Sample details: 53b78a68be5656c160e1e9a0be305e02 --

Hashes
MD5: 53b78a68be5656c160e1e9a0be305e02
SHA1: 644fee47dfec08da77b405e3d34f205bbd19ec6a
SHA256: 0530ce3f5aef2cfbbccb9ba9109079a82c146ed927e40236bf4f205f0c7fb9ed
SSDEEP: 1536:YhOh9wyxDDZZijLFwFBGfIBC+Zm8ENC3G0rv3/fLrhoshasATT:Yh8THqKGujZmPNqG6/fLNHUT
Details
File Type: ELF
Yara Hits
YRP/contentis_base64 | YRP/domain | FlorianRoth/Mirai_Botnet_Malware |
Strings
		POST /cdn-cgi/
 HTTP/1.1
User-Agent: 
Host: 
Cookie: 
/proc/net/tcp
/dev/watchdog
/dev/misc/watchdog
abcdefghijklmnopqrstuvw012345678
ZOJFKRA
FGDCWNV
HWCLVGAJ
QWRRMPV
RCQQUMPF
QOACFOKL
cFOKLKQVPCVMP
OGKLQO
QGPTKAG
QWRGPTKQMP
CFOKLKQVPCVMP
Q[QVGO
FPGCO@MZ
PGCNVGI
OMVJGP
DWAIGP
assword
UJ[PUGJGPG
VPKRRNGQKZVMFGCVJ
FMOCKL
VPKRRNGQKZVMFGCVJ
NKQVGLKLE
uEzAs"
FGNGVGF
CLKOG"
QVCVWQ"
pgrmpv
jvvrdnmmf"
nmnlmevdm"
XMNNCPF"
egvnmacnkr"
QJGNN"
GLC@NG"
Q[QVGO"
@WQ[@MZ
okpck"
CRRNGV
DMWLF"
LAMPPGAV"
@WQ[@MZ
@WQ[@MZ
vqMWPAG
gLEKLG
sWGP["
PGQMNT
LCOGQGPTGP
aMLLGAVKML
CNKTG"
cAAGRV
CRRNKACVKML
ZJVON	ZON
CRRNKACVKML
cAAGRV
nCLEWCEG
aMLVGLV
CRRNKACVKML
WPNGLAMFGF"
QGVaMMIKG
PGDPGQJ
NMACVKML
AMMIKG
AMLVGLV
NGLEVJ
VPCLQDGP
GLAMFKLE
AJWLIGF"
CNKTG"
AMLLGAVKML
QGPTGP
FMQCPPGQV"
QGPTGP
ANMWFDNCPG
LEKLZ"
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
oCAKLVMQJ
cRRNGuG@iKV
tGPQKML
qCDCPK
/sys/devices/system/cpu
/proc/stat
ncpus probed
/proc/cpuinfo
ncpus active
/dev/null
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
GCC: (GNU) 4.2.1
.symtab
.strtab
.shstrtab
.rodata
.eh_frame
.ctors
.dtors
.comment
initfini.c
crtstuff.c
__CTOR_LIST__
__DTOR_LIST__
__EH_FRAME_BEGIN__
__JCR_LIST__
__do_global_dtors_aux
completed.4753
p.4751
call___do_global_dtors_aux
frame_dummy
object.4768
call_frame_dummy
__CTOR_END__
__DTOR_END__
__FRAME_END__
__JCR_END__
__do_global_ctors_aux
call___do_global_ctors_aux
attack_app.c
attack.c
attack_gre.c
attack_tcp.c
attack_udp.c
checksum.c
killer.c
main.c
anti_gdb_entry
resolve_cnc_addr
ensure_single_instance
local_bind.4562
C.28.4607
C.29.4608
rand.c
resolv.c
scanner.c
setup_connection
add_auth_entry
C.42.4746
table.c
util.c
__syscall_fcntl.c
chdir.c
getppid.c
ioctl.c
kill.c
prctl.c
readlink.c
select.c
__syscall_select
setsid.c
sigprocmask.c
time.c
unlink.c
closedir.c
opendir.c
fd_to_DIR
C.23.5636
readdir.c
__errno_location.c
clock.c
inet_makeaddr.c
accept.c
bind.c
connect.c
getsockname.c
getsockopt.c
listen.c
recv.c
recvfrom.c
send.c
sendto.c
setsockopt.c
socket.c
sigaddset.c
sigempty.c
signal.c
sigsetops.c
malloc.c
__malloc_largebin_index
calloc.c
realloc.c
free.c
__malloc_trim
abort.c
mylock
been_there_done_that
atol.c
strtol.c
_stdlib_strto_l.c
exit.c
sysconf.c
fork.c
libc-lowlevellock.c
getpid.c
raise.c
sleep.c
libc-cancellation.c
__uClibc_main.c
__pthread_return_0
__check_one_fd
__syscall_error.c
sigaction.c
__rt_sigreturn_stub
__sigreturn_stub
__socketcall.c
_exit.c
fstat.c
getdents.c
getdtablesize.c
getegid.c
geteuid.c
getgid.c
getpagesize.c
getrlimit.c
getuid.c
mmap.c
mremap.c
munmap.c
nanosleep.c
__syscall_nanosleep
sbrk.c
times.c
xstatconv.c
readdir64.c
parse_config.c
fclose.c
fopen.c
_fopen.c
_stdio.c
_stdio_streams
_fixed_buffers
_wcommit.c
fgetc.c
fgets.c
fflush_unlocked.c
fgetc_unlocked.c
fgets_unlocked.c
strchrnul.c
strcspn.c
strncmp.c
strspn.c
isatty.c
tcgetattr.c
inet_aton.c
sigjmp.c
libc-tls.c
init_static_tls
static_slotinfo
static_dtv
static_map
dl-support.c
getdents64.c
_READ.c
_WRITE.c
_rfill.c
_trans2r.c
mempcpy.c
llseek.c
__C_ctype_b.c
__C_ctype_b_data
errno.c
register-atfork.c
fork_handler_pool
__GI___ctype_b
__fini_array_end
__app_fini
__exit_cleanup
__fork_generation_pointer
__uclibc_progname
__rtld_fini
__fini_array_start
__init_array_end
__fork_handlers
__sparc32_atomic_locks
_stdio_term
__preinit_array_end
__fork_lock
_GLOBAL_OFFSET_TABLE_
_sigintr
__curbrk
_stdio_init
__init_array_start
__GI___errno_location
__preinit_array_start
__libc_sigaction
__GI_sigaddset
__socketcall
setjmp
conn_table
__GI_fopen
getrlimit
_stdio_openlist_use_count
__GI_sigaction
__GI_time
getgid
__getpid
sysconf
stdout
__GI_getpagesize
getdtablesize
fdopendir
__GI_strncmp
attack_gre_eth
attack_udp_generic
connect
__GI___uClibc_fini
sigemptyset
__pthread_mutex_lock
__sigdelset
util_stristr
__xstat32_conv
__uClibc_fini
geteuid
__getdents
__GI_setsid
memmove
__GI_fgetc
__stdio_trans2r_o
munmap
__GI_setsockopt
__libc_stack_end
__GI_fclose
__libc_fcntl
__write
getc_unlocked
__ctype_b
getegid
__GI_sbrk
__libc_accept
__GI___uClibc_init
attack_udp_plain
attack_udp_vse
__libc_h_errno
getpagesize
getpid
util_strncmp
__GI_lseek64
util_fdgets
__read
attack_get_opt_ip
_dl_tls_static_used
attack_tcp_ack
rt_sigaction
memcpy
__GI_fgets
__GI___open_nocancel
rand_init
readlink
_stdio_openlist_dec_use
__libc_select
__GI_fgetc_unlocked
__libc_nanosleep
__GI_fgets_unlocked
__pthread_mutex_init
getuid
malloc
__open
isatty
table_unlock_val
__GI_read
recvfrom
__GI___write_nocancel
__dso_handle
__GI_readdir
__nptl_deallocate_tsd
socket
select
_dl_nothread_init_static_tls
_pthread_cleanup_pop_restore
readdir
__GI___libc_fcntl
__GI_memset
__GI_closedir
__GI_accept
mempcpy
util_atoi
__GI_write
util_memsearch
__libc_read
__GI_opendir
attack_kill_all
__libc_disable_asynccancel
__GI_open
__GI_strchr
sigaddset
_dl_tls_static_align
__GI_tcgetattr
__environ
resolve_func
_dl_tls_max_dtv_idx
__fgetc_unlocked
__sigjmp_save
killer_realpath_len
__GI_fcntl
__GI_getgid
__open_nocancel
killer_realpath
strtol
__GI___read
__sigsetjmp
__GI_mempcpy
accept
__malloc_state
resolv_lookup
scanner_kill
__sigaddset
strrchr
nanosleep
__GI_send
h_errno
calloc
attack_ongoing
__pthread_mutex_unlock
__GI_exit
attack_init
rindex
__GI___sigismember
environ
__GI_close
methods
__pthread_mutex_trylock
__GI___sigaddset
__GI_brk
_dl_tls_static_size
__GI_nanosleep
LOCAL_ADDR
_stdio_openlist
__GI_sigprocmask
inet_addr
__GI___libc_write
__deregister_frame_info
util_strlen
util_zero
_stdio_openlist_del_count
setsockopt
bsd_signal
__GI_times
mremap
__GI_kill
__GI___open
__GI_memmove
__read_nocancel
__stdio_READ
__pthread_initialize_minimal
__GI_recv
__stdin
__GI_isatty
_dl_tls_dtv_slotinfo_list
__progname
_start
__GI___read_nocancel
__GI_ioctl
rand_str
__libc_errno
signal
attack_tcp_stomp
__xstat64_conv
__GI_memcpy
strncmp
table_retrieve_val
_stdio_user_locking
unlink
__GI___libc_close
program_invocation_short_name
sendto
__GI___C_ctype_b
scanner_init
table_key
realloc
_dl_tls_dtv_gaps
__libc_send
readdir64
killer_init
__GI_recvfrom
__GI_getrlimit
listen
attack_start
malloc_trim
__GI___fcntl_nocancel
rand_next
__stdio_rfill
__GI_sleep
sigaction
_dl_phdr
__GI_getc_unlocked
__uClibc_init
__GI_munmap
__getpagesize
__GI_mremap
attack_udp_dns
__syscall_error
__GI_getegid
__malloc_lock
__uClibc_main
__GI_fork
__libc_close
__GI_getpid
inet_aton
util_memcpy
_pthread_cleanup_push_defer
__sigismember
__bss_start
__libc_open
__pthread_unwind
__GI_strchrnul
resolv_entries_free
memset
scanner_pid
__GI_socket
srv_addr
util_local_addr
_dl_tls_setup
_dl_tls_generation
table_lock_val
__nptl_nthreads
fclose
getppid
tcgetattr
__libc_recvfrom
opendir
checksum_generic
__GI_abort
__GI___write
__GI___sigdelset
__GI___close_nocancel
__GI__exit
__GI_strrchr
attack_parse
__GI_sysconf
__h_errno_location
__libc_enable_asynccancel
fd_serv
_stdio_fopen
util_itoa
__GI_chdir
__write_nocancel
attack_tcp_syn
__GI_mmap
__GI_select
attack_app_http
strcspn
__GI_signal
stderr
__GI_readdir64
attack_get_opt_int
killer_kill_by_port
__C_ctype_b
__libc_setup_tls
__GI_sendto
__GI_sigemptyset
__libc_fork
__close_nocancel
__atexit_lock
attack_gre_ip
__fcntl_nocancel
auth_table_max_weight
killer_kill
util_strcmp
getsockopt
_dl_tls_static_nelem
fflush_unlocked
__stdio_wcommit
attack_get_opt_str
__GI___fgetc_unlocked
__GI_unlink
killer_pid
__pagesize
_stdio_openlist_add_lock
methods_len
__GI_getdtablesize
__close
_edata
__stdout
__GI___close
__GI_fflush_unlocked
__GI_fstat
__GI_listen
util_strcpy
__GI_strspn
fgetc_unlocked
__GI_connect
__GI_readlink
_dl_phnum
scanner_rawpkt
__errno_location
pending_connection
_stdlib_strto_l
__GI___libc_open
__stdio_WRITE
__GI_geteuid
auth_table_len
checksum_tcpudp
_dl_aux_init
table_init
fd_ctrl
_stdio_openlist_del_lock
__GI_inet_aton
_setjmp
fgets_unlocked
__GI_bind
auth_table
strspn
__libc_recv
__getdents64
__lll_lock_wait_private
strlen
lseek64
program_invocation_name
__libc_write
__malloc_consolidate
__GI_strtol
__GI_getuid
__fork
__libc_sendto
__GI_config_read
strchr
fake_time
__GI_raise
setsid
__GI_inet_addr
__GI_config_open
closedir
_Jv_RegisterClasses
__GI___libc_read
strchrnul
rsck_out
__GI_atoi
__register_frame_info
__GI_getsockname
rand_alphastr
__GI_config_close
__libc_connect
__GI_strlen
__progname_full
__GI_strcspn
sigprocmask
getsockname