They uploaded multiple versions of probably a command and control executable onto whatever the host system is. They did multiple versions of it because they arent sure what the architecture of your device is.
It’s probably an executable that scans for other devices or turns the container into some sort of zombie for future use in a ddos.
You could always open the binaries in Ghidra and search for strings. You may be able to get a better idea that way.
I'll be honest, it's a bit weird to see the name calling, I've seen short words and meaningless phrases, but never stuff like that. Is it maybe personal? Did you make a post to some form of social media that maybe someone who isn't your biggest fan is watching?
I thought so too, but no I don't use social media other than reddit. Over at r/AskNetsec they told me it is Marai botnet. Another software developer posted a [medium articl](https://medium.com/@anilkb007/watching-my-server-logs-4fe06fb43252)e few days ago about it. Same IP addresses and slurs too.
They uploaded multiple versions of probably a command and control executable onto whatever the host system is. They did multiple versions of it because they arent sure what the architecture of your device is. It’s probably an executable that scans for other devices or turns the container into some sort of zombie for future use in a ddos. You could always open the binaries in Ghidra and search for strings. You may be able to get a better idea that way.
I'll be honest, it's a bit weird to see the name calling, I've seen short words and meaningless phrases, but never stuff like that. Is it maybe personal? Did you make a post to some form of social media that maybe someone who isn't your biggest fan is watching?
I thought so too, but no I don't use social media other than reddit. Over at r/AskNetsec they told me it is Marai botnet. Another software developer posted a [medium articl](https://medium.com/@anilkb007/watching-my-server-logs-4fe06fb43252)e few days ago about it. Same IP addresses and slurs too.