Sample details: 79992846a4d5b4e7109aa470bb8b8d26 --

Hashes
MD5: 79992846a4d5b4e7109aa470bb8b8d26
SHA1: 2106bdb3fa85819b77dfedb84d821b3a66b8611c
SHA256: c5afa5cbc7239456419a8f2f66ebd6ee4dcd0627dc68a3032f0f2725ad6b5c39
SSDEEP: 3072:5I1CSeHts4SZkOObzHyDbHWslGSLoM8jli:3SeHa4hq/2/jli
Details
File Type: ELF
Yara Hits
YRP/maldoc_getEIP_method_1 | YRP/domain | YRP/contentis_base64 | YRP/Mirai_3 | FlorianRoth/Mirai_Botnet_Malware |
Strings
		D$(j@j
D$$j@j
D$(_]j
;|$(t:WWj
D$ j@j
\$H9\$
D$ j@j
< t <	t
C)QQWP
D$ JR**
>:tGQQj/W
t0RRSV
y$PPSV
l$4XZh
f;D$Pu
;T$(}Q
D$$PSV
s/;%,p
s/;%,p
\$(iD$
s/;%,p
s/;%,p
D$pQQjXPR
s/;%,p
s/;%,p
s/;%,p
s/;%,p
s/;%,p
s/;%,p
T$4XZj
~	<mtN
ZY[^_]
xAPPSh
\$0PPj
}/C;T$
u%WWSS
t@;D$xu
whQWUR
|$'fto
F,QQPW
D$,3D$(P
D$$QQPh
u\PPSV
T$$)D$
POST /cdn-cgi/
 HTTP/1.1
User-Agent: 
Host: 
Cookie: 
/proc/net/tcp
/proc/net/tcp6
[killer] Found pid %d for port %d
/dev/watchdog
/dev/misc/watchdog
start main
write EINTR
http://
%s 200 OK
Content-Length:
Keep-Alive:
Proxy-Connection: 
Connection: close
CONNECT
forwarder done
abcdefghijklmnopqrstuvw012345678
ZOJFKRA
FGDCWNV
HWCLVGAJ
QWRRMPV
RCQQUMPF
QOACFOKL
OGKLQO
cFOKLKQVPCVMP
QGPTKAG
QWRGPTKQMP
CFOKLKQVPCVMP
Q[QVGO
FPGCO@MZ
PGCNVGI
DWAIGP
OMVJGP
EPMWVGP
assword
ALA@MV
QRCAG"
PGRMPV
QRCAG"
NKQVGLKLE
uEzAs"
FGNGVGF
CLKOG"
QVCVWQ"
pgrmpv
jvvrdnmmf"
nmnlmevdm"
XMNNCPF"
egvnmacnkr"
QJGNN"
GLC@NG"
Q[QVGO"
@WQ[@MZ
okpck"
CRRNGV
DMWLF"
LAMPPGAV"
@WQ[@MZ
@WQ[@MZ
vqMWPAG
gLEKLG
sWGP["
PGQMNT
LCOGQGPTGP
aMLLGAVKML
CNKTG"
QGVaMMIKG
PGDPGQJ
NMACVKML
AMMIKG
AMLVGLV
NGLEVJ
VPCLQDGP
GLAMFKLE
AJWLIGF"
AMLLGAVKML
QGPTGP
FMQCPPGQV"
QGPTGP
ANMWFDNCPG
LEKLZ"
QRCAG"
cAAGRV
CRRNKACVKML
ZJVON	ZON
CRRNKACVKML
cAAGRV
nCLEWCEG
aMLVGLV
CRRNKACVKML
WPNGLAMFGF"
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
uKLFMUQ
cRRNGuG@iKV
aJPMOG
qCDCPK
oMXKNNC
oCAKLVMQJ
cRRNGuG@iKV
tGPQKML
qCDCPK
(null)
hlLjztqZ
npxXoudifFeEgGaACScs
 +0-#'I
Unknown error 
Success
Operation not permitted
No such file or directory
No such process
Interrupted system call
Input/output error
No such device or address
Argument list too long
Exec format error
Bad file descriptor
No child processes
Resource temporarily unavailable
Cannot allocate memory
Permission denied
Bad address
Block device required
Device or resource busy
File exists
Invalid cross-device link
No such device
Not a directory
Is a directory
Invalid argument
Too many open files in system
Too many open files
Inappropriate ioctl for device
Text file busy
File too large
No space left on device
Illegal seek
Read-only file system
Too many links
Broken pipe
Numerical argument out of domain
Numerical result out of range
Resource deadlock avoided
File name too long
No locks available
Function not implemented
Directory not empty
Too many levels of symbolic links
No message of desired type
Identifier removed
Channel number out of range
Level 2 not synchronized
Level 3 halted
Level 3 reset
Link number out of range
Protocol driver not attached
No CSI structure available
Level 2 halted
Invalid exchange
Invalid request descriptor
Exchange full
No anode
Invalid request code
Invalid slot
Bad font file format
Device not a stream
No data available
Timer expired
Out of streams resources
Machine is not on the network
Package not installed
Object is remote
Link has been severed
Advertise error
Srmount error
Communication error on send
Protocol error
Multihop attempted
RFS specific error
Bad message
Value too large for defined data type
Name not unique on network
File descriptor in bad state
Remote address changed
Can not access a needed shared library
Accessing a corrupted shared library
.lib section in a.out corrupted
Attempting to link in too many shared libraries
Cannot exec a shared library directly
Invalid or incomplete multibyte or wide character
Interrupted system call should be restarted
Streams pipe error
Too many users
Socket operation on non-socket
Destination address required
Message too long
Protocol wrong type for socket
Protocol not available
Protocol not supported
Socket type not supported
Operation not supported
Protocol family not supported
Address family not supported by protocol
Address already in use
Cannot assign requested address
Network is down
Network is unreachable
Network dropped connection on reset
Software caused connection abort
Connection reset by peer
No buffer space available
Transport endpoint is already connected
Transport endpoint is not connected
Cannot send after transport endpoint shutdown
Too many references: cannot splice
Connection timed out
Connection refused
Host is down
No route to host
Operation already in progress
Operation now in progress
Stale NFS file handle
Structure needs cleaning
Not a XENIX named type file
No XENIX semaphores available
Is a named type file
Remote I/O error
Disk quota exceeded
No medium found
Wrong medium type
/dev/null
clntudp_create: out of memory
xdr_string: out of memory
xdr_bytes: out of memory
__get_myaddress: socket
__get_myaddress: ioctl (get interface configuration)
__get_myaddress: ioctl
Cannot register service
%s%s%m
.shstrtab
.rodata
.ctors
.dtors