Sample details: e7d160c59eb5ad348047e493a0218097 --

Hashes
MD5: e7d160c59eb5ad348047e493a0218097
SHA1: 77246cc7157691d0d1b400612f8c835f61c448f8
SHA256: 2168a6f4f5ad75ba3eaa1d0ff1a5ee36689369c83385d6a8e41c905155dfbe1d
SSDEEP: 1536:e98b4EmDIdV5LTepgWncXy8olDmF+l2OZ/fufYEZ:zb4EmDI1LeNcxYmEl2OZXufYEZ
Details
File Type: ELF
Yara Hits
YRP/maldoc_getEIP_method_1 | YRP/domain | YRP/IP | YRP/contentis_base64 |
Source
http://134.209.35.212/Demon.i686
Strings
		D$TPh(
xAPPSh 
D$, D$
u%WWSS
t@;D$xu
T$8XZj
G$;G wn
9D$xu,
t$4C;\$h}
t>QQh'"
^8QSh{
<rt><w
E4tmPh(D
^8QSh{
^8PSh{
yQGQVh\"
|<+0u&
~	<mtN
YRRj.W
wcQWUR
|$'ftt
^8PSh{
134.209.35.212:666
8.8.8.8
/proc/net/route
	00000000	
(null)
Self Rep Fucking NeTiS and Thisity 0n Ur FuCkInG FoReHeAd We BiG L33T HaxErS
x86_32
/usr/bin/apt-get
Ubuntu
/usr/lib/portage
Gentoo
/usr/bin/yum
CentOS
/usr/share/YaST2
OpenSUSE
/usr/local/etc/pkg
FreeBSD
/etc/dropbear/
Dropbear
/etc/opkg
OpenWRT
Unknown Distro
[1;31mDemon
[1;37m[
[1;31mV5.0
[1;37m]
[1;31m-->
[1;37m[
[0;36m%s
[1;37m]
[1;31m-->
[1;37m[
[0;36m%s
[1;37m]
[1;31m-->
[1;37m[
[0;36m%s
[1;37m]
[1;31m-->
[1;37m[
[0;36m%s
[1;37m]
/dev/null
/etc/resolv.conf
/etc/config/resolv.conf
nameserver
domain
search
0123456789abcdef
/etc/hosts
/etc/config/hosts
(null)
hlLjztqZ
npxXoudifFeEgGaACScs
 +0-#'I
Unknown error 
Success
Operation not permitted
No such file or directory
No such process
Interrupted system call
Input/output error
No such device or address
Argument list too long
Exec format error
Bad file descriptor
No child processes
Resource temporarily unavailable
Cannot allocate memory
Permission denied
Bad address
Block device required
Device or resource busy
File exists
Invalid cross-device link
No such device
Not a directory
Is a directory
Invalid argument
Too many open files in system
Too many open files
Inappropriate ioctl for device
Text file busy
File too large
No space left on device
Illegal seek
Read-only file system
Too many links
Broken pipe
Numerical argument out of domain
Numerical result out of range
Resource deadlock avoided
File name too long
No locks available
Function not implemented
Directory not empty
Too many levels of symbolic links
No message of desired type
Identifier removed
Channel number out of range
Level 2 not synchronized
Level 3 halted
Level 3 reset
Link number out of range
Protocol driver not attached
No CSI structure available
Level 2 halted
Invalid exchange
Invalid request descriptor
Exchange full
No anode
Invalid request code
Invalid slot
Bad font file format
Device not a stream
No data available
Timer expired
Out of streams resources
Machine is not on the network
Package not installed
Object is remote
Link has been severed
Advertise error
Srmount error
Communication error on send
Protocol error
Multihop attempted
RFS specific error
Bad message
Value too large for defined data type
Name not unique on network
File descriptor in bad state
Remote address changed
Can not access a needed shared library
Accessing a corrupted shared library
.lib section in a.out corrupted
Attempting to link in too many shared libraries
Cannot exec a shared library directly
Invalid or incomplete multibyte or wide character
Interrupted system call should be restarted
Streams pipe error
Too many users
Socket operation on non-socket
Destination address required
Message too long
Protocol wrong type for socket
Protocol not available
Protocol not supported
Socket type not supported
Operation not supported
Protocol family not supported
Address family not supported by protocol
Address already in use
Cannot assign requested address
Network is down
Network is unreachable
Network dropped connection on reset
Software caused connection abort
Connection reset by peer
No buffer space available
Transport endpoint is already connected
Transport endpoint is not connected
Cannot send after transport endpoint shutdown
Too many references: cannot splice
Connection timed out
Connection refused
Host is down
No route to host
Operation already in progress
Operation now in progress
Stale NFS file handle
Structure needs cleaning
Not a XENIX named type file
No XENIX semaphores available
Is a named type file
Remote I/O error
Disk quota exceeded
No medium found
Wrong medium type
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
GCC: (GNU) 4.1.2
.symtab
.strtab
.shstrtab
.rodata
.eh_frame
.ctors
.dtors
.got.plt
.comment
libc/sysdeps/linux/i386/crti.S
crtstuff.c
__CTOR_LIST__
__DTOR_LIST__
__EH_FRAME_BEGIN__
__JCR_LIST__
completed.2429
p.2427
__do_global_dtors_aux
object.2482
frame_dummy
__CTOR_END__
__DTOR_END__
__FRAME_END__
__JCR_END__
__do_global_ctors_aux
initfini.c
libc/sysdeps/linux/i386/crtn.S
libc/sysdeps/linux/i386/crt1.S
i.4242
printchar
prints
printi
__syscall_fcntl.c
__syscall_fcntl64.c
_exit.c
access.c
chdir.c
close.c
fork.c
getpid.c
ioctl.c
kill.c
open.c
read.c
select.c
setsid.c
time.c
waitpid.c
write.c
isspace.c
toupper.c
__C_ctype_b.c
__C_ctype_toupper.c
__errno_location.c
memset.c
strchr.c
strcpy.c
strstr.c
bcopy.c
strtok.c
next_start.1278
ntohl.c
inet_ntoa.c
buf.2827
inet_makeaddr.c
gethostbyname.c
buf.5162
h.5161
gethostbyname_r.c
connect.c
getsockname.c
getsockopt.c
recv.c
send.c
sendto.c
setsockopt.c
socket.c
signal.c
sigsetops.c
malloc.c
__malloc_largebin_index
free.c
__malloc_trim
abort.c
mylock
been_there_done_that
rand.c
random.c
unsafe_state
randtbl
random_r.c
random_poly_info
atol.c
strtol.c
_stdlib_strto_l.c
exit.c
sleep.c
sysconf.c
__uClibc_main.c
__pthread_return_0
__pthread_return_void
__check_one_fd
been_there_done_that.3001
sigaction.c
__restore_rt
__restore
libc/sysdeps/linux/i386/mmap.S
__socketcall.c
__syscall_rt_sigaction.c
clock_getres.c
getdtablesize.c
getegid.c
geteuid.c
getgid.c
getpagesize.c
getrlimit.c
getuid.c
munmap.c
nanosleep.c
sbrk.c
sigprocmask.c
wait4.c
errno.c
__h_errno_location.c
_uintmaxtostr.c
memcpy.c
memmove.c
strncpy.c
strtok_r.c
strpbrk.c
inet_aton.c
dnslookup.c
static_ns
static_id
opennameservers.c
get_hosts_byname_r.c
raise.c
dl-support.c
__syscall_error.c
poll.c
fclose.c
fopen.c
_fopen.c
_stdio.c
_stdio_streams
__stdio_mutex_initializer.4160
_fixed_buffers
_wcommit.c
fgets.c
fflush_unlocked.c
fgets_unlocked.c
strcmp.c
strlen.c
strncat.c
rawmemchr.c
strspn.c
strdup.c
isatty.c
tcgetattr.c
ntop.c
inet_pton4
xdigits.3285
inet_ntop4
encodeh.c
decodeh.c
encodeq.c
lengthq.c
decodea.c
read_etc_hosts_r.c
tolower.c
__C_ctype_tolower.c
sprintf.c
vsnprintf.c
_WRITE.c
_vfprintf_internal.c
_charpad
_fp_out_narrow
spec_base.4370
prefix.4371
_ppfs_init.c
_ppfs_prepargs.c
_ppfs_setargs.c
_ppfs_parsespec.c
_promoted_size
type_codes
type_sizes
spec_flags.4372
qual_chars.4377
spec_chars.4373
spec_ranges.4374
spec_or_mask.4375
spec_and_mask.4376
fgetc_unlocked.c
fputs_unlocked.c
fwrite_unlocked.c
strnlen.c
mempcpy.c
__glibc_strerror_r.c
__xpg_strerror_r.c
unknown.1330
_string_syserrmsgs.c
strcasecmp.c
encoded.c
decoded.c
lengthd.c
wcrtomb.c
wcsrtombs.c
wcsnrtombs.c
_READ.c
_fwrite.c
_rfill.c
_trans2r.c
_trans2w.c
_load_inttype.c
_store_inttype.c
_fpmaxtostr.c
exp10_table
memchr.c
memrchr.c
fseeko.c
fseeko64.c
_adjust_pos.c
_cs_funcs.c
llseek.c
__fini_array_end
__fini_array_start
__init_array_end
__preinit_array_end
_GLOBAL_OFFSET_TABLE_
__init_array_start
__preinit_array_start
__read_etc_hosts_r
__libc_sigaction
strcpy
__GI_fcntl64
recvLine
__socketcall
__GI___ctype_b
__GI_memchr
__GI___glibc_strerror_r
waitpid
__open_nameservers
__GI_fopen
getrlimit
_stdio_openlist_use_count
__GI_initstate_r
__GI_sigaction
strtok_r
__GI___C_ctype_toupper_data
__GI_time
getgid
sysconf
stdout
random
__GI_strdup
__GI_getpagesize
getdtablesize
__GI_h_errno
__length_question
__GI___ctype_toupper
__GI_strcasecmp
__GI_tolower
connect
__encode_question
__GI___uClibc_fini
numpids
__encode_header
__GI_strncat
__pthread_mutex_lock
initConnection
__sigdelset
__GI_clock_getres
__uClibc_fini
memrchr
geteuid
inet_pton
__GI_vsnprintf
__GI_setsid
memmove
__bsd_signal
__GI_strpbrk
__stdio_trans2r_o
munmap
__GI_setsockopt
__libc_stack_end
__GI_fclose
__GI_wcsnrtombs
_uintmaxtostr
__libc_fcntl
_h_errno
getc_unlocked
__ctype_b
__GI_random_r
getegid
__GI_sbrk
__GI___uClibc_init
getpagesize
getpid
__GI_lseek64
setstate_r
getHost
__libc_getpid
__xpg_strerror_r
fcntl64
memcpy
makeRandomStr
getRandomIP
__GI_fputs_unlocked
__GI_fgets
_stdio_openlist_dec_use
__libc_select
_ppfs_init
__GI___C_ctype_toupper
__GI_fgetc_unlocked
__libc_nanosleep
__GI_fgets_unlocked
__pthread_mutex_init
tolower
getuid
__open_etc_hosts
Demonicsock
malloc
isatty
__GI_atol
vsnprintf
__dns_lookup
__GI_read
__C_ctype_tolower
random_r
__dso_handle
clock_getres
gethostbyname_r
tcpcsum
socket
select
_pthread_cleanup_pop_restore
__GI_wcrtomb
__GI___libc_fcntl
__GI_memset
isspace
__stdio_seek
mempcpy
__GI_strcoll
__GI_write
__ctype_toupper
__libc_read
_string_syserrmsgs
__GI_open
__GI_strchr
__searchdomain
__GI_tcgetattr
__environ
wcsnrtombs
makeIPPacket
sockprintf
__GI_inet_ntoa
__fgetc_unlocked
__GI_fcntl
__GI_wcsrtombs
__GI_fwrite_unlocked
defopsys
__GI_getgid
srandom_r
__GI_inet_ntoa_r
__GI_setstate_r
strtol
__libc_lseek64
defarchs
strnlen
rawmemchr
__GI_mempcpy
__malloc_state
__GI___C_ctype_b_data
__sigaddset
nanosleep
__GI_send
h_errno
__pthread_mutex_unlock
__register_frame_info_bases
__GI_exit
__app_fini
__exit_cleanup
__GI_srandom_r
__GI___ctype_tolower
environ
__GI_close
__resolv_lock
fputs_unlocked
__pthread_mutex_trylock
defpkgs
__GI_brk
__GI_nanosleep
__GI_strtok
_stdio_openlist
__GI_sigprocmask
inet_addr
__GI_fseek
fseeko
_stdio_openlist_del_count
connectTimeout
__raise
setsockopt
bsd_signal
__GI_kill
__GI_strcmp
__GI_memmove
setstate
__decode_dotted
__stdio_READ
memchr
__GI_toupper
__pthread_initialize_minimal
__GI_recv
__stdin
__GI_isatty
_start
__deregister_frame_info_bases
strstr
__GI_ioctl
init_rand
signal
__decode_header
__GI___h_errno_location
__GI_memcpy
strcoll
wcsrtombs
_stdio_user_locking
strncpy
strcasecmp
sendto
__C_ctype_toupper
__GI___C_ctype_b
__GI_gethostbyname_r
__GI_strncpy
__libc_send
__GI___xpg_strerror_r
currentServer
__GI___C_ctype_tolower
__GI_getrlimit
__GI_strcpy
__GI_inet_ntop
strtok
__stdio_adjust_position
malloc_trim
_vfprintf_internal
__GI_poll
__stdio_rfill
strncat
__GI_sleep
sigaction
__GI_gethostbyname
_dl_phdr
__GI_getc_unlocked
__GI___libc_fcntl64
__uClibc_init
__GI_munmap
_store_inttype
__length_dotted
__getpagesize
__GI_random
__syscall_error
__uclibc_progname
__GI_getegid
__GI_wait4
__malloc_lock
__uClibc_main
__rtld_fini
__GI_fork
strdup
__libc_close
__GI_getpid
inet_aton
_pthread_cleanup_push_defer
__sigismember
__bss_start
__libc_open
getOurIP
memset
__GI_socket
__glibc_strerror_r
listFork
__GI___C_ctype_tolower_data
__stdio_fwrite
initstate
fclose
__syscall_rt_sigaction
inet_ntoa
tcgetattr
__C_ctype_tolower_data
__GI_abort
__get_hosts_byname_r
__stdio_init_mutex
__GI__exit
strcmp
cncinput
__nameserver
data_start
__GI_sysconf
__h_errno_location
__C_ctype_b_data
__GI_inet_pton
gethostbyname
_stdio_fopen
__GI_chdir
__GI_mmap
sprintf
fdgets
__get_pc_thunk_bx
strerror_r
__GI_select
__libc_waitpid
__GI_waitpid
_stdio_term
__decode_answer
__GI_signal
stderr
__C_ctype_b
srandom
_ppfs_setargs
__GI_sendto
__libc_fork
__atexit_lock
rand_cmwc
Demonserv
__libc_fcntl64
getsockopt
__GI_fseeko64
fflush_unlocked
__stdio_wcommit
__GI___fgetc_unlocked
__nameservers
fwrite_unlocked
inet_ntoa_r
__pagesize
_stdio_openlist_add_lock
__GI_getdtablesize
access
_edata
__stdout
__GI_memrchr
__GI_fflush_unlocked
__GI_strstr
__searchdomains
_sigintr
_ppfs_prepargs
__GI_strspn
fgetc_unlocked
initstate_r
__GI_connect
__curbrk
__libc_poll
_dl_phnum
_fpmaxtostr
__errno_location
_stdlib_strto_l
__GI___libc_open
__stdio_WRITE
_stdio_init
__GI_geteuid
inet_ntop
__C_ctype_toupper_data
_dl_aux_init
_errno
_stdio_openlist_del_lock
__GI_inet_aton
fgets_unlocked
strspn
__libc_recv
__libc_creat
strlen
lseek64
toupper
__libc_write
__malloc_consolidate
_ppfs_parsespec
__GI_strtol
__GI_getuid
__GI_strtok_r
__GI_errno
__libc_sendto
__stdio_trans2w_o
strchr
__GI_rawmemchr
__GI_raise
__data_start
setsid
__GI_inet_addr
__encode_dotted
__GI_strnlen
_Jv_RegisterClasses
macAddress
__GI___errno_location
__GI_atoi
fseeko64
__GI_sprintf
__ctype_tolower
wcrtomb
__GI_getsockname
__libc_connect
checksum_tcp_udp
__GI_strlen
strpbrk
_load_inttype
sigprocmask
getsockname