Linux
Analysis Report
D8OrlQhDGl.elf
Overview
General Information
Sample name: | D8OrlQhDGl.elfrenamed because original name is a hash value |
Original sample name: | 6f35026b7878d58d950acd326f7ed635.elf |
Analysis ID: | 1419331 |
MD5: | 6f35026b7878d58d950acd326f7ed635 |
SHA1: | bde4dee977e3ef3677317a1d7a45f96e963a83b2 |
SHA256: | 559ce9dfd20ba48e25172ab780cb3e50e318ad5cdc4410a1b86498b9e1c9de95 |
Tags: | 32elfintelmirai |
Infos: |
Detection
Mirai
Score: | 68 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Yara detected Mirai
Machine Learning detection for sample
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Found strings indicative of a multi-platform dropper
Sample contains strings that are user agent strings indicative of HTTP manipulation
Sample has stripped symbol table
Yara signature match
Classification
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1419331 |
Start date and time: | 2024-04-03 14:25:49 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 53s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | D8OrlQhDGl.elfrenamed because original name is a hash value |
Original Sample Name: | 6f35026b7878d58d950acd326f7ed635.elf |
Detection: | MAL |
Classification: | mal68.troj.linELF@0/0@2/0 |
Command: | /tmp/D8OrlQhDGl.elf |
PID: | 5470 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | i promise you its fine |
Standard Error: |
- system is lnxubuntu20
- D8OrlQhDGl.elf New Fork (PID: 5471, Parent: 5470)
- D8OrlQhDGl.elf New Fork (PID: 5472, Parent: 5471)
- D8OrlQhDGl.elf New Fork (PID: 5473, Parent: 5471)
- D8OrlQhDGl.elf New Fork (PID: 5474, Parent: 5471)
- D8OrlQhDGl.elf New Fork (PID: 5475, Parent: 5474)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
Mirai | Mirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world. | No Attribution |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Mirai_8 | Yara detected Mirai | Joe Security | ||
Linux_Trojan_Mirai_5f7b67b8 | unknown | unknown |
| |
Linux_Trojan_Mirai_389ee3e9 | unknown | unknown |
| |
Linux_Trojan_Mirai_cc93863b | unknown | unknown |
| |
Linux_Trojan_Mirai_8aa7b5d3 | unknown | unknown |
|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Mirai_8 | Yara detected Mirai | Joe Security | ||
Linux_Trojan_Mirai_5f7b67b8 | unknown | unknown |
| |
Linux_Trojan_Mirai_389ee3e9 | unknown | unknown |
| |
Linux_Trojan_Mirai_cc93863b | unknown | unknown |
| |
Linux_Trojan_Mirai_8aa7b5d3 | unknown | unknown |
| |
Click to see the 10 entries |
⊘No Snort rule has matched
- • AV Detection
- • Spreading
- • Networking
- • System Summary
- • Persistence and Installation Behavior
- • Stealing of Sensitive Information
- • Remote Access Functionality
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link |
Source: | Joe Sandbox ML: |
Source: | String: |
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | .symtab present: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Classification label: |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | Windows Management Instrumentation | 1 Scripting | Path Interception | Direct Volume Access | 1 OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Data Obfuscation | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Standard Port | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Application Layer Protocol | Traffic Duplication | Data Destruction |
⊘No configs have been found
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
50% | ReversingLabs | Linux.Trojan.LnxMirai | ||
40% | Virustotal | Browse | ||
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | URL Reputation | phishing | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
daisy.ubuntu.com | 162.213.35.25 | true | false | high |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
true |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
185.196.9.193 | unknown | Switzerland | 42624 | SIMPLECARRIERCH | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
185.196.9.193 | Get hash | malicious | Mirai | Browse | ||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
daisy.ubuntu.com | Get hash | malicious | Gafgyt, Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | IPRoyal Pawns | Browse |
| ||
Get hash | malicious | IPRoyal Pawns | Browse |
| ||
Get hash | malicious | IPRoyal Pawns | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Mirai, Moobot | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
SIMPLECARRIERCH | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | AgentTesla, PureLog Stealer | Browse |
| ||
Get hash | malicious | Quasar | Browse |
| ||
Get hash | malicious | AsyncRAT | Browse |
| ||
Get hash | malicious | Quasar | Browse |
| ||
Get hash | malicious | PureLog Stealer, Quasar, zgRAT | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | AsyncRAT | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 6.673274288779359 |
TrID: |
|
File name: | D8OrlQhDGl.elf |
File size: | 67'212 bytes |
MD5: | 6f35026b7878d58d950acd326f7ed635 |
SHA1: | bde4dee977e3ef3677317a1d7a45f96e963a83b2 |
SHA256: | 559ce9dfd20ba48e25172ab780cb3e50e318ad5cdc4410a1b86498b9e1c9de95 |
SHA512: | 00de1e7c9ab1fc9abc399ee185d57f0cf1eecbb362f78390596f296996734905deb03417050acb344c1cdf3a770c3d339eb937f206622ff5d37dee1197d6991b |
SSDEEP: | 1536:UNoolhNNoKVp4nvb3FISTrZ/xWFSqco8u5hM:AdvbVMvb3aSHlwxcW5hM |
TLSH: | 59635CCFD643C9B0E91909712126FB16C732E73B449ADA57D7885872DC22A12D317BDC |
File Content Preview: | .ELF....................d...4...........4. ...(..........................................................l..........Q.td............................U..S.......[....h........[]...$.............U......=.....t..5....$......$.......u........t....h............ |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 66812 |
Section Header Size: | 40 |
Number of Section Headers: | 10 |
Header String Table Index: | 9 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x8048094 | 0x94 | 0x1c | 0x0 | 0x6 | AX | 0 | 0 | 1 |
.text | PROGBITS | 0x80480b0 | 0xb0 | 0xcc36 | 0x0 | 0x6 | AX | 0 | 0 | 16 |
.fini | PROGBITS | 0x8054ce6 | 0xcce6 | 0x17 | 0x0 | 0x6 | AX | 0 | 0 | 1 |
.rodata | PROGBITS | 0x8054d00 | 0xcd00 | 0x33e0 | 0x0 | 0x2 | A | 0 | 0 | 32 |
.ctors | PROGBITS | 0x80590e4 | 0x100e4 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x80590ec | 0x100ec | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x8059120 | 0x10120 | 0x39c | 0x0 | 0x3 | WA | 0 | 0 | 32 |
.bss | NOBITS | 0x80594c0 | 0x104bc | 0x6904 | 0x0 | 0x3 | WA | 0 | 0 | 32 |
.shstrtab | STRTAB | 0x0 | 0x104bc | 0x3e | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x8048000 | 0x8048000 | 0x100e0 | 0x100e0 | 6.7111 | 0x5 | R E | 0x1000 | .init .text .fini .rodata | |
LOAD | 0x100e4 | 0x80590e4 | 0x80590e4 | 0x3d8 | 0x6ce0 | 4.0221 | 0x6 | RW | 0x1000 | .ctors .dtors .data .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x4 |
Download Network PCAP: filtered – full
- Total Packets: 94
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 3, 2024 14:26:33.281232119 CEST | 53460 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:26:33.524310112 CEST | 6666 | 53460 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:26:33.524367094 CEST | 53460 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:26:33.524424076 CEST | 53460 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:26:33.767446041 CEST | 6666 | 53460 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:26:33.767640114 CEST | 6666 | 53460 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:26:33.767652988 CEST | 6666 | 53460 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:26:33.767679930 CEST | 53460 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:26:34.012881994 CEST | 6666 | 53460 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:26:42.767755032 CEST | 53462 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:26:43.010930061 CEST | 6666 | 53462 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:26:43.011069059 CEST | 53462 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:26:43.011116982 CEST | 53462 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:26:43.256035089 CEST | 6666 | 53462 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:26:43.256061077 CEST | 6666 | 53462 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:26:43.256073952 CEST | 6666 | 53462 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:26:43.256131887 CEST | 53462 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:26:43.499231100 CEST | 6666 | 53462 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:26:52.256277084 CEST | 53464 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:26:52.499850035 CEST | 6666 | 53464 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:26:52.499949932 CEST | 53464 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:26:52.499982119 CEST | 53464 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:26:52.743346930 CEST | 6666 | 53464 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:26:52.743383884 CEST | 6666 | 53464 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:26:52.743417978 CEST | 6666 | 53464 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:26:52.743447065 CEST | 53464 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:26:52.986887932 CEST | 6666 | 53464 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:01.743645906 CEST | 53466 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:01.986040115 CEST | 6666 | 53466 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:01.986387968 CEST | 53466 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:01.986387968 CEST | 53466 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:02.230768919 CEST | 6666 | 53466 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:02.230844975 CEST | 6666 | 53466 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:02.230859041 CEST | 6666 | 53466 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:02.231053114 CEST | 53466 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:02.473666906 CEST | 6666 | 53466 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:11.231221914 CEST | 53468 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:11.474598885 CEST | 6666 | 53468 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:11.474824905 CEST | 53468 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:11.474859953 CEST | 53468 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:11.717869997 CEST | 6666 | 53468 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:11.717890978 CEST | 6666 | 53468 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:11.717904091 CEST | 6666 | 53468 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:11.717995882 CEST | 53468 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:11.961366892 CEST | 6666 | 53468 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:20.718228102 CEST | 53470 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:20.961579084 CEST | 6666 | 53470 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:20.961787939 CEST | 53470 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:20.961816072 CEST | 53470 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:21.205100060 CEST | 6666 | 53470 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:21.205116987 CEST | 6666 | 53470 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:21.205128908 CEST | 6666 | 53470 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:21.205388069 CEST | 53470 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:21.448577881 CEST | 6666 | 53470 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:30.205720901 CEST | 53472 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:30.448854923 CEST | 6666 | 53472 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:30.449043989 CEST | 53472 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:30.449080944 CEST | 53472 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:30.692305088 CEST | 6666 | 53472 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:30.692352057 CEST | 6666 | 53472 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:30.692359924 CEST | 6666 | 53472 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:30.692591906 CEST | 53472 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:30.935792923 CEST | 6666 | 53472 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:39.693216085 CEST | 53474 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:39.939275026 CEST | 6666 | 53474 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:39.939558029 CEST | 53474 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:39.939634085 CEST | 53474 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:40.183067083 CEST | 6666 | 53474 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:40.183109999 CEST | 6666 | 53474 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:40.183149099 CEST | 6666 | 53474 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:40.183202028 CEST | 53474 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:40.426601887 CEST | 6666 | 53474 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:49.183495045 CEST | 53476 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:49.426192999 CEST | 6666 | 53476 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:49.426424980 CEST | 53476 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:49.426570892 CEST | 53476 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:49.669301987 CEST | 6666 | 53476 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:49.669317961 CEST | 6666 | 53476 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:49.669331074 CEST | 6666 | 53476 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:49.669441938 CEST | 53476 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:49.912148952 CEST | 6666 | 53476 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:58.669663906 CEST | 53478 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:58.912719965 CEST | 6666 | 53478 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:58.912899017 CEST | 53478 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:58.912965059 CEST | 53478 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:59.155586958 CEST | 6666 | 53478 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:59.155884027 CEST | 6666 | 53478 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:59.155935049 CEST | 6666 | 53478 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:27:59.155973911 CEST | 53478 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:27:59.398613930 CEST | 6666 | 53478 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:08.156397104 CEST | 53480 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:08.398828983 CEST | 6666 | 53480 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:08.399184942 CEST | 53480 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:08.399223089 CEST | 53480 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:08.645256042 CEST | 6666 | 53480 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:08.645297050 CEST | 6666 | 53480 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:08.645318031 CEST | 6666 | 53480 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:08.645474911 CEST | 53480 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:08.887777090 CEST | 6666 | 53480 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:17.645925999 CEST | 53482 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:17.889462948 CEST | 6666 | 53482 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:17.889612913 CEST | 53482 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:17.889662027 CEST | 53482 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:18.133061886 CEST | 6666 | 53482 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:18.133090973 CEST | 6666 | 53482 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:18.133104086 CEST | 6666 | 53482 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:18.133254051 CEST | 53482 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:18.376856089 CEST | 6666 | 53482 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:27.133569956 CEST | 53484 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:27.377041101 CEST | 6666 | 53484 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:27.377176046 CEST | 53484 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:27.377223969 CEST | 53484 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:27.621639967 CEST | 6666 | 53484 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:27.621674061 CEST | 6666 | 53484 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:27.621690035 CEST | 6666 | 53484 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:27.621743917 CEST | 53484 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:27.864923000 CEST | 6666 | 53484 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:36.622025967 CEST | 53486 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:36.865035057 CEST | 6666 | 53486 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:36.865206003 CEST | 53486 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:36.865252972 CEST | 53486 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:37.107669115 CEST | 6666 | 53486 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:37.107697964 CEST | 6666 | 53486 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:37.107712984 CEST | 6666 | 53486 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:37.107827902 CEST | 53486 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:37.350542068 CEST | 6666 | 53486 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:46.108063936 CEST | 53488 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:46.351593018 CEST | 6666 | 53488 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:46.351741076 CEST | 53488 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:46.351772070 CEST | 53488 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:46.595468998 CEST | 6666 | 53488 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:46.595487118 CEST | 6666 | 53488 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:46.595499039 CEST | 6666 | 53488 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:46.595602036 CEST | 53488 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:46.839288950 CEST | 6666 | 53488 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:55.595875025 CEST | 53490 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:55.838604927 CEST | 6666 | 53490 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:55.838864088 CEST | 53490 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:55.838881016 CEST | 53490 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:56.082176924 CEST | 6666 | 53490 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:56.082190037 CEST | 6666 | 53490 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:56.082201958 CEST | 6666 | 53490 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:28:56.082310915 CEST | 53490 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:28:56.325465918 CEST | 6666 | 53490 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:05.082601070 CEST | 53492 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:05.325517893 CEST | 6666 | 53492 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:05.325699091 CEST | 53492 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:05.325752020 CEST | 53492 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:05.568674088 CEST | 6666 | 53492 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:05.568717957 CEST | 6666 | 53492 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:05.568741083 CEST | 6666 | 53492 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:05.568872929 CEST | 53492 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:05.811559916 CEST | 6666 | 53492 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:14.569194078 CEST | 53494 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:14.812129021 CEST | 6666 | 53494 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:14.812241077 CEST | 53494 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:14.812292099 CEST | 53494 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:15.056235075 CEST | 6666 | 53494 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:15.056266069 CEST | 6666 | 53494 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:15.056309938 CEST | 6666 | 53494 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:15.056343079 CEST | 53494 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:15.299081087 CEST | 6666 | 53494 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:24.056447983 CEST | 53496 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:24.299515009 CEST | 6666 | 53496 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:24.299643993 CEST | 53496 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:24.299681902 CEST | 53496 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:24.542984962 CEST | 6666 | 53496 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:24.543001890 CEST | 6666 | 53496 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:24.543070078 CEST | 6666 | 53496 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:24.543098927 CEST | 53496 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:24.786212921 CEST | 6666 | 53496 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:33.543368101 CEST | 53498 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:33.787554979 CEST | 6666 | 53498 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:33.787822008 CEST | 53498 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:33.787822008 CEST | 53498 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:34.035330057 CEST | 6666 | 53498 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:34.035410881 CEST | 6666 | 53498 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:34.035430908 CEST | 6666 | 53498 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:34.035547972 CEST | 53498 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:34.279793978 CEST | 6666 | 53498 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:43.035715103 CEST | 53500 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:43.280523062 CEST | 6666 | 53500 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:43.280644894 CEST | 53500 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:43.280674934 CEST | 53500 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:43.524038076 CEST | 6666 | 53500 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:43.524061918 CEST | 6666 | 53500 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:43.524076939 CEST | 6666 | 53500 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:43.524163961 CEST | 53500 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:43.767277002 CEST | 6666 | 53500 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:52.524426937 CEST | 53502 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:52.767314911 CEST | 6666 | 53502 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:52.767442942 CEST | 53502 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:52.767549038 CEST | 53502 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:53.010346889 CEST | 6666 | 53502 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:53.010376930 CEST | 6666 | 53502 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:53.010421038 CEST | 6666 | 53502 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:29:53.010446072 CEST | 53502 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:29:53.258511066 CEST | 6666 | 53502 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:30:02.010792971 CEST | 53504 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:30:02.253695965 CEST | 6666 | 53504 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:30:02.253885984 CEST | 53504 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:30:02.253957987 CEST | 53504 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:30:02.496632099 CEST | 6666 | 53504 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:30:02.496663094 CEST | 6666 | 53504 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:30:02.496678114 CEST | 6666 | 53504 | 185.196.9.193 | 192.168.2.14 |
Apr 3, 2024 14:30:02.496786118 CEST | 53504 | 6666 | 192.168.2.14 | 185.196.9.193 |
Apr 3, 2024 14:30:02.739509106 CEST | 6666 | 53504 | 185.196.9.193 | 192.168.2.14 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 3, 2024 14:29:20.860728979 CEST | 36508 | 53 | 192.168.2.14 | 1.1.1.1 |
Apr 3, 2024 14:29:20.860774994 CEST | 34456 | 53 | 192.168.2.14 | 1.1.1.1 |
Apr 3, 2024 14:29:20.988285065 CEST | 53 | 36508 | 1.1.1.1 | 192.168.2.14 |
Apr 3, 2024 14:29:20.990195036 CEST | 53 | 34456 | 1.1.1.1 | 192.168.2.14 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 3, 2024 14:29:20.860728979 CEST | 192.168.2.14 | 1.1.1.1 | 0x41d7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Apr 3, 2024 14:29:20.860774994 CEST | 192.168.2.14 | 1.1.1.1 | 0xad87 | Standard query (0) | 28 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 3, 2024 14:29:20.988285065 CEST | 1.1.1.1 | 192.168.2.14 | 0x41d7 | No error (0) | 162.213.35.25 | A (IP address) | IN (0x0001) | false | ||
Apr 3, 2024 14:29:20.988285065 CEST | 1.1.1.1 | 192.168.2.14 | 0x41d7 | No error (0) | 162.213.35.24 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 12:26:32 |
Start date (UTC): | 03/04/2024 |
Path: | /tmp/D8OrlQhDGl.elf |
Arguments: | /tmp/D8OrlQhDGl.elf |
File size: | 67212 bytes |
MD5 hash: | 6f35026b7878d58d950acd326f7ed635 |
Start time (UTC): | 12:26:32 |
Start date (UTC): | 03/04/2024 |
Path: | /tmp/D8OrlQhDGl.elf |
Arguments: | - |
File size: | 67212 bytes |
MD5 hash: | 6f35026b7878d58d950acd326f7ed635 |
Start time (UTC): | 12:26:32 |
Start date (UTC): | 03/04/2024 |
Path: | /tmp/D8OrlQhDGl.elf |
Arguments: | - |
File size: | 67212 bytes |
MD5 hash: | 6f35026b7878d58d950acd326f7ed635 |
Start time (UTC): | 12:26:32 |
Start date (UTC): | 03/04/2024 |
Path: | /tmp/D8OrlQhDGl.elf |
Arguments: | - |
File size: | 67212 bytes |
MD5 hash: | 6f35026b7878d58d950acd326f7ed635 |
Start time (UTC): | 12:26:32 |
Start date (UTC): | 03/04/2024 |
Path: | /tmp/D8OrlQhDGl.elf |
Arguments: | - |
File size: | 67212 bytes |
MD5 hash: | 6f35026b7878d58d950acd326f7ed635 |
Start time (UTC): | 12:26:32 |
Start date (UTC): | 03/04/2024 |
Path: | /tmp/D8OrlQhDGl.elf |
Arguments: | - |
File size: | 67212 bytes |
MD5 hash: | 6f35026b7878d58d950acd326f7ed635 |