← Back to feed
Location
🇺🇸 US / Des Moines
ASN
AS8075 · Microsoft Corporation
Cloud Provider
Microsoft Azure
Total Events
1201
Top 5% by volume
Agent Count
1
First / Last Seen
2026-05-08 05:52 — 2026-05-08 09:05
Attack Types
MITRE ATT&CK Techniques
Reconnaissance
Initial Access
Command and Control
External Corroboration
Blocklist.de
blocklist_de:reported
Campaigns
Not associated with any campaigns
Session Forensics
Sessions
47 (46 with login)
Avg Depth Score
0.98
Commands Executed
828
Files Downloaded
46
Notable Commands
- echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;; echo "===UNAME==="; uname -a 2>/dev/null || echo EMPTY;; echo "===WHOAMI==="; whoami 2>/dev/null || echo EMPTY;; echo "===PWD==="; pwd 2>/dev/null || echo EMPTY;; echo "===LS_ROOT==="; ls -la / 2>/dev/null | head -10 || echo EMPTY;; echo "===PS==="; ps aux 2>/dev/null | head -15 || echo EMPTY;; echo "===NETSTAT==="; netstat -tulpn 2>/dev/null | head -10 || echo EMPTY;; echo "===HISTORY==="; history 2>/dev/null | tail -5 || echo EMPTY;; echo "===SSH_VERSION==="; ssh -V 2>&1 || echo EMPTY;; echo "===UPTIME==="; uptime 2>/dev/null || echo EMPTY;; echo "===MOUNT==="; mount 2>/dev/null | head -5 || echo EMPTY;; echo "===ENV==="; env 2>/dev/null | head -10 || echo EMPTY;; echo "===CPU_CORES==="; nproc 2>/dev/null || grep -c '^processor' /proc/cpuinfo 2>/dev/null || echo 0;; echo "===ARCH==="; uname -m 2>/dev/null || echo unknown;; echo "===CPU_MODEL==="; grep 'model name' /proc/cpuinfo 2>/dev/null | head -1 | cut -d ':' -f2- | sed 's/^ *//' || echo unknown;; echo "===RESOURCES==="; echo MEMKB=$(awk '/MemTotal/{print $2}' /proc/meminfo 2>/dev/null) DISKKB=$(df / 2>/dev/null | awk 'NR==2{print $2}') USERCNT=$(wc -l < /etc/passwd 2>/dev/null) PKGCNT=$(dpkg -l 2>/dev/null | grep -c '^ii' || rpm -qa 2>/dev/null | wc -l || echo 0);; echo "===CONTAINER==="; cat /proc/1/cgroup 2>/dev/null | head -3; test -f /.dockerenv && echo DOCKERENV; test -f /run/.containerenv && echo CONTAINERENV; echo;; echo "===COWRIE==="; ls /opt/cowrie /home/richard /etc/cowrie 2>&1;; echo "===DMESG==="; dmesg 2>/dev/null | head -5 || echo EMPTY;; echo "===PORTS==="; ss -tulpn 2>/dev/null | grep LISTEN | head -20 || netstat -tulpn 2>/dev/null | grep LISTEN | head -20 || echo EMPTY;; echo "===NETCFG==="; ls -la /etc/network/interfaces /etc/sysconfig/network-scripts/ /etc/netplan/ 2>/dev/null | head -3 || echo EMPTY;; echo "===IPADDR==="; ip addr show 2>/dev/null | grep -E '^[0-9]+:' | head -5 || echo EMPTY;; echo "===IPROUTE==="; ip route show 2>/dev/null | head -3 || echo EMPTY;; echo "===WRITE==="; TF=/tmp/t_$$; echo test > $TF 2>&1 && echo WRITEOK && rm -f $TF || echo WRITEFAIL;; echo "===IDCHECK==="; id 2>/dev/null && echo IDOK || echo IDFAIL; whoami 2>/dev/null && echo WHOAMIOK || echo WHOAMIFAIL;; echo "===PKGMGR==="; which apt 2>/dev/null || which yum 2>/dev/null || which pacman 2>/dev/null || which zypper 2>/dev/null || echo NOPKG;; echo "===SERVICES==="; systemctl list-units --type=service --state=running 2>/dev/null | head -10 || echo NOSVC;; echo "===SOCKETS==="; ss -tuln 2>/dev/null | wc -l || echo 0;; echo "===GPU==="; nvidia-smi --query-gpu=name,memory.total,driver_version --format=csv,noheader 2>/dev/null || echo NOGPU;; echo "===MAXDISK==="; df -BG 2>/dev/null | awk 'NR>1{gsub("G","",$2); if($2+0>max) max=$2+0} END{print max+0}' || echo 0;; echo "===END==="
- awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null
- df / 2 > /dev/null | awk NR==2{print $2}
- wc -l < /etc/passwd 2 > /dev/null
- dpkg -l 2 > /dev/null | grep -c ^ii
- dpkg -l
- rpm -qa 2 > /dev/null | wc -l
- rpm -qa
- echo 0
- sed s/^ *//
Fingerprints
HASSH
SSH Client
Evidence Timeline
Malware Dropper
b3fac16e1fd8
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
49f3cadca2c6
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
00544f9bfb9d
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
cd66dc1a9c0b
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
704a0809bfe9
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
38480b56254b
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
8c3a3365306f
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
8183ccf4abad
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
7b35bf2f13d2
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
dcf73307778a
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
5a8496eebee6
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
f57e580f0a09
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
aa431dfeffd7
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
187cd2d54a1d
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
58a5c4d878b3
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
1efd9c9dfbd7
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
5e6f6ce2fa11
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
b677cae725c0
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
94a552de7035
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
f24ea0363714
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
e5323ae3470c
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
10644347da4c
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
2727a16b8291
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
72d9f6e474e6
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
2d7882e77b8c
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
99905f71a65c
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
eedd59d2ce4e
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
011f81e75e8e
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
e71c12b39336
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
a6b59e3f4bb9
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
40d0c787306c
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
b2265c660e8a
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
3b258d3d88e0
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
cf5d3e0ec36f
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
5b4aaae77659
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
0e090bc9a96b
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
5f3fc8775ea1
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
3072dcf21fe1
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
a319eceddc28
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
f8d0a97454dc
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
3a91a7df2182
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
aac9d5487ac6
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
73bcda30df2d
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
e97b1b01a64c
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
976e59cd258c
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii
Malware Dropper
207d56c5d431
LOGIN
18
1
1
100%
Loading events...
HASSH 41436928ad6c561…
SSH-2.0-Go
$ echo "===HOSTNAME==="; hostname 2>/dev/null || echo EMPTY;;…$ awk /MemTotal/{print $2} /proc/meminfo 2 > /dev/null$ df / 2 > /dev/null | awk NR==2{print $2}$ wc -l < /etc/passwd 2 > /dev/null$ dpkg -l 2 > /dev/null | grep -c ^ii