Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: 5687fcea772c382ec3eba30e7474fbbe --

Hashes
MD5: 5687fcea772c382ec3eba30e7474fbbe
SHA1: 7b02c93b9161e53931e70ab149d4beddfbd89d4a
SHA256: c0a341e8a79a43955f23c48460a3042a1b9dcc418b9b309fd427aa7f8e9dfc74
SSDEEP: 768:uOterkWBSOd7Z7dbgVZBpbVmMzdfBGWOdc0E6SRyZktA:uOt+t7Z7dbgVTZVmMyWwc0E6WyZk
Details
File Type: ELF
Yara Hits
YRP/maldoc_getEIP_method_1 | YRP/domain | YRP/contentis_base64 | FlorianRoth/Mirai_Botnet_Malware |
Strings
		PTRh60
D$Lhm0
L$d9L$p
D$p9D$,
D$(j@j
D$$j@j
D$(_]j
;|$(t:WWj
D$ j@j
\$H9\$
D$ j@j
< t <	t
C)QQWP
D$ JR**
;T$(}Q
D$$PSV
xAPPSh
\$Th<@
\$0PPj
}/C;T$
t$$hl@
u%WWSS
t@;D$xu
POST /cdn-cgi/
 HTTP/1.1
User-Agent: 
Host: 
Cookie: 
/proc/net/tcp
/dev/watchdog
/dev/misc/watchdog
abcdefghijklmnopqrstuvw012345678
OMLGNNM
NKQVGLKLE
uEzAs"
FGNGVGF
CLKOG"
QVCVWQ"
pgrmpv
jvvrdnmmf"
nmnlmevdm"
XMNNCPF"
egvnmacnkr"
QJGNN"
GLC@NG"
Q[QVGO"
@WQ[@MZ
okpck"
CRRNGV
DMWLF"
LAMPPGAV"
@WQ[@MZ
@WQ[@MZ
vqMWPAG
gLEKLG
sWGP["
PGQMNT
LCOGQGPTGP
aMLLGAVKML
CNKTG"
QGVaMMIKG
PGDPGQJ
NMACVKML
AMMIKG
AMLVGLV
NGLEVJ
VPCLQDGP
GLAMFKLE
AJWLIGF"
AMLLGAVKML
QGPTGP
FMQCPPGQV"
QGPTGP
ANMWFDNCPG
LEKLZ"
cAAGRV
CRRNKACVKML
ZJVON	ZON
CRRNKACVKML
cAAGRV
nCLEWCEG
aMLVGLV
CRRNKACVKML
WPNGLAMFGF"
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
oCAKLVMQJ
cRRNGuG@iKV
tGPQKML
qCDCPK
/dev/null
.shstrtab
.rodata
.ctors
.dtors