Sample details: 1f314777edacbdae4265c0d036e1bd99 --

Hashes
MD5: 1f314777edacbdae4265c0d036e1bd99
SHA1: 51667679ecba69810677f7d289a08dd93106b14b
SHA256: 18ee8c73c47e3dd99717a872c26ac95d22f6dff0a4eb54ac5436f2090a083783
SSDEEP: 768:mouzJseSM/5DX9OSyA3TpK2h7JJOUR0DCGeWxyyVBXtM7edUo+f1prwGkkQexba:moqa1MhNOSX3TpKV/eR7edJg1pkDd
Details
File Type: ELF
Added: 2019-10-09 12:41:56
Yara Hits
YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://50.115.168.100/lmaoWTF/loligang.m68k
Strings
		/lib/ld-uClibc.so.0
libc.so.0
connect
sigemptyset
memmove
getpid
readlink
malloc
recvfrom
socket
select
readdir
sigaddset
calloc
inet_addr
setsockopt
signal
unlink
sendto
realloc
listen
__uClibc_main
memset
getppid
opendir
getsockopt
__errno_location
setsid
closedir
sigprocmask
getsockname
_edata
__bss_start
$N^Nu/;
N^NuNV
N^NuNV
N^NuNV
 OHWHQHy
/BQxHoQxB
HoPpHoP
mHw	 (la
Hw	 (xa
 Ho(ha
Hw	 (pa
+Hw	 (|a
$Ho(ha
GHw	 (pa
>Ho(la
GHw	 (ta
Hw	 (la
GHw	 (|a
$Ho(ha
Hw	 (pa
GHw	 (
Hw	 (|N
GHw	 (lN
mHw	 (lN
Hw) (xHx
GHw	 (lN
<Hw	 (pN
Hw	 (pa
RHo(ta
Hw	 (|a
GHw	 (pa
GHw	 (pM
THw	 (pN
gTHo(hN
N^NuNV
PN^Nu#
N^NuNV
 N^Nu/
o2$	"D(
V SHx@
N^Nu"/
NuNq o
b(p7 B
$NuNuNV
N^NuNV
N^NuNV
N^NuPOST /cdn-cgi/
 HTTP/1.1
User-Agent: 
Host: 
Cookie: 
/proc/net/tcp
50.115.168.100
,9<0=$7
,7gaee
?8"efg
efg`ab
<=gael
75 edfm
5::=1fdef
5::=1fdeg
5::=1fde`
5::=1fdea
5::=1fdeb
?;d"=.,"
?;d509=:
758"=:
2=018efg
0125!8 
'!$$;& 
1$=7&;! 1&
9; ;&;85
91&8=:
93gadd
FGNGVGF
CLKOG"
QVCVWQ"
FTPjGNRGP"
lKeeGp
qMPCnmcfgp"
lKeeGpF
kW{EWHGkSL"
PMWVG"
ARWKLDM"
`memokrq"
NMACN"
UCVAJFME"
UCVAJFME"
}UCVAJFME"
LGVQNKLI
rpktoqe"
egvnmacnkr"
iknncvvi"
eJMQVuWXjGPG
QJGNN"
GLC@NG"
Q[QVGO"
@WQ[@MZ
CRRNGV
DMWLF"
LAMPPGAV"
@WQ[@MZ
@WQ[@MZ
vqMWPAG
gLEKLG
sWGP["
PGQMNT
LCOGQGPTGP
aMLLGAVKML
CNKTG"
cAAGRV
CRRNKACVKML
ZJVON	ZON
CRRNKACVKML
cAAGRV
nCLEWCEG
aMLVGLV
CRRNKACVKML
WPNGLAMFGF"
QGVaMMIKG
PGDPGQJ
NMACVKML
AMMIKG
AMLVGLV
NGLEVJ
VPCLQDGP
GLAMFKLE
AJWLIGF"
AMLLGAVKML
QGPTGP
FMQCPPGQV"
QGPTGP
ANMWFDNCPG
LEKLZ"
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
oCAKLVMQJ
cRRNGuG@iKV
tGPQKML
qCDCPK
oMXKNNC
AMORCVK@NG
uKLFMUQ
vPKFGLV
oMXKNNC
AMORCVK@NG
uKLFMUQ
vPKFGLV
kLDMrCVJ
oMXKNNC
AMORCVK@NG
uKLFMUQ
vPKFGLV
oqkgaPCUNGP
aGLVGP
oMXKNNC
AMORCVK@NG
uKLFMUQ
vPKFGLV
kLDMrCVJ
oMXKNNC
AMORCVK@NG
uKLFMUQ
vPKFGLV
dWLuG@rPMFWAVQ
oMXKNNC
oCAKLVMQJ
dKPGDMZ
oMXKNNC
oCAKLVMQJ
dKPGDMZ
oMXKNNC
oCAKLVMQJ
dKPGDMZ
oMXKNNC
oCAKLVMQJ
dKPGDMZ
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
CQQUMPF"
GLVGP"
FICMUHDKPJKCF
GFHICK"
.shstrtab
.interp
.dynsym
.dynstr
.rela.plt
.rodata
.ctors
.dtors
.dynamic