.131
        Dec 23, 2022 05:50:51.647603989 CET1157723192.168.2.2318.134.174.75
        Dec 23, 2022 05:50:51.647608995 CET1157723192.168.2.2314.204.173.252
        Dec 23, 2022 05:50:51.647619963 CET1157723192.168.2.2314.167.88.61
        Dec 23, 2022 05:50:51.647627115 CET1157723192.168.2.235.160.202.186
        Dec 23, 2022 05:50:51.647627115 CET1157723192.168.2.2314.98.203.245
        Dec 23, 2022 05:50:51.647633076 CET1157723192.168.2.2319.188.243.123
        Dec 23, 2022 05:50:51.647634029 CET1157723192.168.2.234.245.64.143
        Dec 23, 2022 05:50:51.647645950 CET1157723192.168.2.2323.251.73.240
        Dec 23, 2022 05:50:51.647649050 CET1157723192.168.2.2314.77.28.71
        Dec 23, 2022 05:50:51.647666931 CET1157723192.168.2.2318.182.21.45
        Dec 23, 2022 05:50:51.647667885 CET1157723192.168.2.239.109.140.108
        Dec 23, 2022 05:50:51.647691965 CET1157723192.168.2.231.134.131.102
        Dec 23, 2022 05:50:51.647691965 CET1157723192.168.2.235.117.174.180
        Dec 23, 2022 05:50:51.647705078 CET1157723192.168.2.2318.50.175.122
        Dec 23, 2022 05:50:51.647705078 CET1157723192.168.2.235.220.31.245
        Dec 23, 2022 05:50:51.647707939 CET115772323192.168.2.2322.172.176.27
        Dec 23, 2022 05:50:51.647721052 CET1157723192.168.2.2314.36.101.224
        Dec 23, 2022 05:50:51.647722006 CET1157723192.168.2.2317.176.159.104
        Dec 23, 2022 05:50:51.647727013 CET1157723192.168.2.2323.166.145.242
        Dec 23, 2022 05:50:51.647730112 CET1157723192.168.2.2319.47.42.46
        Dec 23, 2022 05:50:51.647733927 CET1157723192.168.2.239.109.118.202
        Dec 23, 2022 05:50:51.647733927 CET1157723192.168.2.2313.99.208.87
        Dec 23, 2022 05:50:51.647733927 CET115772323192.168.2.2312.251.141.176
        Dec 23, 2022 05:50:51.647742033 CET1157723192.168.2.238.242.74.212
        Dec 23, 2022 05:50:51.647756100 CET1157723192.168.2.238.252.85.49
        Dec 23, 2022 05:50:51.647756100 CET1157723192.168.2.2319.133.150.44
        Dec 23, 2022 05:50:51.647759914 CET1157723192.168.2.239.81.44.158
        Dec 23, 2022 05:50:51.647764921 CET1157723192.168.2.231.203.45.94
        Dec 23, 2022 05:50:51.647764921 CET1157723192.168.2.234.86.3.208
        Dec 23, 2022 05:50:51.647775888 CET1157723192.168.2.2323.103.201.106
        Dec 23, 2022 05:50:51.647778034 CET1157723192.168.2.2319.87.243.120
        Dec 23, 2022 05:50:51.647778034 CET115772323192.168.2.231.156.8.211
        Dec 23, 2022 05:50:51.647779942 CET1157723192.168.2.2323.131.76.221
        Dec 23, 2022 05:50:51.647779942 CET1157723192.168.2.2314.171.145.25
        Dec 23, 2022 05:50:51.647785902 CET115772323192.168.2.235.237.94.6
        Dec 23, 2022 05:50:51.647785902 CET1157723192.168.2.239.74.252.39
        Dec 23, 2022 05:50:51.647785902 CET1157723192.168.2.238.57.159.232
        Dec 23, 2022 05:50:51.647785902 CET1157723192.168.2.2312.160.222.96
        Dec 23, 2022 05:50:51.647787094 CET1157723192.168.2.2317.154.1.169
        Dec 23, 2022 05:50:51.647787094 CET1157723192.168.2.2323.79.46.57
        Dec 23, 2022 05:50:51.647787094 CET115772323192.168.2.231.40.25.96
        Dec 23, 2022 05:50:51.647787094 CET1157723192.168.2.2317.170.108.254
        Dec 23, 2022 05:50:51.647795916 CET1157723192.168.2.2319.140.91.24
        Dec 23, 2022 05:50:51.647790909 CET1157723192.168.2.2313.166.37.209
        Dec 23, 2022 05:50:51.647792101 CET115772323192.168.2.231.11.252.7
        Dec 23, 2022 05:50:51.647792101 CET1157723192.168.2.2318.218.233.141
        Dec 23, 2022 05:50:51.647825003 CET1157723192.168.2.2323.126.7.221
        Dec 23, 2022 05:50:51.647792101 CET1157723192.168.2.2312.37.107.246
        Dec 23, 2022 05:50:51.647825003 CET1157723192.168.2.231.164.239.126
        Dec 23, 2022 05:50:51.647825003 CET1157723192.168.2.231.114.188.34
        Dec 23, 2022 05:50:51.647850037 CET1157723192.168.2.238.212.87.91
        Dec 23, 2022 05:50:51.647850037 CET1157723192.168.2.2317.97.85.230
        Dec 23, 2022 05:50:51.647850037 CET1157723192.168.2.2318.18.224.19
        Dec 23, 2022 05:50:51.647876978 CET1157723192.168.2.2318.95.139.14
        Dec 23, 2022 05:50:51.647878885 CET1157723192.168.2.2320.72.252.227
        Dec 23, 2022 05:50:51.647878885 CET1157723192.168.2.2318.219.223.118
        Dec 23, 2022 05:50:51.647918940 CET1157723192.168.2.2313.79.71.221
        Dec 23, 2022 05:50:51.647938013 CET1157723192.168.2.2318.51.191.244
        Dec 23, 2022 05:50:51.647938013 CET1157723192.168.2.2314.152.72.180
        Dec 23, 2022 05:50:51.647942066 CET1157723192.168.2.2317.213.139.249
        Dec 23, 2022 05:50:51.647942066 CET1157723192.168.2.2312.192.1.175
        Dec 23, 2022 05:50:51.647942066 CET1157723192.168.2.231.49.140.13
        Dec 23, 2022 05:50:51.647953033 CET1157723192.168.2.231.154.66.31
        Dec 23, 2022 05:50:51.647952080 CET1157723192.168.2.2318.181.79.96
        Dec 23, 2022 05:50:51.647954941 CET115772323192.168.2.2323.191.221.193
        Dec 23, 2022 05:50:51.647954941 CET1157723192.168.2.2313.23.49.130
        Dec 23, 2022 05:50:51.647986889 CET1157723192.168.2.2317.207.40.221
        Dec 23, 2022 05:50:51.647986889 CET1157723192.168.2.238.56.197.252
        Dec 23, 2022 05:50:51.648030043 CET1157723192.168.2.2318.141.194.75
        Dec 23, 2022 05:50:51.648030043 CET1157723192.168.2.2320.61.161.233
        Dec 23, 2022 05:50:51.648047924 CET1157723192.168.2.235.137.176.110
        Dec 23, 2022 05:50:51.648047924 CET115772323192.168.2.2319.90.182.251
        Dec 23, 2022 05:50:51.648047924 CET1157723192.168.2.2313.252.237.76
        Dec 23, 2022 05:50:51.648051023 CET1157723192.168.2.2312.57.218.142
        Dec 23, 2022 05:50:51.648047924 CET1157723192.168.2.2318.239.29.241
        Dec 23, 2022 05:50:51.648051977 CET1157723192.168.2.2319.120.89.184
        Dec 23, 2022 05:50:51.648051977 CET1157723192.168.2.2323.117.71.41
        Dec 23, 2022 05:50:51.648051977 CET1157723192.168.2.2313.83.90.248
        Dec 23, 2022 05:50:51.648051977 CET1157723192.168.2.2319.214.124.132
        Dec 23, 2022 05:50:51.648051977 CET1157723192.168.2.2313.77.98.34
        Dec 23, 2022 05:50:51.648051977 CET115772323192.168.2.234.33.0.134
        Dec 23, 2022 05:50:51.648057938 CET1157723192.168.2.2323.252.243.3
        Dec 23, 2022 05:50:51.648057938 CET1157723192.168.2.2322.197.145.78
        Dec 23, 2022 05:50:51.648066044 CET1157723192.168.2.2312.49.210.215
        Dec 23, 2022 05:50:51.648066044 CET1157723192.168.2.2322.61.108.13
        Dec 23, 2022 05:50:51.648066044 CET1157723192.168.2.2318.98.105.212
        Dec 23, 2022 05:50:51.648075104 CET1157723192.168.2.2312.152.199.230
        Dec 23, 2022 05:50:51.648075104 CET1157723192.168.2.2313.104.156.205
        Dec 23, 2022 05:50:51.648075104 CET1157723192.168.2.239.45.47.120
        Dec 23, 2022 05:50:51.648075104 CET1157723192.168.2.2318.251.71.27
        Dec 23, 2022 05:50:51.648075104 CET1157723192.168.2.231.26.203.54
        Dec 23, 2022 05:50:51.648101091 CET1157723192.168.2.239.166.241.16
        Dec 23, 2022 05:50:51.648102045 CET115772323192.168.2.2319.249.49.29
        Dec 23, 2022 05:50:51.648102045 CET1157723192.168.2.2319.151.149.61
        Dec 23, 2022 05:50:51.648102045 CET115772323192.168.2.234.153.40.37
        Dec 23, 2022 05:50:51.648102045 CET1157723192.168.2.2313.80.126.144
        Dec 23, 2022 05:50:51.648102045 CET1157723192.168.2.2323.84.59.70
        Dec 23, 2022 05:50:51.648102045 CET1157723192.168.2.2317.115.87.138
        Dec 23, 2022 05:50:51.648102045 CET1157723192.168.2.234.253.93.162
        Dec 23, 2022 05:50:51.648185968 CET115772323192.168.2.2314.120.14.191
        Dec 23, 2022 05:50:51.648185968 CET1157723192.168.2.239.184.214.93
        Dec 23, 2022 05:50:51.648185968 CET1157723192.168.2.2317.15.167.187
        Dec 23, 2022 05:50:51.648185968 CET1157723192.168.2.2313.55.194.18
        Dec 23, 2022 05:50:51.648185968 CET1157723192.168.2.2319.25.152.149
        Dec 23, 2022 05:50:51.648185968 CET1157723192.168.2.235.135.13.157
        Dec 23, 2022 05:50:51.648185968 CET1157723192.168.2.2322.55.152.219
        Dec 23, 2022 05:50:51.648185968 CET1157723192.168.2.2317.142.74.23
        Dec 23, 2022 05:50:51.648210049 CET1157723192.168.2.238.99.19.78
        Dec 23, 2022 05:50:51.648210049 CET1157723192.168.2.238.98.247.22
        Dec 23, 2022 05:50:51.648210049 CET1157723192.168.2.239.183.149.8
        Dec 23, 2022 05:50:51.648212910 CET1157723192.168.2.2322.71.104.7
        Dec 23, 2022 05:50:51.648212910 CET1157723192.168.2.2322.221.194.227
        Dec 23, 2022 05:50:51.648212910 CET1157723192.168.2.2317.74.246.96
        Dec 23, 2022 05:50:51.648216963 CET1157723192.168.2.231.7.26.29
        Dec 23, 2022 05:50:51.648217916 CET1157723192.168.2.239.217.167.47
        Dec 23, 2022 05:50:51.648217916 CET1157723192.168.2.234.128.25.59
        Dec 23, 2022 05:50:51.648222923 CET1157723192.168.2.2312.95.105.13
        Dec 23, 2022 05:50:51.648224115 CET1157723192.168.2.239.69.102.120
        Dec 23, 2022 05:50:51.648222923 CET1157723192.168.2.235.55.96.13
        Dec 23, 2022 05:50:51.648224115 CET1157723192.168.2.2317.204.193.159
        Dec 23, 2022 05:50:51.648222923 CET1157723192.168.2.234.201.3.7
        Dec 23, 2022 05:50:51.648226976 CET1157723192.168.2.2320.15.11.15
        Dec 23, 2022 05:50:51.648224115 CET1157723192.168.2.235.206.31.237
        Dec 23, 2022 05:50:51.648224115 CET1157723192.168.2.2313.217.51.210
        Dec 23, 2022 05:50:51.648227930 CET1157723192.168.2.234.13.148.200
        Dec 23, 2022 05:50:51.648224115 CET1157723192.168.2.239.216.240.209
        Dec 23, 2022 05:50:51.648227930 CET1157723192.168.2.2320.7.97.39
        Dec 23, 2022 05:50:51.648224115 CET1157723192.168.2.235.128.30.24
        Dec 23, 2022 05:50:51.648227930 CET1157723192.168.2.2313.17.174.144
        Dec 23, 2022 05:50:51.648227930 CET1157723192.168.2.235.189.240.203
        Dec 23, 2022 05:50:51.648248911 CET1157723192.168.2.2318.77.254.106
        Dec 23, 2022 05:50:51.648248911 CET1157723192.168.2.2314.191.233.118
        Dec 23, 2022 05:50:51.648248911 CET115772323192.168.2.2317.133.188.62
        Dec 23, 2022 05:50:51.648248911 CET1157723192.168.2.2318.117.176.26
        Dec 23, 2022 05:50:51.648248911 CET1157723192.168.2.2319.56.106.75
        Dec 23, 2022 05:50:51.648256063 CET1157723192.168.2.2313.233.0.212
        Dec 23, 2022 05:50:51.648257017 CET1157723192.168.2.2320.135.20.75
        Dec 23, 2022 05:50:51.648257017 CET1157723192.168.2.2312.203.233.167
        Dec 23, 2022 05:50:51.648257017 CET1157723192.168.2.2322.251.153.171
        Dec 23, 2022 05:50:51.648257017 CET1157723192.168.2.2314.180.147.236
        Dec 23, 2022 05:50:51.648283005 CET115772323192.168.2.2314.196.222.48
        Dec 23, 2022 05:50:51.648283005 CET1157723192.168.2.2314.192.60.241
        Dec 23, 2022 05:50:51.648283005 CET115772323192.168.2.2312.85.62.132
        Dec 23, 2022 05:50:51.648283005 CET1157723192.168.2.239.124.178.43
        Dec 23, 2022 05:50:51.648286104 CET1157723192.168.2.2323.235.245.173
        Dec 23, 2022 05:50:51.648286104 CET115772323192.168.2.2313.221.232.88
        Dec 23, 2022 05:50:51.648293972 CET1157723192.168.2.2313.207.83.58
        Dec 23, 2022 05:50:51.648294926 CET1157723192.168.2.239.213.130.8
        Dec 23, 2022 05:50:51.648293972 CET1157723192.168.2.2314.59.241.85
        Dec 23, 2022 05:50:51.648294926 CET1157723192.168.2.2313.47.47.249
        Dec 23, 2022 05:50:51.648293972 CET1157723192.168.2.239.53.120.241
        Dec 23, 2022 05:50:51.648294926 CET1157723192.168.2.2313.218.91.74
        Dec 23, 2022 05:50:51.648294926 CET1157723192.168.2.2319.160.114.28
        Dec 23, 2022 05:50:51.648296118 CET1157723192.168.2.235.128.243.80
        Dec 23, 2022 05:50:51.648296118 CET1157723192.168.2.235.246.25.5
        Dec 23, 2022 05:50:51.648303032 CET1157723192.168.2.238.161.174.115
        Dec 23, 2022 05:50:51.648303032 CET1157723192.168.2.2318.174.52.116
        Dec 23, 2022 05:50:51.648308039 CET1157723192.168.2.234.165.226.170
        Dec 23, 2022 05:50:51.648308039 CET1157723192.168.2.238.213.111.31
        Dec 23, 2022 05:50:51.648335934 CET115772323192.168.2.238.131.210.25
        Dec 23, 2022 05:50:51.648335934 CET1157723192.168.2.2323.198.58.115
        Dec 23, 2022 05:50:51.648335934 CET1157723192.168.2.2317.211.251.136
        Dec 23, 2022 05:50:51.648379087 CET1157723192.168.2.2318.107.39.192
        Dec 23, 2022 05:50:51.648724079 CET1157723192.168.2.2319.106.100.114
        Dec 23, 2022 05:50:51.648746014 CET1157723192.168.2.2319.71.118.82
        Dec 23, 2022 05:50:51.648778915 CET1157723192.168.2.2322.240.124.170
        Dec 23, 2022 05:50:51.648785114 CET1157723192.168.2.2314.66.228.95
        Dec 23, 2022 05:50:51.648794889 CET1157723192.168.2.2319.61.44.232
        Dec 23, 2022 05:50:51.648824930 CET115772323192.168.2.235.127.240.195
        Dec 23, 2022 05:50:51.648824930 CET1157723192.168.2.234.249.174.54
        Dec 23, 2022 05:50:51.648830891 CET1157723192.168.2.2313.209.230.161
        Dec 23, 2022 05:50:51.648835897 CET1157723192.168.2.231.224.165.100
        Dec 23, 2022 05:50:51.648845911 CET1157723192.168.2.2320.175.54.233
        Dec 23, 2022 05:50:51.648858070 CET1157723192.168.2.2320.42.241.121
        Dec 23, 2022 05:50:51.648873091 CET1157723192.168.2.2320.102.214.107
        Dec 23, 2022 05:50:51.648878098 CET1157723192.168.2.238.22.6.126
        Dec 23, 2022 05:50:51.648873091 CET1157723192.168.2.2322.41.78.38
        Dec 23, 2022 05:50:51.648895979 CET1157723192.168.2.2312.11.183.203
        Dec 23, 2022 05:50:51.648900986 CET1157723192.168.2.238.185.75.210
        Dec 23, 2022 05:50:51.648907900 CET1157723192.168.2.2323.82.253.35
        Dec 23, 2022 05:50:51.648912907 CET115772323192.168.2.2322.156.3.188
        Dec 23, 2022 05:50:51.648942947 CET1157723192.168.2.2322.188.36.47
        Dec 23, 2022 05:50:51.648942947 CET1157723192.168.2.2319.23.184.214
        Dec 23, 2022 05:50:51.648952007 CET1157723192.168.2.2319.106.225.58
        Dec 23, 2022 05:50:51.648952007 CET1157723192.168.2.2320.144.253.199
        Dec 23, 2022 05:50:51.648958921 CET1157723192.168.2.2314.171.205.80
        Dec 23, 2022 05:50:51.648967981 CET1157723192.168.2.2312.183.204.142
        Dec 23, 2022 05:50:51.648967981 CET1157723192.168.2.2313.38.176.186
        Dec 23, 2022 05:50:51.648969889 CET1157723192.168.2.239.145.247.10
        Dec 23, 2022 05:50:51.648971081 CET1157723192.168.2.2314.5.166.32
        Dec 23, 2022 05:50:51.648982048 CET115772323192.168.2.2318.121.164.247
        Dec 23, 2022 05:50:51.648984909 CET1157723192.168.2.2322.54.156.163
        Dec 23, 2022 05:50:51.648988008 CET1157723192.168.2.2319.220.13.70
        Dec 23, 2022 05:50:51.648986101 CET1157723192.168.2.2313.213.159.185
        Dec 23, 2022 05:50:51.648988008 CET1157723192.168.2.2322.79.8.245
        Dec 23, 2022 05:50:51.648984909 CET1157723192.168.2.238.171.30.240
        Dec 23, 2022 05:50:51.649005890 CET115772323192.168.2.2313.230.70.60
        Dec 23, 2022 05:50:51.649007082 CET1157723192.168.2.231.55.71.42
        Dec 23, 2022 05:50:51.649007082 CET1157723192.168.2.2323.97.11.62
        Dec 23, 2022 05:50:51.649007082 CET1157723192.168.2.2314.103.253.245
        Dec 23, 2022 05:50:51.649015903 CET1157723192.168.2.239.96.160.143
        Dec 23, 2022 05:50:51.649019003 CET1157723192.168.2.2322.251.2.218
        Dec 23, 2022 05:50:51.649056911 CET1157723192.168.2.234.218.195.245
        Dec 23, 2022 05:50:51.649059057 CET1157723192.168.2.231.172.198.69
        Dec 23, 2022 05:50:51.649065971 CET1157723192.168.2.2317.76.28.155
        Dec 23, 2022 05:50:51.649065971 CET1157723192.168.2.2313.61.13.14
        Dec 23, 2022 05:50:51.649071932 CET1157723192.168.2.2320.83.186.31
        Dec 23, 2022 05:50:51.649076939 CET115772323192.168.2.2313.181.222.149
        Dec 23, 2022 05:50:51.649076939 CET1157723192.168.2.235.164.66.137
        Dec 23, 2022 05:50:51.649091959 CET1157723192.168.2.234.102.247.91
        Dec 23, 2022 05:50:51.649091959 CET1157723192.168.2.2322.180.244.164
        Dec 23, 2022 05:50:51.649091959 CET1157723192.168.2.235.126.162.216
        Dec 23, 2022 05:50:51.649095058 CET1157723192.168.2.234.15.19.194
        Dec 23, 2022 05:50:51.649095058 CET1157723192.168.2.231.82.28.63
        Dec 23, 2022 05:50:51.649095058 CET1157723192.168.2.2314.121.98.97
        Dec 23, 2022 05:50:51.649106979 CET1157723192.168.2.234.181.133.32
        Dec 23, 2022 05:50:51.649107933 CET1157723192.168.2.2320.100.206.245
        Dec 23, 2022 05:50:51.649106979 CET1157723192.168.2.2318.206.181.55
        Dec 23, 2022 05:50:51.649120092 CET1157723192.168.2.2313.28.65.135
        Dec 23, 2022 05:50:51.649120092 CET1157723192.168.2.235.69.253.68
        Dec 23, 2022 05:50:51.649120092 CET1157723192.168.2.2323.143.91.30
        Dec 23, 2022 05:50:51.649127960 CET1157723192.168.2.2320.123.25.251
        Dec 23, 2022 05:50:51.649138927 CET115772323192.168.2.2320.246.58.99
        Dec 23, 2022 05:50:51.649138927 CET1157723192.168.2.2322.47.156.14
        Dec 23, 2022 05:50:51.649147987 CET1157723192.168.2.234.114.58.233
        Dec 23, 2022 05:50:51.649147987 CET1157723192.168.2.2323.198.178.43
        Dec 23, 2022 05:50:51.649159908 CET1157723192.168.2.2319.188.205.138
        Dec 23, 2022 05:50:51.649173021 CET1157723192.168.2.2318.153.247.121
        Dec 23, 2022 05:50:51.649174929 CET1157723192.168.2.2323.237.4.174
        Dec 23, 2022 05:50:51.649174929 CET1157723192.168.2.231.189.180.162
        Dec 23, 2022 05:50:51.649174929 CET115772323192.168.2.2322.104.121.53
        Dec 23, 2022 05:50:51.649183035 CET1157723192.168.2.231.225.210.214
        Dec 23, 2022 05:50:51.649209976 CET1157723192.168.2.235.49.49.177
        Dec 23, 2022 05:50:51.649214029 CET1157723192.168.2.2313.93.151.212
        Dec 23, 2022 05:50:51.649214029 CET1157723192.168.2.2323.186.222.83
        Dec 23, 2022 05:50:51.649214029 CET1157723192.168.2.2322.162.60.105
        Dec 23, 2022 05:50:51.649219036 CET1157723192.168.2.239.252.76.53
        Dec 23, 2022 05:50:51.649219990 CET1157723192.168.2.2319.131.132.161
        Dec 23, 2022 05:50:51.649219990 CET1157723192.168.2.2319.251.215.185
        Dec 23, 2022 05:50:51.649219990 CET115772323192.168.2.2313.122.223.60
        Dec 23, 2022 05:50:51.649225950 CET1157723192.168.2.2317.173.160.98
        Dec 23, 2022 05:50:51.649239063 CET1157723192.168.2.231.45.170.122
        Dec 23, 2022 05:50:51.649239063 CET1157723192.168.2.2319.119.199.248
        Dec 23, 2022 05:50:51.649239063 CET1157723192.168.2.2319.26.147.237
        Dec 23, 2022 05:50:51.649251938 CET1157723192.168.2.2320.106.160.75
        Dec 23, 2022 05:50:51.649256945 CET1157723192.168.2.2314.0.103.72
        Dec 23, 2022 05:50:51.649264097 CET1157723192.168.2.2314.157.10.231
        Dec 23, 2022 05:50:51.649264097 CET1157723192.168.2.2322.24.239.84
        Dec 23, 2022 05:50:51.649292946 CET1157723192.168.2.2318.239.131.227
        Dec 23, 2022 05:50:51.649292946 CET1157723192.168.2.231.36.102.138
        Dec 23, 2022 05:50:51.649296999 CET1157723192.168.2.2322.149.163.212
        Dec 23, 2022 05:50:51.649315119 CET1157723192.168.2.2317.194.20.50
        Dec 23, 2022 05:50:51.649317026 CET115772323192.168.2.2319.214.252.195
        Dec 23, 2022 05:50:51.649319887 CET1157723192.168.2.2318.192.129.8
        Dec 23, 2022 05:50:51.649329901 CET1157723192.168.2.2313.173.75.226
        Dec 23, 2022 05:50:51.649338961 CET1157723192.168.2.2323.201.9.148
        Dec 23, 2022 05:50:51.649338961 CET1157723192.168.2.2314.182.25.185
        Dec 23, 2022 05:50:51.649349928 CET1157723192.168.2.2317.200.199.47
        Dec 23, 2022 05:50:51.649349928 CET115772323192.168.2.2318.81.44.26
        Dec 23, 2022 05:50:51.649349928 CET1157723192.168.2.2322.89.51.48
        Dec 23, 2022 05:50:51.649355888 CET1157723192.168.2.2323.162.82.252
        Dec 23, 2022 05:50:51.649367094 CET1157723192.168.2.239.29.9.72
        Dec 23, 2022 05:50:51.649367094 CET1157723192.168.2.2318.121.146.235
        Dec 23, 2022 05:50:51.649375916 CET1157723192.168.2.2313.18.245.8
        Dec 23, 2022 05:50:51.649377108 CET1157723192.168.2.2320.36.132.20
        Dec 23, 2022 05:50:51.649384975 CET1157723192.168.2.2317.110.117.10
        Dec 23, 2022 05:50:51.649425983 CET1157723192.168.2.2319.211.14.169
        Dec 23, 2022 05:50:51.649426937 CET1157723192.168.2.231.144.72.65
        Dec 23, 2022 05:50:51.649429083 CET1157723192.168.2.2313.194.223.119
        Dec 23, 2022 05:50:51.649429083 CET115772323192.168.2.238.57.243.243
        Dec 23, 2022 05:50:51.649445057 CET1157723192.168.2.2322.18.247.151
        Dec 23, 2022 05:50:51.649452925 CET1157723192.168.2.2323.178.101.54
        Dec 23, 2022 05:50:51.649452925 CET1157723192.168.2.239.21.160.145
        Dec 23, 2022 05:50:51.649473906 CET1157723192.168.2.2314.118.33.165
        Dec 23, 2022 05:50:51.649482965 CET1157723192.168.2.2320.223.169.69
        Dec 23, 2022 05:50:51.649482965 CET1157723192.168.2.239.14.99.193
        Dec 23, 2022 05:50:51.649490118 CET1157723192.168.2.238.84.187.197
        Dec 23, 2022 05:50:51.649490118 CET1157723192.168.2.238.91.191.68
        Dec 23, 2022 05:50:51.649490118 CET115772323192.168.2.2320.154.44.15
        Dec 23, 2022 05:50:51.649498940 CET1157723192.168.2.2317.128.188.140
        Dec 23, 2022 05:50:51.649518013 CET1157723192.168.2.2320.146.82.222
        Dec 23, 2022 05:50:51.649530888 CET1157723192.168.2.2317.180.197.173
        Dec 23, 2022 05:50:51.649533987 CET1157723192.168.2.235.212.244.169
        Dec 23, 2022 05:50:51.649569035 CET1157723192.168.2.2320.109.86.229
        Dec 23, 2022 05:50:51.649569035 CET1157723192.168.2.2312.223.255.20
        Dec 23, 2022 05:50:51.649569035 CET1157723192.168.2.239.135.27.185
        Dec 23, 2022 05:50:51.649583101 CET1157723192.168.2.2320.50.3.2
        Dec 23, 2022 05:50:51.649585009 CET1157723192.168.2.2319.252.200.73
        Dec 23, 2022 05:50:51.649585962 CET1157723192.168.2.234.34.135.15
        Dec 23, 2022 05:50:51.649585009 CET1157723192.168.2.2317.20.144.43
        Dec 23, 2022 05:50:51.649614096 CET115772323192.168.2.2323.153.248.99
        Dec 23, 2022 05:50:51.649614096 CET1157723192.168.2.2313.239.165.94
        Dec 23, 2022 05:50:51.649625063 CET1157723192.168.2.2318.28.108.196
        Dec 23, 2022 05:50:51.649636984 CET1157723192.168.2.2319.240.216.0
        Dec 23, 2022 05:50:51.649637938 CET1157723192.168.2.239.137.245.53
        Dec 23, 2022 05:50:51.649636984 CET1157723192.168.2.2317.199.209.103
        Dec 23, 2022 05:50:51.649645090 CET1157723192.168.2.238.20.140.180
        Dec 23, 2022 05:50:51.649645090 CET115772323192.168.2.2314.166.26.253
        Dec 23, 2022 05:50:51.649645090 CET1157723192.168.2.2323.221.207.201
        Dec 23, 2022 05:50:51.649646044 CET1157723192.168.2.234.235.133.145
        Dec 23, 2022 05:50:51.649645090 CET1157723192.168.2.2323.55.161.134
        Dec 23, 2022 05:50:51.649646044 CET1157723192.168.2.235.13.19.81
        Dec 23, 2022 05:50:51.649646044 CET1157723192.168.2.2314.10.206.108
        Dec 23, 2022 05:50:51.649646044 CET115772323192.168.2.2314.26.67.179
        Dec 23, 2022 05:50:51.649657965 CET1157723192.168.2.2322.190.176.144
        Dec 23, 2022 05:50:51.649658918 CET1157723192.168.2.2322.9.54.188
        Dec 23, 2022 05:50:51.649666071 CET1157723192.168.2.2318.198.134.89
        Dec 23, 2022 05:50:51.649666071 CET1157723192.168.2.231.23.152.124
        Dec 23, 2022 05:50:51.649687052 CET1157723192.168.2.2322.230.119.26
        Dec 23, 2022 05:50:51.649687052 CET115772323192.168.2.2320.180.251.78
        Dec 23, 2022 05:50:51.649692059 CET1157723192.168.2.2318.166.165.94
        Dec 23, 2022 05:50:51.649697065 CET1157723192.168.2.2317.132.14.103
        Dec 23, 2022 05:50:51.649697065 CET1157723192.168.2.2314.181.94.183
        Dec 23, 2022 05:50:51.649697065 CET1157723192.168.2.239.118.122.131
        Dec 23, 2022 05:50:51.649697065 CET1157723192.168.2.2319.16.216.78
        Dec 23, 2022 05:50:51.649697065 CET1157723192.168.2.239.237.43.40
        Dec 23, 2022 05:50:51.649707079 CET1157723192.168.2.2319.1.189.243
        Dec 23, 2022 05:50:51.649707079 CET1157723192.168.2.235.201.155.219
        Dec 23, 2022 05:50:51.649712086 CET1157723192.168.2.2317.18.79.104
        Dec 23, 2022 05:50:51.649714947 CET1157723192.168.2.2317.99.137.49
        Dec 23, 2022 05:50:51.649714947 CET1157723192.168.2.2313.97.110.148
        Dec 23, 2022 05:50:51.649717093 CET1157723192.168.2.2314.214.53.114
        Dec 23, 2022 05:50:51.649719954 CET1157723192.168.2.2323.106.180.211
        Dec 23, 2022 05:50:51.649722099 CET1157723192.168.2.231.224.9.191
        Dec 23, 2022 05:50:51.649741888 CET115772323192.168.2.2323.208.249.252
        Dec 23, 2022 05:50:51.649741888 CET1157723192.168.2.231.155.123.106
        Dec 23, 2022 05:50:51.649743080 CET1157723192.168.2.231.56.6.54
        Dec 23, 2022 05:50:51.649751902 CET1157723192.168.2.2323.246.156.188
        Dec 23, 2022 05:50:51.649751902 CET1157723192.168.2.238.168.131.50
        Dec 23, 2022 05:50:51.649766922 CET1157723192.168.2.2317.35.73.217
        Dec 23, 2022 05:50:51.649766922 CET1157723192.168.2.239.128.68.194
        Dec 23, 2022 05:50:51.649776936 CET1157723192.168.2.2320.59.47.243
        Dec 23, 2022 05:50:51.649782896 CET115772323192.168.2.235.185.161.43
        Dec 23, 2022 05:50:51.649784088 CET1157723192.168.2.2319.254.86.73
        Dec 23, 2022 05:50:51.649806023 CET1157723192.168.2.2322.142.49.150
        Dec 23, 2022 05:50:51.649806023 CET1157723192.168.2.234.43.202.112
        Dec 23, 2022 05:50:51.649811029 CET1157723192.168.2.2319.201.145.32
        Dec 23, 2022 05:50:51.649811983 CET1157723192.168.2.231.98.142.255
        Dec 23, 2022 05:50:51.649828911 CET1157723192.168.2.2319.31.9.176
        Dec 23, 2022 05:50:51.649832010 CET1157723192.168.2.2318.204.24.142
        Dec 23, 2022 05:50:51.649832010 CET1157723192.168.2.2318.160.132.164
        Dec 23, 2022 05:50:51.649840117 CET1157723192.168.2.239.125.69.14
        Dec 23, 2022 05:50:51.649861097 CET1157723192.168.2.238.170.227.187
        Dec 23, 2022 05:50:51.649861097 CET1157723192.168.2.2320.171.211.127
        Dec 23, 2022 05:50:51.649871111 CET1157723192.168.2.2312.224.113.128
        Dec 23, 2022 05:50:51.649880886 CET1157723192.168.2.2322.34.60.157
        Dec 23, 2022 05:50:51.649888039 CET115772323192.168.2.2314.198.223.30
        Dec 23, 2022 05:50:51.649888039 CET1157723192.168.2.2323.17.222.134
        Dec 23, 2022 05:50:51.649894953 CET1157723192.168.2.231.100.173.255
        Dec 23, 2022 05:50:51.649894953 CET115772323192.168.2.2320.144.60.157
        Dec 23, 2022 05:50:51.649897099 CET1157723192.168.2.2313.212.113.24
        Dec 23, 2022 05:50:51.649916887 CET1157723192.168.2.2314.138.134.236
        Dec 23, 2022 05:50:51.649933100 CET1157723192.168.2.2314.62.241.108
        Dec 23, 2022 05:50:51.649935961 CET1157723192.168.2.238.24.148.241
        Dec 23, 2022 05:50:51.649935961 CET1157723192.168.2.2313.122.205.99
        Dec 23, 2022 05:50:51.649961948 CET1157723192.168.2.231.39.181.46
        Dec 23, 2022 05:50:51.649964094 CET1157723192.168.2.2319.192.207.84
        Dec 23, 2022 05:50:51.649971962 CET1157723192.168.2.2323.41.194.230
        Dec 23, 2022 05:50:51.649971962 CET1157723192.168.2.238.139.40.127
        Dec 23, 2022 05:50:51.649993896 CET1157723192.168.2.2312.189.44.186
        Dec 23, 2022 05:50:51.649993896 CET1157723192.168.2.2317.132.50.137
        Dec 23, 2022 05:50:51.649996996 CET1157723192.168.2.2317.30.147.229
        Dec 23, 2022 05:50:51.650006056 CET1157723192.168.2.2313.1.78.98
        Dec 23, 2022 05:50:51.650005102 CET1157723192.168.2.2313.169.90.175
        Dec 23, 2022 05:50:51.650006056 CET1157723192.168.2.2323.126.185.132
        Dec 23, 2022 05:50:51.650005102 CET1157723192.168.2.2317.170.28.53
        Dec 23, 2022 05:50:51.650005102 CET1157723192.168.2.239.19.134.240
        Dec 23, 2022 05:50:51.650005102 CET1157723192.168.2.2323.187.119.120
        Dec 23, 2022 05:50:51.650006056 CET1157723192.168.2.2318.231.148.69
        Dec 23, 2022 05:50:51.650006056 CET1157723192.168.2.2317.247.183.194
        Dec 23, 2022 05:50:51.650006056 CET1157723192.168.2.2313.222.188.127
        Dec 23, 2022 05:50:51.650006056 CET1157723192.168.2.2318.29.164.81
        Dec 23, 2022 05:50:51.650017977 CET1157723192.168.2.234.208.219.93
        Dec 23, 2022 05:50:51.650018930 CET1157723192.168.2.231.142.235.219
        Dec 23, 2022 05:50:51.650024891 CET1157723192.168.2.2318.107.83.28
        Dec 23, 2022 05:50:51.650024891 CET1157723192.168.2.2322.123.95.229
        Dec 23, 2022 05:50:51.650024891 CET115772323192.168.2.2323.122.70.183
        Dec 23, 2022 05:50:51.650024891 CET1157723192.168.2.2317.201.183.193
        Dec 23, 2022 05:50:51.650032997 CET1157723192.168.2.235.222.128.216
        Dec 23, 2022 05:50:51.650032997 CET1157723192.168.2.2323.62.235.156
        Dec 23, 2022 05:50:51.650059938 CET1157723192.168.2.2320.218.235.27
        Dec 23, 2022 05:50:51.650059938 CET1157723192.168.2.2320.170.216.40
        Dec 23, 2022 05:50:51.650060892 CET115772323192.168.2.2323.44.164.88
        Dec 23, 2022 05:50:51.650060892 CET1157723192.168.2.2313.131.219.175
        Dec 23, 2022 05:50:51.650060892 CET1157723192.168.2.2313.223.62.163
        Dec 23, 2022 05:50:51.650063038 CET1157723192.168.2.238.56.40.60
        Dec 23, 2022 05:50:51.650067091 CET1157723192.168.2.235.39.115.164
        Dec 23, 2022 05:50:51.650067091 CET1157723192.168.2.2317.53.169.24
        Dec 23, 2022 05:50:51.650070906 CET1157723192.168.2.239.28.128.83
        Dec 23, 2022 05:50:51.650070906 CET1157723192.168.2.238.93.253.106
        Dec 23, 2022 05:50:51.650079012 CET1157723192.168.2.2320.147.141.55
        Dec 23, 2022 05:50:51.650080919 CET1157723192.168.2.235.61.155.218
        Dec 23, 2022 05:50:51.650084019 CET1157723192.168.2.2323.80.142.62
        Dec 23, 2022 05:50:51.650084019 CET1157723192.168.2.2323.2.215.162
        Dec 23, 2022 05:50:51.650096893 CET1157723192.168.2.2319.240.227.145
        Dec 23, 2022 05:50:51.650105000 CET1157723192.168.2.235.148.210.6
        Dec 23, 2022 05:50:51.650113106 CET1157723192.168.2.2312.195.84.152
        Dec 23, 2022 05:50:51.650113106 CET1157723192.168.2.2322.208.195.141
        Dec 23, 2022 05:50:51.650122881 CET1157723192.168.2.231.116.181.68
        Dec 23, 2022 05:50:51.650127888 CET1157723192.168.2.238.114.89.67
        Dec 23, 2022 05:50:51.650131941 CET115772323192.168.2.235.10.39.76
        Dec 23, 2022 05:50:51.650131941 CET1157723192.168.2.2322.95.93.217
        Dec 23, 2022 05:50:51.650135040 CET1157723192.168.2.2320.102.174.158
        Dec 23, 2022 05:50:51.650135040 CET115772323192.168.2.2317.241.85.251
        Dec 23, 2022 05:50:51.650135040 CET1157723192.168.2.238.149.7.135
        Dec 23, 2022 05:50:51.650135040 CET1157723192.168.2.235.19.236.71
        Dec 23, 2022 05:50:51.650135040 CET1157723192.168.2.2317.134.148.104
        Dec 23, 2022 05:50:51.650135040 CET1157723192.168.2.2319.54.47.43
        Dec 23, 2022 05:50:51.650135994 CET1157723192.168.2.239.10.30.100
        Dec 23, 2022 05:50:51.650140047 CET115772323192.168.2.2312.246.208.101
        Dec 23, 2022 05:50:51.650135994 CET1157723192.168.2.2314.47.43.151
        Dec 23, 2022 05:50:51.650140047 CET1157723192.168.2.2323.47.237.116
        Dec 23, 2022 05:50:51.650163889 CET1157723192.168.2.2312.140.228.63
        Dec 23, 2022 05:50:51.650177956 CET1157723192.168.2.2319.197.22.164
        Dec 23, 2022 05:50:51.650177956 CET1157723192.168.2.235.2.235.205
        Dec 23, 2022 05:50:51.650188923 CET1157723192.168.2.2317.68.109.174
        Dec 23, 2022 05:50:51.650194883 CET1157723192.168.2.2313.246.213.95
        Dec 23, 2022 05:50:51.650194883 CET1157723192.168.2.2313.50.121.249
        Dec 23, 2022 05:50:51.650204897 CET1157723192.168.2.2313.174.133.53
        Dec 23, 2022 05:50:51.650214911 CET1157723192.168.2.238.80.62.11
        Dec 23, 2022 05:50:51.650217056 CET115772323192.168.2.239.51.97.219
        Dec 23, 2022 05:50:51.650233984 CET1157723192.168.2.2319.38.230.140
        Dec 23, 2022 05:50:51.650233984 CET1157723192.168.2.2312.64.94.77
        Dec 23, 2022 05:50:51.650233984 CET1157723192.168.2.2317.103.64.32
        Dec 23, 2022 05:50:51.650250912 CET1157723192.168.2.2314.171.86.144
        Dec 23, 2022 05:50:51.650279999 CET1157723192.168.2.2318.162.163.241
        Dec 23, 2022 05:50:51.650296926 CET1157723192.168.2.2320.119.234.199
        Dec 23, 2022 05:50:51.650312901 CET1157723192.168.2.235.118.197.30
        Dec 23, 2022 05:50:51.650314093 CET115772323192.168.2.2314.35.183.38
        Dec 23, 2022 05:50:51.650321007 CET1157723192.168.2.239.24.97.160
        Dec 23, 2022 05:50:51.650321007 CET1157723192.168.2.2317.196.159.131
        Dec 23, 2022 05:50:51.650326014 CET1157723192.168.2.2313.41.35.92
        Dec 23, 2022 05:50:51.650335073 CET1157723192.168.2.231.238.59.136
        Dec 23, 2022 05:50:51.650335073 CET1157723192.168.2.235.36.112.93
        Dec 23, 2022 05:50:51.650351048 CET1157723192.168.2.2319.39.144.80
        Dec 23, 2022 05:50:51.650352001 CET1157723192.168.2.2320.105.54.55
        Dec 23, 2022 05:50:51.650351048 CET1157723192.168.2.2313.199.16.248
        Dec 23, 2022 05:50:51.650360107 CET1157723192.168.2.2318.225.8.152
        Dec 23, 2022 05:50:51.650362015 CET115772323192.168.2.2318.104.234.176
        Dec 23, 2022 05:50:51.650367022 CET1157723192.168.2.234.117.162.76
        Dec 23, 2022 05:50:51.650367975 CET1157723192.168.2.2319.128.30.238
        Dec 23, 2022 05:50:51.650387049 CET1157723192.168.2.235.230.196.214
        Dec 23, 2022 05:50:51.650388002 CET1157723192.168.2.239.206.209.189
        Dec 23, 2022 05:50:51.650387049 CET1157723192.168.2.234.133.64.191
        Dec 23, 2022 05:50:51.650392056 CET1157723192.168.2.235.42.60.38
        Dec 23, 2022 05:50:51.650397062 CET1157723192.168.2.231.248.114.71
        Dec 23, 2022 05:50:51.650408030 CET1157723192.168.2.2320.156.250.82
        Dec 23, 2022 05:50:51.650408030 CET1157723192.168.2.2313.94.195.134
        Dec 23, 2022 05:50:51.650418043 CET1157723192.168.2.2323.22.231.7
        Dec 23, 2022 05:50:51.650423050 CET115772323192.168.2.2314.2.103.251
        Dec 23, 2022 05:50:51.650425911 CET1157723192.168.2.2318.176.33.76
        Dec 23, 2022 05:50:51.650425911 CET1157723192.168.2.2317.103.140.199
        Dec 23, 2022 05:50:51.650425911 CET1157723192.168.2.2323.90.146.97
        Dec 23, 2022 05:50:51.650425911 CET1157723192.168.2.2317.223.76.176
        Dec 23, 2022 05:50:51.650430918 CET1157723192.168.2.2322.141.15.175
        Dec 23, 2022 05:50:51.650430918 CET1157723192.168.2.235.149.79.3
        Dec 23, 2022 05:50:51.650433064 CET1157723192.168.2.235.218.59.206
        Dec 23, 2022 05:50:51.650441885 CET1157723192.168.2.238.99.213.220
        Dec 23, 2022 05:50:51.650441885 CET115772323192.168.2.2323.127.131.4
        Dec 23, 2022 05:50:51.650444031 CET1157723192.168.2.234.84.242.72
        Dec 23, 2022 05:50:51.650449991 CET1157723192.168.2.235.150.60.75
        Dec 23, 2022 05:50:51.650464058 CET1157723192.168.2.2323.158.170.55
        Dec 23, 2022 05:50:51.650473118 CET1157723192.168.2.2322.77.241.68
        Dec 23, 2022 05:50:51.650515079 CET1157723192.168.2.2323.20.166.147
        Dec 23, 2022 05:50:51.650527000 CET1157723192.168.2.2312.235.63.164
        Dec 23, 2022 05:50:51.650527000 CET1157723192.168.2.234.134.111.157
        Dec 23, 2022 05:50:51.650527000 CET1157723192.168.2.239.187.163.1
        Dec 23, 2022 05:50:51.650527000 CET115772323192.168.2.239.236.106.76
        Dec 23, 2022 05:50:51.650531054 CET1157723192.168.2.2323.6.30.30
        Dec 23, 2022 05:50:51.650544882 CET1157723192.168.2.2318.50.92.70
        Dec 23, 2022 05:50:51.650549889 CET1157723192.168.2.2320.8.166.235
        Dec 23, 2022 05:50:51.650552034 CET1157723192.168.2.235.45.134.220
        Dec 23, 2022 05:50:51.650567055 CET1157723192.168.2.2319.160.172.204
        Dec 23, 2022 05:50:51.650567055 CET1157723192.168.2.231.47.2.97
        Dec 23, 2022 05:50:51.650588989 CET1157723192.168.2.234.67.239.16
        Dec 23, 2022 05:50:51.650592089 CET1157723192.168.2.234.73.196.75
        Dec 23, 2022 05:50:51.650588989 CET1157723192.168.2.2319.186.91.19
        Dec 23, 2022 05:50:51.650588989 CET115772323192.168.2.231.60.193.19
        Dec 23, 2022 05:50:51.650592089 CET1157723192.168.2.2319.93.191.104
        Dec 23, 2022 05:50:51.650600910 CET1157723192.168.2.2319.131.122.204
        Dec 23, 2022 05:50:51.650600910 CET1157723192.168.2.2317.54.116.144
        Dec 23, 2022 05:50:51.650602102 CET1157723192.168.2.2313.251.145.119
        Dec 23, 2022 05:50:51.650639057 CET1157723192.168.2.2320.136.93.139
        Dec 23, 2022 05:50:51.650645971 CET1157723192.168.2.2323.241.1.176
        Dec 23, 2022 05:50:51.650655985 CET1157723192.168.2.235.173.189.138
        Dec 23, 2022 05:50:51.650672913 CET1157723192.168.2.2313.0.80.82
        Dec 23, 2022 05:50:51.650674105 CET1157723192.168.2.2323.140.1.104
        Dec 23, 2022 05:50:51.653301001 CET38540420192.168.2.23159.253.120.185
        Dec 23, 2022 05:50:51.681052923 CET23115775.230.196.214192.168.2.23
        Dec 23, 2022 05:50:51.683654070 CET23115775.135.13.157192.168.2.23
        Dec 23, 2022 05:50:51.718225002 CET42038540159.253.120.185192.168.2.23
        Dec 23, 2022 05:50:51.718301058 CET38540420192.168.2.23159.253.120.185
        Dec 23, 2022 05:50:51.718364000 CET38540420192.168.2.23159.253.120.185
        Dec 23, 2022 05:50:51.772763968 CET42038540159.253.120.185192.168.2.23
        Dec 23, 2022 05:50:51.772839069 CET38540420192.168.2.23159.253.120.185
        Dec 23, 2022 05:50:51.776360989 CET23115775.102.211.61192.168.2.23
        Dec 23, 2022 05:50:51.782809019 CET231157712.29.146.170192.168.2.23
        Dec 23, 2022 05:50:51.827130079 CET42038540159.253.120.185192.168.2.23
        Dec 23, 2022 05:50:51.832027912 CET231157723.82.253.35192.168.2.23
        Dec 23, 2022 05:50:51.833739042 CET231157723.80.142.62192.168.2.23
        Dec 23, 2022 05:50:51.879358053 CET231157718.231.148.69192.168.2.23
        Dec 23, 2022 05:50:51.906990051 CET231157714.62.241.108192.168.2.23
        Dec 23, 2022 05:50:51.912698984 CET231157717.253.94.70192.168.2.23
        Dec 23, 2022 05:50:51.961395025 CET23115771.84.188.125192.168.2.23
        Dec 23, 2022 05:50:52.118313074 CET4251680192.168.2.23109.202.202.202
        Dec 23, 2022 05:51:01.721849918 CET38540420192.168.2.23159.253.120.185
        Dec 23, 2022 05:51:01.776284933 CET42038540159.253.120.185192.168.2.23
        Dec 23, 2022 05:51:01.776437044 CET42038540159.253.120.185192.168.2.23
        Dec 23, 2022 05:51:01.776508093 CET38540420192.168.2.23159.253.120.185
        Dec 23, 2022 05:51:07.733524084 CET43928443192.168.2.2391.189.91.42
        Dec 23, 2022 05:51:16.859483957 CET42038540159.253.120.185192.168.2.23
        Dec 23, 2022 05:51:16.859678984 CET38540420192.168.2.23159.253.120.185
        Dec 23, 2022 05:51:17.973043919 CET42836443192.168.2.2391.189.91.43
        Dec 23, 2022 05:51:22.068797112 CET4251680192.168.2.23109.202.202.202
        Dec 23, 2022 05:51:31.913680077 CET42038540159.253.120.185192.168.2.23
        Dec 23, 2022 05:51:31.913837910 CET38540420192.168.2.23159.253.120.185
        Dec 23, 2022 05:51:46.967448950 CET42038540159.253.120.185192.168.2.23
        Dec 23, 2022 05:51:46.967703104 CET38540420192.168.2.23159.253.120.185
        Dec 23, 2022 05:51:48.691353083 CET43928443192.168.2.2391.189.91.42
        Dec 23, 2022 05:52:01.833190918 CET38540420192.168.2.23159.253.120.185
        Dec 23, 2022 05:52:01.887605906 CET42038540159.253.120.185192.168.2.23
        Dec 23, 2022 05:52:01.887774944 CET38540420192.168.2.23159.253.120.185
        Dec 23, 2022 05:52:16.955513000 CET42038540159.253.120.185192.168.2.23
        Dec 23, 2022 05:52:16.955687046 CET38540420192.168.2.23159.253.120.185
        Dec 23, 2022 05:52:32.009463072 CET42038540159.253.120.185192.168.2.23
        Dec 23, 2022 05:52:32.009602070 CET38540420192.168.2.23159.253.120.185
        Dec 23, 2022 05:52:47.063402891 CET42038540159.253.120.185192.168.2.23
        Dec 23, 2022 05:52:47.063568115 CET38540420192.168.2.23159.253.120.185

        System Behavior

        General

        Start time:05:50:50
        Start date:23/12/2022
        Path:/tmp/GUBLtzXxUa.elf
        Arguments:/tmp/GUBLtzXxUa.elf
        File size:68368 bytes
        MD5 hash:1faa1af6c27ace22e101646179cc4b33

        Chronological Activities


        General

        Start time:05:50:50
        Start date:23/12/2022
        Path:/tmp/GUBLtzXxUa.elf
        Arguments:n/a
        File size:68368 bytes
        MD5 hash:1faa1af6c27ace22e101646179cc4b33

        Chronological Activities


        General

        Start time:05:50:50
        Start date:23/12/2022
        Path:/tmp/GUBLtzXxUa.elf
        Arguments:n/a
        File size:68368 bytes
        MD5 hash:1faa1af6c27ace22e101646179cc4b33

        Chronological Activities


        General

        Start time:05:50:50
        Start date:23/12/2022
        Path:/tmp/GUBLtzXxUa.elf
        Arguments:n/a
        File size:68368 bytes
        MD5 hash:1faa1af6c27ace22e101646179cc4b33

        General

        Start time:05:50:50
        Start date:23/12/2022
        Path:/tmp/GUBLtzXxUa.elf
        Arguments:n/a
        File size:68368 bytes
        MD5 hash:1faa1af6c27ace22e101646179cc4b33

        Chronological Activities