Warning! We are currently in recovery mode. The complete archive is not available.

Sample details: 5803bd08bb5e7243d8f9013a07090e9f --

Hashes
MD5: 5803bd08bb5e7243d8f9013a07090e9f
SHA1: 07c4af77b4f17245bf808e9bcec3308d6157f435
SHA256: 895081e76a33ad35c43d78e7f05a6dfb06df2591b56c79cec3a27f631d9ebbe0
SSDEEP: 1536:2OhTy1D0OaXX7K2IC5y3hWWGmsV+CL+C:BTyJ0OaXW3C03wWRsUU+C
Details
File Type: ELF
Yara Hits
YRP/maldoc_getEIP_method_1 | YRP/contentis_base64 | YRP/domain | FlorianRoth/Mirai_Botnet_Malware |
Strings
		D$DhTI
D$Lh-I
L$d9L$p
D$p9D$,
D$(j@j
D$$j@j
D$(_]j
;|$(t:WWj
D$ j@j
\$H9\$
D$ j@j
< t <	t
C)QQWP
D$ JR**
f;D$Pu
;T$(}Q
D$$PSV
xAPPSh
\$0PPj
D$ [Xj
}/C;T$
u%WWSS
PPSh@R
t@;D$xu
POST /cdn-cgi/
 HTTP/1.1
User-Agent: 
Host: 
Cookie: 
/proc/net/tcp
killall telnetd
/dev/watchdog
/dev/misc/watchdog
abcdefghijklmnopqrstuvw012345678
FGDCWNV
TQVCPACO
cFOKLKQVPCVMP
assword
GPVUGP
TFQIEG
TFQIEG
NKQVGLKLE
uEzAs"
FGNGVGF
CLKOG"
QVCVWQ"
pgrmpv
jvvrdnmmf"
nmnlmevdm"
XMNNCPF"
egvnmacnkr"
QJGNN"
GLC@NG"
Q[QVGO"
@WQ[@MZ
okpck"
CRRNGV
DMWLF"
LAMPPGAV"
@WQ[@MZ
@WQ[@MZ
vqMWPAG
gLEKLG
sWGP["
PGQMNT
LCOGQGPTGP
aMLLGAVKML
CNKTG"
QGVaMMIKG
PGDPGQJ
NMACVKML
AMMIKG
AMLVGLV
NGLEVJ
VPCLQDGP
GLAMFKLE
AJWLIGF"
AMLLGAVKML
QGPTGP
FMQCPPGQV"
QGPTGP
ANMWFDNCPG
LEKLZ"
cAAGRV
CRRNKACVKML
ZJVON	ZON
CRRNKACVKML
cAAGRV
nCLEWCEG
aMLVGLV
CRRNKACVKML
WPNGLAMFGF"
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
oCAKLVMQJ
cRRNGuG@iKV
tGPQKML
qCDCPK
/bin/sh
/dev/null
.shstrtab
.rodata
.ctors
.dtors