Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: 2ff923596aa93ab6d03e3e970b5e1198 --

Hashes
MD5: 2ff923596aa93ab6d03e3e970b5e1198
SHA1: df0da64a52b8ed7f16e224acfed77225f5e762aa
SHA256: 446a8cb09e059b0266120c99ed9779d5daf91a36b0f17e6da9e80235352b6409
SSDEEP: 1536:enGHbljbND5sb//Gh6dj5eWZ0Rqkkixc:kG7pbNDCHGm5eWZwqkpq
Details
File Type: ELF
Yara Hits
YRP/maldoc_getEIP_method_1 | YRP/contentis_base64 | YRP/domain | YRP/IP | FlorianRoth/Mirai_Botnet_Malware |
Strings
		L$d9L$p
D$p9D$,
r[2016-12-10 22:53:57 UTC] [78.188.139.60:39418] SESSION_END
D$(j@j
D$$j@j
D$(_]j
;|$(t:WWj
D$ j@j
\$H9\$
D$ j@j
< t <	t
C)QQWP
D$ JR**
f;D$Pu
;T$(}Q
D$$PSV
xAPPSh`k
\$Th@h
\$0PPj
}/C;T$
t$$hph
u%WWSS
t@;D$xu
POST /cdn-cgi/
 HTTP/1.1
User-Agent: 
Host: 
Cookie: 
/proc/net/tcp
/dev/watchdog
/dev/misc/watchdog
abcdefghijklmnopqrstuvw012345678
ZOJFKRA
FGDCWNV
HWCLVGAJ
QWRRMPV
RCQQUMPF
QOACFOKL
OGKLQO
cFOKLKQVPCVMP
QGPTKAG
QWRGPTKQMP
CFOKLKQVPCVMP
Q[QVGO
FPGCO@MZ
PGCNVGI
DWAIGP
OMVJGP
assword
DPGGRGKL
DPGGRGKL
NKQVGLKLE
uEzAs"
FGNGVGF
CLKOG"
QVCVWQ"
pgrmpv
jvvrdnmmf"
nmnlmevdm"
XMNNCPF"
egvnmacnkr"
QJGNN"
GLC@NG"
Q[QVGO"
@WQ[@MZ
vJGrMMPqNWV"
LAMPPGAV"
@WQ[@MZ
@WQ[@MZ
vqMWPAG
gLEKLG
sWGP["
PGQMNT
LCOGQGPTGP
aMLLGAVKML
CNKTG"
QGVaMMIKG
PGDPGQJ
NMACVKML
AMMIKG
AMLVGLV
NGLEVJ
VPCLQDGP
GLAMFKLE
AJWLIGF"
AMLLGAVKML
QGPTGP
FMQCPPGQV"
QGPTGP
ANMWFDNCPG
LEKLZ"
vJGrMMPqNWV
CRRNGV
DMWLF"
cAAGRV
CRRNKACVKML
ZJVON	ZON
CRRNKACVKML
cAAGRV
nCLEWCEG
aMLVGLV
CRRNKACVKML
WPNGLAMFGF"
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
oCAKLVMQJ
cRRNGuG@iKV
tGPQKML
qCDCPK
/dev/null
.shstrtab
.rodata
.ctors
.dtors