Edit tour
Windows
Analysis Report
MV XH DOLPHINPDF.exe
Overview
General Information
| Sample name: | MV XH DOLPHINPDF.exe |
| Analysis ID: | 1447784 |
| MD5: | e3d3d93759a0552c63ec2c3ccbf6c383 |
| SHA1: | cfa0d6279822bc75a22e54e3dcb6e378a0772605 |
| SHA256: | 31607008c03354cf7b6b21d8d3ecc31186e39a92dca54c0c26c30ecd85957cec |
| Tags: | exeLoki |
| Infos: |   |
 | |
Detection
Lokibot
| Score: | 100 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Antivirus detection for URL or domain
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Snort IDS alert for network traffic
System process connects to network (likely due to code injection or exploit)
Yara detected Lokibot
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
C2 URLs / IPs found in malware configuration
Machine Learning detection for sample
Maps a DLL or memory area into another process
Tries to harvest and steal Putty / WinSCP information (sessions, passwords, etc)
Tries to harvest and steal browser information (history, passwords, etc)
Tries to harvest and steal ftp login credentials
Tries to steal Mail credentials (via file / registry access)
Tries to steal Mail credentials (via file registry)
Writes to foreign memory regions
Yara detected aPLib compressed binary
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to call native functions
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Enables debug privileges
Extensive use of GetProcAddress (often used to hide API calls)
Found evasive API chain (date check)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Internet Provider seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Sample file is different than original file name gathered from version info
Sigma detected: Uncommon Svchost Parent Process
Uses 32bit PE files
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara detected Credential Stealer
Yara signature match
Classification
- System is w10x64
MV XH DOLPHINPDF.exe (PID: 3060 cmdline: "C:\Users\ user\Deskt op\MV XH D OLPHINPDF. exe" MD5: E3D3D93759A0552C63EC2C3CCBF6C383) 
svchost.exe (PID: 5504 cmdline: "C:\Users\ user\Deskt op\MV XH D OLPHINPDF. exe" MD5: 1ED18311E3DA35942DB37D15FA40CC5B)
- cleanup
| Name | Description | Attribution | Blogpost URLs | Link |
|---|---|---|---|---|
| Loki Password Stealer (PWS), LokiBot | "Loki Bot is a commodity malware sold on underground sites which is designed to steal private data from infected machines, and then submit that info to a command and control host via HTTP POST. This private data includes stored passwords, login credential information from Web browsers, and a variety of cryptocurrency wallets." - PhishMeLoki-Bot employs function hashing to obfuscate the libraries utilized. While not all functions are hashed, a vast majority of them are.Loki-Bot accepts a single argument/switch of -u that simply delays execution (sleeps) for 10 seconds. This is used when Loki-Bot is upgrading itself.The Mutex generated is the result of MD5 hashing the Machine GUID and trimming to 24-characters. For example: B7E1C2CC98066B250DDB2123.Loki-Bot creates a hidden folder within the %APPDATA% directory whose name is supplied by the 8th thru 13th characters of the Mutex. For example: %APPDATA%\ C98066\.There can be four files within the hidden %APPDATA% directory at any given time: .exe, .lck, .hdb and .kdb. They will be named after characters 13 thru 18 of the Mutex. For example: 6B250D. Below is the explanation of their purpose:FILE EXTENSIONFILE DESCRIPTION.exeA copy of the malware that will execute every time the user account is logged into.lckA lock file created when either decrypting Windows Credentials or Keylogging to prevent resource conflicts.hdbA database of hashes for data that has already been exfiltrated to the C2 server.kdbA database of keylogger data that has yet to be sent to the C2 serverIf the user is privileged, Loki-Bot sets up persistence within the registry under HKEY_LOCAL_MACHINE. If not, it sets up persistence under HKEY_CURRENT_USER.The first packet transmitted by Loki-Bot contains application data.The second packet transmitted by Loki-Bot contains decrypted Windows credentials.The third packet transmitted by Loki-Bot is the malware requesting C2 commands from the C2 server. By default, Loki-Bot will send this request out every 10 minutes after the initial packet it sent.Communications to the C2 server from the compromised host contain information about the user and system including the username, hostname, domain, screen resolution, privilege level, system architecture, and Operating System.The first WORD of the HTTP Payload represents the Loki-Bot version.The second WORD of the HTTP Payload is the Payload Type. Below is the table of identified payload types:BYTEPAYLOAD TYPE0x26Stolen Cryptocurrency Wallet0x27Stolen Application Data0x28Get C2 Commands from C2 Server0x29Stolen File0x2APOS (Point of Sale?)0x2BKeylogger Data0x2CScreenshotThe 11th byte of the HTTP Payload begins the Binary ID. This might be useful in tracking campaigns or specific threat actors. This value value is typically ckav.ru. If you come across a Binary ID that is different from this, take note!Loki-Bot encrypts both the URL and the registry key used for persistence using Triple DES encryption.The Content-Key HTTP Header value is the result of hashing the HTTP Header values that precede it. This is likely used as a protection against researchers who wish to poke and prod at Loki-Bots C2 infrastructure.Loki-Bot can accept the following instructions from the C2 Server:BYTEINSTRUCTION DESCRIPTION0x00Download EXE & Execute0x01Download DLL & Load #10x02Download DLL & Load #20x08Delete HDB File0x09Start Keylogger0x0AMine & Steal Data0x0EExit Loki-Bot0x0FUpgrade Loki-Bot0x10Change C2 Polling Frequency0x11Delete Executables & ExitSuricata SignaturesRULE SIDRULE NAME2024311ET TROJAN Loki Bot Cryptocurrency Wallet Exfiltration Detected2024312ET TROJAN Loki Bot Application/Credential Data Exfiltration Detected M12024313ET TROJAN Loki Bot Request for C2 Commands Detected M12024314ET TROJAN Loki Bot File Exfiltration Detected2024315ET TROJAN Loki Bot Keylogger Data Exfiltration Detected M12024316ET TROJAN Loki Bot Screenshot Exfiltration Detected2024317ET TROJAN Loki Bot Application/Credential Data Exfiltration Detected M22024318ET TROJAN Loki Bot Request for C2 Commands Detected M22024319ET TROJAN Loki Bot Keylogger Data Exfiltration Detected M2 |
{"C2 list": ["http://kbfvzoboss.bid/alien/fre.php", "http://alphastand.trade/alien/fre.php", "http://alphastand.win/alien/fre.php", "http://alphastand.top/alien/fre.php", "\u0097\u008b\u008b\u008f\u008c\u00c5\u00d0\u00d0\u009a\u009b\u0098\u009a\u0088\u009a\u0093\u0093\u00d1\u009c\u009e\u0092\u00d0\u00bb\u00a9\u00cd\u00d0\u00af\u00a8\u00ac\u00d0\u0099\u008d\u009a\u00d1\u008f\u0097\u008f"]}| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_Lokibot_1 | Yara detected Lokibot | Joe Security |
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_Lokibot | Yara detected Lokibot | Joe Security | ||
| JoeSecurity_aPLib_compressed_binary | Yara detected aPLib compressed binary | Joe Security | ||
| JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
| Windows_Trojan_Lokibot_1f885282 | unknown | unknown |
| |
| Windows_Trojan_Lokibot_0f421617 | unknown | unknown |
| |
| Click to see the 19 entries | ||||
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_Lokibot | Yara detected Lokibot | Joe Security | ||
| JoeSecurity_aPLib_compressed_binary | Yara detected aPLib compressed binary | Joe Security | ||
| JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
| Windows_Trojan_Lokibot_1f885282 | unknown | unknown |
| |
| Windows_Trojan_Lokibot_0f421617 | unknown | unknown |
| |
| Click to see the 24 entries | ||||
System Summary |   |
|---|
| Source: | Author: Florian Roth (Nextron Systems): | ||
| Source: | Author: vburov: | ||
| Timestamp: | 05/27/24-02:58:09.186594 |
| SID: | 2024318 |
| Source Port: | 49791 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:42.432686 |
| SID: | 2024318 |
| Source Port: | 49825 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:11.985959 |
| SID: | 2024313 |
| Source Port: | 49730 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:09.186594 |
| SID: | 2024313 |
| Source Port: | 49791 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:39.855398 |
| SID: | 2021641 |
| Source Port: | 49822 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:09.229387 |
| SID: | 2021641 |
| Source Port: | 49724 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:53.803473 |
| SID: | 2025381 |
| Source Port: | 49774 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:25.471357 |
| SID: | 2025381 |
| Source Port: | 49808 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:37.210299 |
| SID: | 2021641 |
| Source Port: | 49819 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:38.993699 |
| SID: | 2825766 |
| Source Port: | 49821 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:42.432686 |
| SID: | 2024313 |
| Source Port: | 49825 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:27.314357 |
| SID: | 2025381 |
| Source Port: | 49746 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:02.822734 |
| SID: | 2825766 |
| Source Port: | 49784 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:03.699908 |
| SID: | 2021641 |
| Source Port: | 49785 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:06.518525 |
| SID: | 2024313 |
| Source Port: | 49788 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:11.985959 |
| SID: | 2024318 |
| Source Port: | 49730 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:21.327353 |
| SID: | 2025381 |
| Source Port: | 49741 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:06.518525 |
| SID: | 2024318 |
| Source Port: | 49788 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:53.747051 |
| SID: | 2025381 |
| Source Port: | 49836 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:12.795525 |
| SID: | 2825766 |
| Source Port: | 49731 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:07.399031 |
| SID: | 2825766 |
| Source Port: | 49789 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:05.187815 |
| SID: | 2025381 |
| Source Port: | 49718 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:10.970619 |
| SID: | 2825766 |
| Source Port: | 49728 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:32.850963 |
| SID: | 2021641 |
| Source Port: | 49752 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:43.888980 |
| SID: | 2024318 |
| Source Port: | 49763 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:10.936240 |
| SID: | 2021641 |
| Source Port: | 49793 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:43.888980 |
| SID: | 2024313 |
| Source Port: | 49763 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:36.335492 |
| SID: | 2825766 |
| Source Port: | 49818 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:18.265929 |
| SID: | 2024313 |
| Source Port: | 49800 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:35.485663 |
| SID: | 2024313 |
| Source Port: | 49817 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:03.327854 |
| SID: | 2021641 |
| Source Port: | 49716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:19.144546 |
| SID: | 2825766 |
| Source Port: | 49801 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:00.615870 |
| SID: | 2025381 |
| Source Port: | 49713 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:37.342738 |
| SID: | 2021641 |
| Source Port: | 49757 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:18.265929 |
| SID: | 2024318 |
| Source Port: | 49800 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:35.485663 |
| SID: | 2024318 |
| Source Port: | 49817 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:34.740166 |
| SID: | 2025381 |
| Source Port: | 49754 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:55.635319 |
| SID: | 2825766 |
| Source Port: | 49776 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:54.907197 |
| SID: | 2024313 |
| Source Port: | 49707 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:54.907197 |
| SID: | 2024318 |
| Source Port: | 49707 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:50.878814 |
| SID: | 2024313 |
| Source Port: | 49771 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:57.681674 |
| SID: | 2024318 |
| Source Port: | 49710 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:56.483967 |
| SID: | 2021641 |
| Source Port: | 49777 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:57.681674 |
| SID: | 2024313 |
| Source Port: | 49710 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:17.171322 |
| SID: | 2825766 |
| Source Port: | 49736 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:25.218772 |
| SID: | 2021641 |
| Source Port: | 49744 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:11.776104 |
| SID: | 2025381 |
| Source Port: | 49794 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:59.127367 |
| SID: | 2021641 |
| Source Port: | 49780 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:16.316242 |
| SID: | 2024318 |
| Source Port: | 49735 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:16.316242 |
| SID: | 2024313 |
| Source Port: | 49735 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:50.878814 |
| SID: | 2024318 |
| Source Port: | 49771 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:10.108178 |
| SID: | 2025381 |
| Source Port: | 49726 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:44.306693 |
| SID: | 2021641 |
| Source Port: | 49827 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:17.383670 |
| SID: | 2025381 |
| Source Port: | 49799 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:30.108861 |
| SID: | 2021641 |
| Source Port: | 49749 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:55.869978 |
| SID: | 2021641 |
| Source Port: | 49708 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:08.406183 |
| SID: | 2025381 |
| Source Port: | 49721 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:26.338973 |
| SID: | 2024318 |
| Source Port: | 49809 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:55.869978 |
| SID: | 2825766 |
| Source Port: | 49708 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:23.648663 |
| SID: | 2024313 |
| Source Port: | 49743 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:31.013040 |
| SID: | 2021641 |
| Source Port: | 49814 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:52.045782 |
| SID: | 2021641 |
| Source Port: | 49772 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:23.648663 |
| SID: | 2024318 |
| Source Port: | 49743 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:45.171221 |
| SID: | 2025381 |
| Source Port: | 49828 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:25.218772 |
| SID: | 2825766 |
| Source Port: | 49744 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:04.647547 |
| SID: | 2025381 |
| Source Port: | 49786 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:19.638609 |
| SID: | 2024318 |
| Source Port: | 49739 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:51.174321 |
| SID: | 2825766 |
| Source Port: | 49833 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:40.730674 |
| SID: | 2025381 |
| Source Port: | 49823 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:19.638609 |
| SID: | 2024313 |
| Source Port: | 49739 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:15.663990 |
| SID: | 2021641 |
| Source Port: | 49797 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:15.342998 |
| SID: | 2025381 |
| Source Port: | 49734 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:22.168783 |
| SID: | 2024318 |
| Source Port: | 49742 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:22.168783 |
| SID: | 2024313 |
| Source Port: | 49742 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:31.965000 |
| SID: | 2024313 |
| Source Port: | 49751 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:30.172586 |
| SID: | 2024313 |
| Source Port: | 49813 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:24.574893 |
| SID: | 2021641 |
| Source Port: | 49807 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:31.965000 |
| SID: | 2024318 |
| Source Port: | 49751 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:48.003346 |
| SID: | 2024318 |
| Source Port: | 49767 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:56.824671 |
| SID: | 2021641 |
| Source Port: | 49709 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:33.866649 |
| SID: | 2025381 |
| Source Port: | 49753 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:26.338973 |
| SID: | 2024313 |
| Source Port: | 49809 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:58.817936 |
| SID: | 2825766 |
| Source Port: | 49711 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:48.003346 |
| SID: | 2024313 |
| Source Port: | 49767 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:31.013040 |
| SID: | 2825766 |
| Source Port: | 49814 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:52.045782 |
| SID: | 2825766 |
| Source Port: | 49772 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:18.265929 |
| SID: | 2825766 |
| Source Port: | 49800 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:19.144546 |
| SID: | 2021641 |
| Source Port: | 49801 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:48.003346 |
| SID: | 2025381 |
| Source Port: | 49767 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:30.172586 |
| SID: | 2024318 |
| Source Port: | 49813 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:59.664329 |
| SID: | 2021641 |
| Source Port: | 49712 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:27.314091 |
| SID: | 2021641 |
| Source Port: | 49810 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:29.323327 |
| SID: | 2024318 |
| Source Port: | 49812 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:54.048379 |
| SID: | 2025381 |
| Source Port: | 49706 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:58.817936 |
| SID: | 2021641 |
| Source Port: | 49711 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:48.941539 |
| SID: | 2825766 |
| Source Port: | 49769 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:52.872776 |
| SID: | 2021641 |
| Source Port: | 49835 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:29.323327 |
| SID: | 2024313 |
| Source Port: | 49812 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:49.900695 |
| SID: | 2024313 |
| Source Port: | 49770 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:46.007126 |
| SID: | 2024313 |
| Source Port: | 49829 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:11.985959 |
| SID: | 2825766 |
| Source Port: | 49730 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:50.878814 |
| SID: | 2825766 |
| Source Port: | 49771 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:46.007126 |
| SID: | 2024318 |
| Source Port: | 49829 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:10.970619 |
| SID: | 2021641 |
| Source Port: | 49728 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:49.900695 |
| SID: | 2024318 |
| Source Port: | 49770 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:48.941539 |
| SID: | 2021641 |
| Source Port: | 49769 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:06.518525 |
| SID: | 2825766 |
| Source Port: | 49788 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:12.860512 |
| SID: | 2025381 |
| Source Port: | 49795 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:20.475127 |
| SID: | 2021641 |
| Source Port: | 49740 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:59.993911 |
| SID: | 2021641 |
| Source Port: | 49781 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:02.427081 |
| SID: | 2825766 |
| Source Port: | 49715 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:46.289681 |
| SID: | 2021641 |
| Source Port: | 49765 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:30.172586 |
| SID: | 2825766 |
| Source Port: | 49813 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:09.229387 |
| SID: | 2825766 |
| Source Port: | 49724 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:47.148785 |
| SID: | 2025381 |
| Source Port: | 49766 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:01.718197 |
| SID: | 2024313 |
| Source Port: | 49783 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:01.718197 |
| SID: | 2024318 |
| Source Port: | 49783 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:23.648663 |
| SID: | 2825766 |
| Source Port: | 49743 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:36.373420 |
| SID: | 2021641 |
| Source Port: | 49756 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:41.567295 |
| SID: | 2025381 |
| Source Port: | 49824 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:00.847332 |
| SID: | 2025381 |
| Source Port: | 49782 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:35.556016 |
| SID: | 2024313 |
| Source Port: | 49755 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:43.411668 |
| SID: | 2825766 |
| Source Port: | 49826 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:01.572690 |
| SID: | 2024318 |
| Source Port: | 49714 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:18.824360 |
| SID: | 2025381 |
| Source Port: | 49738 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:57.446786 |
| SID: | 2021641 |
| Source Port: | 49778 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:35.556016 |
| SID: | 2024318 |
| Source Port: | 49755 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:02.822734 |
| SID: | 2021641 |
| Source Port: | 49784 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:58.296639 |
| SID: | 2025381 |
| Source Port: | 49779 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:01.572690 |
| SID: | 2024313 |
| Source Port: | 49714 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:13.812339 |
| SID: | 2024313 |
| Source Port: | 49796 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:13.812339 |
| SID: | 2024318 |
| Source Port: | 49796 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:17.983497 |
| SID: | 2021641 |
| Source Port: | 49737 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:15.663990 |
| SID: | 2825766 |
| Source Port: | 49797 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:43.411668 |
| SID: | 2021641 |
| Source Port: | 49826 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:36.373420 |
| SID: | 2825766 |
| Source Port: | 49756 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:28.412600 |
| SID: | 2025381 |
| Source Port: | 49811 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:01.718197 |
| SID: | 2025381 |
| Source Port: | 49783 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:51.977503 |
| SID: | 2024313 |
| Source Port: | 49834 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:15.663990 |
| SID: | 2024318 |
| Source Port: | 49797 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:14.514493 |
| SID: | 2021641 |
| Source Port: | 49733 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:28.354051 |
| SID: | 2825766 |
| Source Port: | 49747 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:38.132174 |
| SID: | 2025381 |
| Source Port: | 49820 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:45.171221 |
| SID: | 2021641 |
| Source Port: | 49828 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:15.663990 |
| SID: | 2024313 |
| Source Port: | 49797 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:17.983497 |
| SID: | 2025381 |
| Source Port: | 49737 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:47.000038 |
| SID: | 2825766 |
| Source Port: | 49830 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:31.965000 |
| SID: | 2021641 |
| Source Port: | 49751 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:07.503626 |
| SID: | 2025381 |
| Source Port: | 49719 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:51.977503 |
| SID: | 2024318 |
| Source Port: | 49834 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:05.187815 |
| SID: | 2024313 |
| Source Port: | 49718 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:58.296639 |
| SID: | 2024313 |
| Source Port: | 49779 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:20.087463 |
| SID: | 2825766 |
| Source Port: | 49802 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:35.556016 |
| SID: | 2025381 |
| Source Port: | 49755 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:05.187815 |
| SID: | 2024318 |
| Source Port: | 49718 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:19.144546 |
| SID: | 2024318 |
| Source Port: | 49801 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:19.144546 |
| SID: | 2024313 |
| Source Port: | 49801 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:07.503626 |
| SID: | 2825766 |
| Source Port: | 49719 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:54.770134 |
| SID: | 2825766 |
| Source Port: | 49775 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:58.296639 |
| SID: | 2024318 |
| Source Port: | 49779 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:05.571891 |
| SID: | 2024313 |
| Source Port: | 49787 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:36.335492 |
| SID: | 2021641 |
| Source Port: | 49818 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:38.132174 |
| SID: | 2825766 |
| Source Port: | 49820 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:27.314357 |
| SID: | 2024318 |
| Source Port: | 49746 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:05.571891 |
| SID: | 2024318 |
| Source Port: | 49787 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:41.567295 |
| SID: | 2024313 |
| Source Port: | 49824 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:41.567295 |
| SID: | 2024318 |
| Source Port: | 49824 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:52.872776 |
| SID: | 2825766 |
| Source Port: | 49835 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:27.314357 |
| SID: | 2024313 |
| Source Port: | 49746 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:23.686553 |
| SID: | 2024313 |
| Source Port: | 49806 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:53.233272 |
| SID: | 2021641 |
| Source Port: | 49705 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:06.518525 |
| SID: | 2025381 |
| Source Port: | 49788 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:28.354051 |
| SID: | 2025381 |
| Source Port: | 49747 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:23.686553 |
| SID: | 2024318 |
| Source Port: | 49806 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:29.323327 |
| SID: | 2825766 |
| Source Port: | 49812 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:40.730674 |
| SID: | 2021641 |
| Source Port: | 49823 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:10.970619 |
| SID: | 2024318 |
| Source Port: | 49728 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:46.289681 |
| SID: | 2025381 |
| Source Port: | 49765 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:10.970619 |
| SID: | 2024313 |
| Source Port: | 49728 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:48.941539 |
| SID: | 2024313 |
| Source Port: | 49769 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:48.941539 |
| SID: | 2024318 |
| Source Port: | 49769 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:39.944131 |
| SID: | 2025381 |
| Source Port: | 49760 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:22.782486 |
| SID: | 2021641 |
| Source Port: | 49805 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:39.029387 |
| SID: | 2024318 |
| Source Port: | 49759 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:22.168783 |
| SID: | 2025381 |
| Source Port: | 49742 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:39.029387 |
| SID: | 2024313 |
| Source Port: | 49759 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:53.803473 |
| SID: | 2021641 |
| Source Port: | 49774 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:42.432686 |
| SID: | 2825766 |
| Source Port: | 49825 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:04.194340 |
| SID: | 2025381 |
| Source Port: | 49717 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:57.446786 |
| SID: | 2025381 |
| Source Port: | 49778 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:51.174321 |
| SID: | 2021641 |
| Source Port: | 49833 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:36.373420 |
| SID: | 2024313 |
| Source Port: | 49756 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:16.532869 |
| SID: | 2825766 |
| Source Port: | 49798 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:26.338973 |
| SID: | 2025381 |
| Source Port: | 49809 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:13.622626 |
| SID: | 2025381 |
| Source Port: | 49732 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:36.373420 |
| SID: | 2024318 |
| Source Port: | 49756 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:37.342738 |
| SID: | 2825766 |
| Source Port: | 49757 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:52.944507 |
| SID: | 2025381 |
| Source Port: | 49773 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:53.747051 |
| SID: | 2021641 |
| Source Port: | 49836 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:02.822734 |
| SID: | 2024313 |
| Source Port: | 49784 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:56.824671 |
| SID: | 2025381 |
| Source Port: | 49709 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:27.314091 |
| SID: | 2025381 |
| Source Port: | 49810 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:49.900695 |
| SID: | 2025381 |
| Source Port: | 49770 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:38.993699 |
| SID: | 2024318 |
| Source Port: | 49821 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:41.138153 |
| SID: | 2021641 |
| Source Port: | 49761 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:30.108861 |
| SID: | 2825766 |
| Source Port: | 49749 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:38.993699 |
| SID: | 2024313 |
| Source Port: | 49821 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:54.770134 |
| SID: | 2025381 |
| Source Port: | 49775 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:29.208414 |
| SID: | 2024318 |
| Source Port: | 49748 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:39.855398 |
| SID: | 2825766 |
| Source Port: | 49822 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:07.399031 |
| SID: | 2024318 |
| Source Port: | 49789 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:03.699908 |
| SID: | 2825766 |
| Source Port: | 49785 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:48.820321 |
| SID: | 2024318 |
| Source Port: | 49832 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:29.208414 |
| SID: | 2024313 |
| Source Port: | 49748 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:12.795525 |
| SID: | 2021641 |
| Source Port: | 49731 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:07.399031 |
| SID: | 2024313 |
| Source Port: | 49789 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:48.820321 |
| SID: | 2024313 |
| Source Port: | 49832 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:52.319655 |
| SID: | 2025381 |
| Source Port: | 49704 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:02.822734 |
| SID: | 2024318 |
| Source Port: | 49784 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:25.471357 |
| SID: | 2021641 |
| Source Port: | 49808 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:26.436407 |
| SID: | 2025381 |
| Source Port: | 49745 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:17.171322 |
| SID: | 2021641 |
| Source Port: | 49736 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:59.127367 |
| SID: | 2025381 |
| Source Port: | 49780 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:11.776104 |
| SID: | 2024318 |
| Source Port: | 49794 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:46.007126 |
| SID: | 2025381 |
| Source Port: | 49829 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:42.432686 |
| SID: | 2021641 |
| Source Port: | 49825 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:21.838596 |
| SID: | 2024318 |
| Source Port: | 49804 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:02.427081 |
| SID: | 2024313 |
| Source Port: | 49715 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:42.867143 |
| SID: | 2025381 |
| Source Port: | 49762 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:22.782486 |
| SID: | 2825766 |
| Source Port: | 49805 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:55.635319 |
| SID: | 2024313 |
| Source Port: | 49776 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:55.635319 |
| SID: | 2024318 |
| Source Port: | 49776 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:00.847332 |
| SID: | 2021641 |
| Source Port: | 49782 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:03.327854 |
| SID: | 2825766 |
| Source Port: | 49716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:21.838596 |
| SID: | 2024313 |
| Source Port: | 49804 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:02.427081 |
| SID: | 2024318 |
| Source Port: | 49715 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:11.776104 |
| SID: | 2024313 |
| Source Port: | 49794 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:38.199508 |
| SID: | 2025381 |
| Source Port: | 49758 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:13.812339 |
| SID: | 2025381 |
| Source Port: | 49796 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:34.740166 |
| SID: | 2825766 |
| Source Port: | 49754 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:12.860512 |
| SID: | 2825766 |
| Source Port: | 49795 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:44.712946 |
| SID: | 2021641 |
| Source Port: | 49764 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:56.483967 |
| SID: | 2825766 |
| Source Port: | 49777 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:08.266294 |
| SID: | 2025381 |
| Source Port: | 49790 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:09.229387 |
| SID: | 2025381 |
| Source Port: | 49724 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:10.081251 |
| SID: | 2021641 |
| Source Port: | 49792 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:30.172586 |
| SID: | 2025381 |
| Source Port: | 49813 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:47.923427 |
| SID: | 2025381 |
| Source Port: | 49831 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:37.210299 |
| SID: | 2025381 |
| Source Port: | 49819 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:16.532869 |
| SID: | 2021641 |
| Source Port: | 49798 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:20.087463 |
| SID: | 2021641 |
| Source Port: | 49802 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:00.615870 |
| SID: | 2021641 |
| Source Port: | 49713 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:48.003346 |
| SID: | 2825766 |
| Source Port: | 49767 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:28.412600 |
| SID: | 2024313 |
| Source Port: | 49811 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:44.712946 |
| SID: | 2825766 |
| Source Port: | 49764 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:31.110921 |
| SID: | 2024318 |
| Source Port: | 49750 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:28.412600 |
| SID: | 2024318 |
| Source Port: | 49811 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:57.681674 |
| SID: | 2021641 |
| Source Port: | 49710 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:58.817936 |
| SID: | 2025381 |
| Source Port: | 49711 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:18.265929 |
| SID: | 2025381 |
| Source Port: | 49800 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:19.638609 |
| SID: | 2825766 |
| Source Port: | 49739 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:21.327353 |
| SID: | 2021641 |
| Source Port: | 49741 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:18.824360 |
| SID: | 2024318 |
| Source Port: | 49738 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:47.000038 |
| SID: | 2021641 |
| Source Port: | 49830 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:31.110921 |
| SID: | 2024313 |
| Source Port: | 49750 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:21.007407 |
| SID: | 2025381 |
| Source Port: | 49803 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:45.171221 |
| SID: | 2825766 |
| Source Port: | 49828 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:01.572690 |
| SID: | 2025381 |
| Source Port: | 49714 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:18.824360 |
| SID: | 2024313 |
| Source Port: | 49738 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:44.306693 |
| SID: | 2024318 |
| Source Port: | 49827 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:33.866649 |
| SID: | 2024318 |
| Source Port: | 49753 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:44.306693 |
| SID: | 2024313 |
| Source Port: | 49827 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:33.866649 |
| SID: | 2024313 |
| Source Port: | 49753 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:33.709940 |
| SID: | 2021641 |
| Source Port: | 49815 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:10.108178 |
| SID: | 2021641 |
| Source Port: | 49726 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:34.603701 |
| SID: | 2025381 |
| Source Port: | 49816 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:31.965000 |
| SID: | 2825766 |
| Source Port: | 49751 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:10.936240 |
| SID: | 2025381 |
| Source Port: | 49793 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:32.850963 |
| SID: | 2025381 |
| Source Port: | 49752 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:10.081251 |
| SID: | 2825766 |
| Source Port: | 49792 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:57.681674 |
| SID: | 2825766 |
| Source Port: | 49710 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:33.709940 |
| SID: | 2825766 |
| Source Port: | 49815 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:12.860512 |
| SID: | 2021641 |
| Source Port: | 49795 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:31.013040 |
| SID: | 2024318 |
| Source Port: | 49814 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:10.108178 |
| SID: | 2825766 |
| Source Port: | 49726 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:34.740166 |
| SID: | 2021641 |
| Source Port: | 49754 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:31.013040 |
| SID: | 2024313 |
| Source Port: | 49814 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:47.148785 |
| SID: | 2024318 |
| Source Port: | 49766 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:47.148785 |
| SID: | 2024313 |
| Source Port: | 49766 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:19.638609 |
| SID: | 2021641 |
| Source Port: | 49739 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:21.327353 |
| SID: | 2825766 |
| Source Port: | 49741 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:07.399031 |
| SID: | 2025381 |
| Source Port: | 49789 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:26.436407 |
| SID: | 2024313 |
| Source Port: | 49745 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:17.383670 |
| SID: | 2825766 |
| Source Port: | 49799 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:43.411668 |
| SID: | 2025381 |
| Source Port: | 49826 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:10.970619 |
| SID: | 2025381 |
| Source Port: | 49728 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:22.168783 |
| SID: | 2021641 |
| Source Port: | 49742 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:26.436407 |
| SID: | 2024318 |
| Source Port: | 49745 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:52.944507 |
| SID: | 2024318 |
| Source Port: | 49773 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:24.574893 |
| SID: | 2024318 |
| Source Port: | 49807 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:56.824671 |
| SID: | 2024318 |
| Source Port: | 49709 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:52.944507 |
| SID: | 2024313 |
| Source Port: | 49773 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:21.838596 |
| SID: | 2021641 |
| Source Port: | 49804 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:59.664329 |
| SID: | 2024318 |
| Source Port: | 49712 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:24.574893 |
| SID: | 2024313 |
| Source Port: | 49807 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:00.615870 |
| SID: | 2825766 |
| Source Port: | 49713 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:48.003346 |
| SID: | 2021641 |
| Source Port: | 49767 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:26.338973 |
| SID: | 2021641 |
| Source Port: | 49809 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:27.314091 |
| SID: | 2024318 |
| Source Port: | 49810 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:54.048379 |
| SID: | 2021641 |
| Source Port: | 49706 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:47.148785 |
| SID: | 2825766 |
| Source Port: | 49766 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:25.471357 |
| SID: | 2825766 |
| Source Port: | 49808 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:59.664329 |
| SID: | 2024313 |
| Source Port: | 49712 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:27.314091 |
| SID: | 2024313 |
| Source Port: | 49810 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:19.144546 |
| SID: | 2025381 |
| Source Port: | 49801 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:59.993911 |
| SID: | 2024318 |
| Source Port: | 49781 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:20.475127 |
| SID: | 2024318 |
| Source Port: | 49740 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:56.824671 |
| SID: | 2024313 |
| Source Port: | 49709 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:04.194340 |
| SID: | 2024313 |
| Source Port: | 49717 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:53.233272 |
| SID: | 2825766 |
| Source Port: | 49705 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:27.314357 |
| SID: | 2825766 |
| Source Port: | 49746 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:29.323327 |
| SID: | 2021641 |
| Source Port: | 49812 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:04.194340 |
| SID: | 2024318 |
| Source Port: | 49717 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:02.822734 |
| SID: | 2025381 |
| Source Port: | 49784 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:49.900695 |
| SID: | 2021641 |
| Source Port: | 49770 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:46.007126 |
| SID: | 2021641 |
| Source Port: | 49829 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:17.171322 |
| SID: | 2025381 |
| Source Port: | 49736 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:47.923427 |
| SID: | 2825766 |
| Source Port: | 49831 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:52.872776 |
| SID: | 2024313 |
| Source Port: | 49835 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:20.475127 |
| SID: | 2024313 |
| Source Port: | 49740 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:12.795525 |
| SID: | 2025381 |
| Source Port: | 49731 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:16.532869 |
| SID: | 2024318 |
| Source Port: | 49798 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:52.872776 |
| SID: | 2024318 |
| Source Port: | 49835 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:15.342998 |
| SID: | 2021641 |
| Source Port: | 49734 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:54.770134 |
| SID: | 2021641 |
| Source Port: | 49775 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:53.747051 |
| SID: | 2825766 |
| Source Port: | 49836 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:11.776104 |
| SID: | 2825766 |
| Source Port: | 49794 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:16.532869 |
| SID: | 2024313 |
| Source Port: | 49798 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:59.993911 |
| SID: | 2024313 |
| Source Port: | 49781 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:31.965000 |
| SID: | 2025381 |
| Source Port: | 49751 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:20.087463 |
| SID: | 2024313 |
| Source Port: | 49802 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:58.296639 |
| SID: | 2825766 |
| Source Port: | 49779 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:46.289681 |
| SID: | 2024318 |
| Source Port: | 49765 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:52.319655 |
| SID: | 2024312 |
| Source Port: | 49704 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:46.289681 |
| SID: | 2024313 |
| Source Port: | 49765 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:00.847332 |
| SID: | 2825766 |
| Source Port: | 49782 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:41.138153 |
| SID: | 2825766 |
| Source Port: | 49761 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:48.941539 |
| SID: | 2025381 |
| Source Port: | 49769 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:34.603701 |
| SID: | 2825766 |
| Source Port: | 49816 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:15.663990 |
| SID: | 2025381 |
| Source Port: | 49797 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:52.319655 |
| SID: | 2024317 |
| Source Port: | 49704 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:01.718197 |
| SID: | 2021641 |
| Source Port: | 49783 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:20.087463 |
| SID: | 2024318 |
| Source Port: | 49802 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:28.354051 |
| SID: | 2021641 |
| Source Port: | 49747 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:38.993699 |
| SID: | 2025381 |
| Source Port: | 49821 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:31.110921 |
| SID: | 2021641 |
| Source Port: | 49750 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:23.686553 |
| SID: | 2025381 |
| Source Port: | 49806 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:57.446786 |
| SID: | 2024318 |
| Source Port: | 49778 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:44.712946 |
| SID: | 2025381 |
| Source Port: | 49764 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:33.709940 |
| SID: | 2024313 |
| Source Port: | 49815 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:28.412600 |
| SID: | 2825766 |
| Source Port: | 49811 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:57.446786 |
| SID: | 2024313 |
| Source Port: | 49778 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:13.622626 |
| SID: | 2024313 |
| Source Port: | 49732 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:53.803473 |
| SID: | 2825766 |
| Source Port: | 49774 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:21.007407 |
| SID: | 2825766 |
| Source Port: | 49803 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:01.572690 |
| SID: | 2021641 |
| Source Port: | 49714 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:13.622626 |
| SID: | 2024318 |
| Source Port: | 49732 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:39.944131 |
| SID: | 2024318 |
| Source Port: | 49760 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:33.709940 |
| SID: | 2024318 |
| Source Port: | 49815 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:02.427081 |
| SID: | 2025381 |
| Source Port: | 49715 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:35.556016 |
| SID: | 2021641 |
| Source Port: | 49755 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:36.373420 |
| SID: | 2025381 |
| Source Port: | 49756 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:38.132174 |
| SID: | 2021641 |
| Source Port: | 49820 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:14.514493 |
| SID: | 2825766 |
| Source Port: | 49733 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:39.944131 |
| SID: | 2024313 |
| Source Port: | 49760 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:17.983497 |
| SID: | 2024313 |
| Source Port: | 49737 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:07.503626 |
| SID: | 2021641 |
| Source Port: | 49719 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:17.983497 |
| SID: | 2024318 |
| Source Port: | 49737 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:10.081251 |
| SID: | 2025381 |
| Source Port: | 49792 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:51.977503 |
| SID: | 2025381 |
| Source Port: | 49834 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:18.824360 |
| SID: | 2825766 |
| Source Port: | 49738 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:45.171221 |
| SID: | 2024318 |
| Source Port: | 49828 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:11.985959 |
| SID: | 2021641 |
| Source Port: | 49730 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:14.514493 |
| SID: | 2024313 |
| Source Port: | 49733 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:39.855398 |
| SID: | 2024318 |
| Source Port: | 49822 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:47.923427 |
| SID: | 2024313 |
| Source Port: | 49831 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:47.923427 |
| SID: | 2024318 |
| Source Port: | 49831 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:03.327854 |
| SID: | 2025381 |
| Source Port: | 49716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:14.514493 |
| SID: | 2024318 |
| Source Port: | 49733 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:45.171221 |
| SID: | 2024313 |
| Source Port: | 49828 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:31.013040 |
| SID: | 2025381 |
| Source Port: | 49814 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:39.029387 |
| SID: | 2825766 |
| Source Port: | 49759 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:37.210299 |
| SID: | 2024318 |
| Source Port: | 49819 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:39.855398 |
| SID: | 2024313 |
| Source Port: | 49822 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:34.603701 |
| SID: | 2021641 |
| Source Port: | 49816 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:05.187815 |
| SID: | 2021641 |
| Source Port: | 49718 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:05.571891 |
| SID: | 2825766 |
| Source Port: | 49787 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:57.446786 |
| SID: | 2825766 |
| Source Port: | 49778 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:09.229387 |
| SID: | 2024313 |
| Source Port: | 49724 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:08.406183 |
| SID: | 2021641 |
| Source Port: | 49721 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:06.518525 |
| SID: | 2021641 |
| Source Port: | 49788 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:08.266294 |
| SID: | 2825766 |
| Source Port: | 49790 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:09.229387 |
| SID: | 2024318 |
| Source Port: | 49724 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:59.993911 |
| SID: | 2825766 |
| Source Port: | 49781 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:40.730674 |
| SID: | 2825766 |
| Source Port: | 49823 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:32.850963 |
| SID: | 2024313 |
| Source Port: | 49752 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:38.199508 |
| SID: | 2024313 |
| Source Port: | 49758 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:46.007126 |
| SID: | 2825766 |
| Source Port: | 49829 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:16.316242 |
| SID: | 2025381 |
| Source Port: | 49735 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:55.635319 |
| SID: | 2025381 |
| Source Port: | 49776 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:10.936240 |
| SID: | 2024313 |
| Source Port: | 49793 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:17.383670 |
| SID: | 2024313 |
| Source Port: | 49799 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:27.314357 |
| SID: | 2021641 |
| Source Port: | 49746 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:05.571891 |
| SID: | 2021641 |
| Source Port: | 49787 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:17.383670 |
| SID: | 2024318 |
| Source Port: | 49799 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:38.199508 |
| SID: | 2024318 |
| Source Port: | 49758 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:04.647547 |
| SID: | 2024318 |
| Source Port: | 49786 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:53.233272 |
| SID: | 2024312 |
| Source Port: | 49705 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:54.907197 |
| SID: | 2025381 |
| Source Port: | 49707 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:04.647547 |
| SID: | 2024313 |
| Source Port: | 49786 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:52.045782 |
| SID: | 2025381 |
| Source Port: | 49772 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:53.233272 |
| SID: | 2024317 |
| Source Port: | 49705 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:18.265929 |
| SID: | 2021641 |
| Source Port: | 49800 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:54.048379 |
| SID: | 2825766 |
| Source Port: | 49706 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:29.208414 |
| SID: | 2025381 |
| Source Port: | 49748 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:35.485663 |
| SID: | 2021641 |
| Source Port: | 49817 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:32.850963 |
| SID: | 2024318 |
| Source Port: | 49752 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:10.936240 |
| SID: | 2024318 |
| Source Port: | 49793 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:33.866649 |
| SID: | 2825766 |
| Source Port: | 49753 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:59.664329 |
| SID: | 2825766 |
| Source Port: | 49712 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:05.187815 |
| SID: | 2825766 |
| Source Port: | 49718 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:42.867143 |
| SID: | 2021641 |
| Source Port: | 49762 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:53.803473 |
| SID: | 2024313 |
| Source Port: | 49774 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:56.824671 |
| SID: | 2825766 |
| Source Port: | 49709 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:50.878814 |
| SID: | 2021641 |
| Source Port: | 49771 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:24.574893 |
| SID: | 2825766 |
| Source Port: | 49807 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:37.342738 |
| SID: | 2025381 |
| Source Port: | 49757 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:39.029387 |
| SID: | 2021641 |
| Source Port: | 49759 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:56.483967 |
| SID: | 2024318 |
| Source Port: | 49777 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:56.483967 |
| SID: | 2024313 |
| Source Port: | 49777 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:59.127367 |
| SID: | 2024318 |
| Source Port: | 49780 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:09.186594 |
| SID: | 2025381 |
| Source Port: | 49791 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:36.335492 |
| SID: | 2025381 |
| Source Port: | 49818 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:59.127367 |
| SID: | 2024313 |
| Source Port: | 49780 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:03.699908 |
| SID: | 2025381 |
| Source Port: | 49785 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:53.803473 |
| SID: | 2024318 |
| Source Port: | 49774 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:48.820321 |
| SID: | 2825766 |
| Source Port: | 49832 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:15.342998 |
| SID: | 2825766 |
| Source Port: | 49734 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:20.475127 |
| SID: | 2825766 |
| Source Port: | 49740 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:51.174321 |
| SID: | 2025381 |
| Source Port: | 49833 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:30.108861 |
| SID: | 2024318 |
| Source Port: | 49749 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:47.000038 |
| SID: | 2025381 |
| Source Port: | 49830 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:25.218772 |
| SID: | 2025381 |
| Source Port: | 49744 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:17.983497 |
| SID: | 2825766 |
| Source Port: | 49737 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:23.648663 |
| SID: | 2021641 |
| Source Port: | 49743 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:21.007407 |
| SID: | 2024318 |
| Source Port: | 49803 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:44.306693 |
| SID: | 2025381 |
| Source Port: | 49827 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:55.869978 |
| SID: | 2024318 |
| Source Port: | 49708 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:30.108861 |
| SID: | 2024313 |
| Source Port: | 49749 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:41.138153 |
| SID: | 2024313 |
| Source Port: | 49761 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:21.007407 |
| SID: | 2024313 |
| Source Port: | 49803 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:55.869978 |
| SID: | 2024313 |
| Source Port: | 49708 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:42.867143 |
| SID: | 2825766 |
| Source Port: | 49762 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:37.210299 |
| SID: | 2024313 |
| Source Port: | 49819 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:41.138153 |
| SID: | 2024318 |
| Source Port: | 49761 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:08.266294 |
| SID: | 2021641 |
| Source Port: | 49790 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:08.406183 |
| SID: | 2825766 |
| Source Port: | 49721 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:22.782486 |
| SID: | 2025381 |
| Source Port: | 49805 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:43.888980 |
| SID: | 2025381 |
| Source Port: | 49763 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:48.820321 |
| SID: | 2021641 |
| Source Port: | 49832 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:21.838596 |
| SID: | 2825766 |
| Source Port: | 49804 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:27.314091 |
| SID: | 2825766 |
| Source Port: | 49810 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:17.171322 |
| SID: | 2024318 |
| Source Port: | 49736 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:47.923427 |
| SID: | 2021641 |
| Source Port: | 49831 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:31.110921 |
| SID: | 2825766 |
| Source Port: | 49750 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:10.936240 |
| SID: | 2825766 |
| Source Port: | 49793 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:16.532869 |
| SID: | 2025381 |
| Source Port: | 49798 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:00.847332 |
| SID: | 2024318 |
| Source Port: | 49782 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:13.622626 |
| SID: | 2825766 |
| Source Port: | 49732 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:52.872776 |
| SID: | 2025381 |
| Source Port: | 49835 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:17.171322 |
| SID: | 2024313 |
| Source Port: | 49736 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:35.485663 |
| SID: | 2025381 |
| Source Port: | 49817 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:34.603701 |
| SID: | 2024313 |
| Source Port: | 49816 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:52.319655 |
| SID: | 2825766 |
| Source Port: | 49704 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:55.635319 |
| SID: | 2021641 |
| Source Port: | 49776 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:30.172586 |
| SID: | 2021641 |
| Source Port: | 49813 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:02.427081 |
| SID: | 2021641 |
| Source Port: | 49715 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:00.847332 |
| SID: | 2024313 |
| Source Port: | 49782 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:34.603701 |
| SID: | 2024318 |
| Source Port: | 49816 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:08.406183 |
| SID: | 2024318 |
| Source Port: | 49721 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:31.110921 |
| SID: | 2025381 |
| Source Port: | 49750 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:35.485663 |
| SID: | 2825766 |
| Source Port: | 49817 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:08.406183 |
| SID: | 2024313 |
| Source Port: | 49721 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:11.776104 |
| SID: | 2021641 |
| Source Port: | 49794 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:58.817936 |
| SID: | 2024318 |
| Source Port: | 49711 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:39.944131 |
| SID: | 2825766 |
| Source Port: | 49760 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:24.574893 |
| SID: | 2025381 |
| Source Port: | 49807 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:59.664329 |
| SID: | 2025381 |
| Source Port: | 49712 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:38.199508 |
| SID: | 2021641 |
| Source Port: | 49758 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:58.817936 |
| SID: | 2024313 |
| Source Port: | 49711 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:44.712946 |
| SID: | 2024313 |
| Source Port: | 49764 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:10.081251 |
| SID: | 2024318 |
| Source Port: | 49792 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:44.712946 |
| SID: | 2024318 |
| Source Port: | 49764 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:01.718197 |
| SID: | 2825766 |
| Source Port: | 49783 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:22.168783 |
| SID: | 2825766 |
| Source Port: | 49742 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:10.081251 |
| SID: | 2024313 |
| Source Port: | 49792 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:04.647547 |
| SID: | 2021641 |
| Source Port: | 49786 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:46.289681 |
| SID: | 2825766 |
| Source Port: | 49765 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:42.432686 |
| SID: | 2025381 |
| Source Port: | 49825 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:20.087463 |
| SID: | 2025381 |
| Source Port: | 49802 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:42.867143 |
| SID: | 2024318 |
| Source Port: | 49762 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:00.615870 |
| SID: | 2024313 |
| Source Port: | 49713 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:00.615870 |
| SID: | 2024318 |
| Source Port: | 49713 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:37.210299 |
| SID: | 2825766 |
| Source Port: | 49819 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:21.327353 |
| SID: | 2024318 |
| Source Port: | 49741 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:35.556016 |
| SID: | 2825766 |
| Source Port: | 49755 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:21.327353 |
| SID: | 2024313 |
| Source Port: | 49741 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:17.383670 |
| SID: | 2021641 |
| Source Port: | 49799 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:32.850963 |
| SID: | 2825766 |
| Source Port: | 49752 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:29.323327 |
| SID: | 2025381 |
| Source Port: | 49812 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:33.866649 |
| SID: | 2021641 |
| Source Port: | 49753 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:42.867143 |
| SID: | 2024313 |
| Source Port: | 49762 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:18.824360 |
| SID: | 2021641 |
| Source Port: | 49738 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:33.709940 |
| SID: | 2025381 |
| Source Port: | 49815 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:21.838596 |
| SID: | 2025381 |
| Source Port: | 49804 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:43.888980 |
| SID: | 2825766 |
| Source Port: | 49763 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:10.108178 |
| SID: | 2024313 |
| Source Port: | 49726 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:59.127367 |
| SID: | 2825766 |
| Source Port: | 49780 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:10.108178 |
| SID: | 2024318 |
| Source Port: | 49726 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:12.860512 |
| SID: | 2024318 |
| Source Port: | 49795 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:21.007407 |
| SID: | 2021641 |
| Source Port: | 49803 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:01.572690 |
| SID: | 2825766 |
| Source Port: | 49714 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:13.812339 |
| SID: | 2021641 |
| Source Port: | 49796 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:34.740166 |
| SID: | 2024318 |
| Source Port: | 49754 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:59.993911 |
| SID: | 2025381 |
| Source Port: | 49781 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:09.186594 |
| SID: | 2825766 |
| Source Port: | 49791 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:20.475127 |
| SID: | 2025381 |
| Source Port: | 49740 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:12.860512 |
| SID: | 2024313 |
| Source Port: | 49795 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:43.411668 |
| SID: | 2024313 |
| Source Port: | 49826 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:34.740166 |
| SID: | 2024313 |
| Source Port: | 49754 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:57.681674 |
| SID: | 2025381 |
| Source Port: | 49710 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:08.266294 |
| SID: | 2024313 |
| Source Port: | 49790 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:19.638609 |
| SID: | 2025381 |
| Source Port: | 49739 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:47.148785 |
| SID: | 2021641 |
| Source Port: | 49766 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:08.266294 |
| SID: | 2024318 |
| Source Port: | 49790 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:43.411668 |
| SID: | 2024318 |
| Source Port: | 49826 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:44.306693 |
| SID: | 2825766 |
| Source Port: | 49827 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:09.186594 |
| SID: | 2021641 |
| Source Port: | 49791 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:51.977503 |
| SID: | 2021641 |
| Source Port: | 49834 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:03.699908 |
| SID: | 2024318 |
| Source Port: | 49785 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:50.878814 |
| SID: | 2025381 |
| Source Port: | 49771 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:26.436407 |
| SID: | 2021641 |
| Source Port: | 49745 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:48.820321 |
| SID: | 2025381 |
| Source Port: | 49832 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:23.648663 |
| SID: | 2025381 |
| Source Port: | 49743 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:13.812339 |
| SID: | 2825766 |
| Source Port: | 49796 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:54.907197 |
| SID: | 2825766 |
| Source Port: | 49707 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:30.108861 |
| SID: | 2025381 |
| Source Port: | 49749 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:52.944507 |
| SID: | 2021641 |
| Source Port: | 49773 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:58.296639 |
| SID: | 2021641 |
| Source Port: | 49779 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:54.048379 |
| SID: | 2024313 |
| Source Port: | 49706 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:54.048379 |
| SID: | 2024318 |
| Source Port: | 49706 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:03.699908 |
| SID: | 2024313 |
| Source Port: | 49785 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:36.335492 |
| SID: | 2024313 |
| Source Port: | 49818 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:41.138153 |
| SID: | 2025381 |
| Source Port: | 49761 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:04.194340 |
| SID: | 2021641 |
| Source Port: | 49717 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:36.335492 |
| SID: | 2024318 |
| Source Port: | 49818 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:41.567295 |
| SID: | 2021641 |
| Source Port: | 49824 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:23.686553 |
| SID: | 2021641 |
| Source Port: | 49806 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:23.686553 |
| SID: | 2825766 |
| Source Port: | 49806 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:47.000038 |
| SID: | 2024313 |
| Source Port: | 49830 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:47.000038 |
| SID: | 2024318 |
| Source Port: | 49830 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:37.342738 |
| SID: | 2024318 |
| Source Port: | 49757 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:15.342998 |
| SID: | 2024313 |
| Source Port: | 49734 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:40.730674 |
| SID: | 2024318 |
| Source Port: | 49823 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:04.194340 |
| SID: | 2825766 |
| Source Port: | 49717 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:39.029387 |
| SID: | 2025381 |
| Source Port: | 49759 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:43.888980 |
| SID: | 2021641 |
| Source Port: | 49763 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:38.199508 |
| SID: | 2825766 |
| Source Port: | 49758 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:03.327854 |
| SID: | 2024318 |
| Source Port: | 49716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:28.412600 |
| SID: | 2021641 |
| Source Port: | 49811 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:41.567295 |
| SID: | 2825766 |
| Source Port: | 49824 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:15.342998 |
| SID: | 2024318 |
| Source Port: | 49734 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:16.316242 |
| SID: | 2825766 |
| Source Port: | 49735 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:56.483967 |
| SID: | 2025381 |
| Source Port: | 49777 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:54.770134 |
| SID: | 2024313 |
| Source Port: | 49775 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:37.342738 |
| SID: | 2024313 |
| Source Port: | 49757 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:03.327854 |
| SID: | 2024313 |
| Source Port: | 49716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:54.770134 |
| SID: | 2024318 |
| Source Port: | 49775 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:40.730674 |
| SID: | 2024313 |
| Source Port: | 49823 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:52.319655 |
| SID: | 2021641 |
| Source Port: | 49704 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:54.907197 |
| SID: | 2021641 |
| Source Port: | 49707 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:52.944507 |
| SID: | 2825766 |
| Source Port: | 49773 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:22.782486 |
| SID: | 2024313 |
| Source Port: | 49805 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:49.900695 |
| SID: | 2825766 |
| Source Port: | 49770 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:25.471357 |
| SID: | 2024313 |
| Source Port: | 49808 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:22.782486 |
| SID: | 2024318 |
| Source Port: | 49805 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:53.233272 |
| SID: | 2025381 |
| Source Port: | 49705 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:11.985959 |
| SID: | 2025381 |
| Source Port: | 49730 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:53.747051 |
| SID: | 2024318 |
| Source Port: | 49836 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:25.218772 |
| SID: | 2024313 |
| Source Port: | 49744 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:51.174321 |
| SID: | 2024318 |
| Source Port: | 49833 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:51.977503 |
| SID: | 2825766 |
| Source Port: | 49834 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:28.354051 |
| SID: | 2024313 |
| Source Port: | 49747 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:25.218772 |
| SID: | 2024318 |
| Source Port: | 49744 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:05.571891 |
| SID: | 2025381 |
| Source Port: | 49787 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:16.316242 |
| SID: | 2021641 |
| Source Port: | 49735 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:29.208414 |
| SID: | 2825766 |
| Source Port: | 49748 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:51.174321 |
| SID: | 2024313 |
| Source Port: | 49833 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:56:55.869978 |
| SID: | 2025381 |
| Source Port: | 49708 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:28.354051 |
| SID: | 2024318 |
| Source Port: | 49747 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:53.747051 |
| SID: | 2024313 |
| Source Port: | 49836 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:04.647547 |
| SID: | 2825766 |
| Source Port: | 49786 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:52.045782 |
| SID: | 2024318 |
| Source Port: | 49772 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:26.436407 |
| SID: | 2825766 |
| Source Port: | 49745 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:13.622626 |
| SID: | 2021641 |
| Source Port: | 49732 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:38.993699 |
| SID: | 2021641 |
| Source Port: | 49821 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:12.795525 |
| SID: | 2024313 |
| Source Port: | 49731 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:14.514493 |
| SID: | 2025381 |
| Source Port: | 49733 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:07.399031 |
| SID: | 2021641 |
| Source Port: | 49789 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:38.132174 |
| SID: | 2024318 |
| Source Port: | 49820 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:39.855398 |
| SID: | 2025381 |
| Source Port: | 49822 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:39.944131 |
| SID: | 2021641 |
| Source Port: | 49760 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:38.132174 |
| SID: | 2024313 |
| Source Port: | 49820 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:12.795525 |
| SID: | 2024318 |
| Source Port: | 49731 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:52.045782 |
| SID: | 2024313 |
| Source Port: | 49772 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:26.338973 |
| SID: | 2825766 |
| Source Port: | 49809 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:58:25.471357 |
| SID: | 2024318 |
| Source Port: | 49808 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:07.503626 |
| SID: | 2024313 |
| Source Port: | 49719 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:29.208414 |
| SID: | 2021641 |
| Source Port: | 49748 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 05/27/24-02:57:07.503626 |
| SID: | 2024318 |
| Source Port: | 49719 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
Click to jump to signature section
Show All Signature Results
AV Detection | |
|---|
| Source: | URL Reputation: | ||
| Source: | URL Reputation: | ||
| Source: | URL Reputation: | ||
| Source: | URL Reputation: | ||
| Source: | Malware Configuration Extractor: | ||
| Source: | ReversingLabs: | ||
| Source: | Integrated Neural Analysis Model: | ||
| Source: | Joe Sandbox ML: | ||
| Source: | Static PE information: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Code function: | 0_2_000E4696 | |
| Source: | Code function: | 0_2_000EC93C | |
| Source: | Code function: | 0_2_000EC9C7 | |
| Source: | Code function: | 0_2_000EF200 | |
| Source: | Code function: | 0_2_000EF35D | |
| Source: | Code function: | 0_2_000EF65E | |
| Source: | Code function: | 0_2_000E3A2B | |
| Source: | Code function: | 0_2_000E3D4E | |
| Source: | Code function: | 0_2_000EBF27 | |
| Source: | Code function: | 2_2_00403D74 | |
Networking | |
|---|
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Network Connect: | Jump to behavior | ||
| Source: | URLs: | ||
| Source: | URLs: | ||
| Source: | URLs: | ||
| Source: | URLs: | ||
| Source: | URLs: | ||
| Source: | IP Address: | ||
| Source: | ASN Name: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | Code function: | 0_2_000F25E2 | |
| Source: | DNS traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | Code function: | 0_2_000F425A | |
| Source: | Code function: | 0_2_000F4458 | |
| Source: | Code function: | 0_2_000F425A | |
| Source: | Code function: | 0_2_000E0219 | |
| Source: | Code function: | 0_2_0010CDAC | |
System Summary | |
|---|
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Code function: | 0_2_00083B4C | |
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | memstr_ea011fa7-f | |
| Source: | String found in binary or memory: | memstr_6bdce7e5-5 | |
| Source: | String found in binary or memory: | memstr_1c8dd316-1 | |
| Source: | String found in binary or memory: | memstr_bf51be59-0 | |
| Source: | Code function: | 2_2_00CA3540 | |
| Source: | Code function: | 2_2_00CA33C0 | |
| Source: | Code function: | 2_2_00CA2720 | |
| Source: | Code function: | 0_2_000E4021 | |
| Source: | Code function: | 0_2_000D8858 | |
| Source: | Code function: | 0_2_000E545F | |
| Source: | Code function: | 0_2_0008E800 | |
| Source: | Code function: | 0_2_000ADBB5 | |
| Source: | Code function: | 0_2_0010804A | |
| Source: | Code function: | 0_2_0008E060 | |
| Source: | Code function: | 0_2_00094140 | |
| Source: | Code function: | 0_2_000A2405 | |
| Source: | Code function: | 0_2_000B6522 | |
| Source: | Code function: | 0_2_000B267E | |
| Source: | Code function: | 0_2_00100665 | |
| Source: | Code function: | 0_2_000A283A | |
| Source: | Code function: | 0_2_00096843 | |
| Source: | Code function: | 0_2_000B89DF | |
| Source: | Code function: | 0_2_00098A0E | |
| Source: | Code function: | 0_2_000B6A94 | |
| Source: | Code function: | 0_2_00100AE2 | |
| Source: | Code function: | 0_2_000DEB07 | |
| Source: | Code function: | 0_2_000E8B13 | |
| Source: | Code function: | 0_2_000ACD61 | |
| Source: | Code function: | 0_2_000B7006 | |
| Source: | Code function: | 0_2_0009710E | |
| Source: | Code function: | 0_2_00093190 | |
| Source: | Code function: | 0_2_00081287 | |
| Source: | Code function: | 0_2_000A33C7 | |
| Source: | Code function: | 0_2_000AF419 | |
| Source: | Code function: | 0_2_00095680 | |
| Source: | Code function: | 0_2_000A16C4 | |
| Source: | Code function: | 0_2_000958C0 | |
| Source: | Code function: | 0_2_000A78D3 | |
| Source: | Code function: | 0_2_000A1BB8 | |
| Source: | Code function: | 0_2_000B9D05 | |
| Source: | Code function: | 0_2_0008FE40 | |
| Source: | Code function: | 0_2_000A1FD0 | |
| Source: | Code function: | 0_2_000ABFE6 | |
| Source: | Code function: | 0_2_01DD3650 | |
| Source: | Code function: | 2_2_0040549C | |
| Source: | Code function: | 2_2_004029D4 | |
| Source: | Code function: | 2_2_00CA2720 | |
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Static PE information: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Classification label: | ||
| Source: | Code function: | 0_2_000EA2D5 | |
| Source: | Code function: | 0_2_000D8713 | |
| Source: | Code function: | 0_2_000D8CC3 | |
| Source: | Code function: | 2_2_0040650A | |
| Source: | Code function: | 0_2_000EB59E | |
| Source: | Code function: | 0_2_000FF121 | |
| Source: | Code function: | 0_2_000EC602 | |
| Source: | Code function: | 0_2_00084FE9 | |
| Source: | Code function: | 2_2_00CA3360 | |
| Source: | Code function: | 2_2_00CA3360 | |
| Source: | File created: | Jump to behavior | ||
| Source: | Mutant created: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | Static PE information: | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Binary or memory string: | ||
| Source: | ReversingLabs: | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
Data Obfuscation | |
|---|
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | Code function: | 0_2_000FC304 | |
| Source: | Code function: | 0_2_0008C599 | |
| Source: | Code function: | 0_2_000A8B98 | |
| Source: | Code function: | 2_2_00402AD4 | |
| Source: | Code function: | 2_2_00402AFC | |
| Source: | Code function: | 2_2_00CA3360 | |
| Source: | Code function: | 0_2_00084A35 | |
| Source: | Code function: | 0_2_001055FD | |
| Source: | Code function: | 0_2_000A33C7 | |
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Evasive API call chain: | graph_0-99063 | ||
| Source: | API coverage: | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Code function: | 0_2_000E4696 | |
| Source: | Code function: | 0_2_000EC93C | |
| Source: | Code function: | 0_2_000EC9C7 | |
| Source: | Code function: | 0_2_000EF200 | |
| Source: | Code function: | 0_2_000EF35D | |
| Source: | Code function: | 0_2_000EF65E | |
| Source: | Code function: | 0_2_000E3A2B | |
| Source: | Code function: | 0_2_000E3D4E | |
| Source: | Code function: | 0_2_000EBF27 | |
| Source: | Code function: | 2_2_00403D74 | |
| Source: | Code function: | 0_2_00084AFE | |
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Binary or memory string: | ||
| Source: | API call chain: | graph_0-98072 | ||
| Source: | API call chain: | graph_0-98275 | ||
| Source: | Code function: | 0_2_000F41FD | |
| Source: | Code function: | 0_2_00083B4C | |
| Source: | Code function: | 0_2_000B5CCC | |
| Source: | Code function: | 0_2_000FC304 | |
| Source: | Code function: | 0_2_01DD3540 | |
| Source: | Code function: | 0_2_01DD34E0 | |
| Source: | Code function: | 0_2_01DD1ED0 | |
| Source: | Code function: | 2_2_0040317B | |
| Source: | Code function: | 2_2_00CA3060 | |
| Source: | Code function: | 2_2_00CA3060 | |
| Source: | Code function: | 2_2_00CA3060 | |
| Source: | Code function: | 2_2_00CA3060 | |
| Source: | Code function: | 2_2_00CA4410 | |
| Source: | Code function: | 2_2_00CA4410 | |
| Source: | Code function: | 2_2_00CA3540 | |
| Source: | Code function: | 2_2_00CA3540 | |
| Source: | Code function: | 2_2_00CA3540 | |
| Source: | Code function: | 2_2_00CA56A0 | |
| Source: | Code function: | 2_2_00CA56A0 | |
| Source: | Code function: | 2_2_00CA4610 | |
| Source: | Code function: | 2_2_00CA4610 | |
| Source: | Code function: | 2_2_00CA4610 | |
| Source: | Code function: | 2_2_00CA4610 | |
| Source: | Code function: | 0_2_000D81F7 | |
| Source: | Process token adjusted: | Jump to behavior | ||
| Source: | Code function: | 0_2_000AA364 | |
| Source: | Code function: | 0_2_000AA395 | |
| Source: | Code function: | 2_2_00CA5848 | |
| Source: | Code function: | 2_2_00CA33C0 | |
HIPS / PFW / Operating System Protection Evasion | |
|---|
| Source: | Network Connect: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Memory written: | Jump to behavior | ||
| Source: | Code function: | 0_2_000D8C93 | |
| Source: | Code function: | 0_2_00083B4C | |
| Source: | Code function: | 0_2_00084A35 | |
| Source: | Code function: | 0_2_000E4EC9 | |
| Source: | Process created: | Jump to behavior | ||
| Source: | Code function: | 0_2_000D81F7 | |
| Source: | Code function: | 0_2_000E4C03 | |
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Code function: | 0_2_000A886B | |
| Source: | Code function: | 0_2_000B50D7 | |
| Source: | Code function: | 0_2_000C2230 | |
| Source: | Code function: | 0_2_000B418A | |
| Source: | Code function: | 0_2_00084AFE | |
| Source: | Key value queried: | Jump to behavior | ||
Stealing of Sensitive Information | |
|---|
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Code function: | 2_2_0040D069 | |
| Source: | Code function: | 2_2_0040D069 | |
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | Code function: | 0_2_000F6596 | |
| Source: | Code function: | 0_2_000F6A5A | |
| Source: | Code function: | 2_2_00CA6AF0 | |
| Source: | Code function: | 2_2_00CA6BB0 | |
| Source: | Code function: | 2_2_00CA6B60 | |
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | Acquire Infrastructure | 2 Valid Accounts | 2 Native API | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 1 Disable or Modify Tools | 2 OS Credential Dumping | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | 3 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
| Credentials | Domains | Default Accounts | 2 Service Execution | 2 Valid Accounts | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | 21 Input Capture | 1 Account Discovery | Remote Desktop Protocol | 2 Data from Local System | 1 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | At | 3 Windows Service | 2 Valid Accounts | 2 Obfuscated Files or Information | 2 Credentials in Registry | 1 File and Directory Discovery | SMB/Windows Admin Shares | 1 Email Collection | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
| Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 21 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 17 System Information Discovery | Distributed Component Object Model | 21 Input Capture | 113 Application Layer Protocol | Traffic Duplication | Data Destruction |
| Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 3 Windows Service | 1 Masquerading | LSA Secrets | 31 Security Software Discovery | SSH | 3 Clipboard Data | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
| Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | 312 Process Injection | 2 Valid Accounts | Cached Domain Credentials | 11 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
| DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 11 Virtualization/Sandbox Evasion | DCSync | 2 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
| Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 21 Access Token Manipulation | Proc Filesystem | 1 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
| Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | 312 Process Injection | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 32% | ReversingLabs | Win32.Trojan.Strab | ||
| 100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 100% | URL Reputation | malware | ||
| 100% | URL Reputation | malware | ||
| 100% | URL Reputation | malware | ||
| 100% | URL Reputation | malware | ||
| 0% | URL Reputation | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 1% | Virustotal | Browse |
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| edgewell.cam | 104.21.85.101 | true | true | unknown |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| true |
| unknown | |
| true |
| unknown | |
| true |
| unknown | |
| true |
| unknown | |
| true |
| unknown | |
| true |
| unknown |
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 104.21.85.101 | edgewell.cam | United States | 13335 | CLOUDFLARENETUS | true |
| Joe Sandbox version: | 40.0.0 Tourmaline |
| Analysis ID: | 1447784 |
| Start date and time: | 2024-05-27 02:56:05 +02:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | 0h 5m 45s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | default.jbs |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 6 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Sample name: | MV XH DOLPHINPDF.exe |
| Detection: | MAL |
| Classification: | mal100.troj.spyw.evad.winEXE@3/6@1/1 |
| EGA Information: |
|
| HCA Information: |
|
| Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
- Report size exceeded maximum capacity and may have missing disassembly code.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
| Time | Type | Description |
|---|---|---|
| 20:56:53 | API Interceptor |
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 104.21.85.101 | Get hash | malicious | HTMLPhisher | Browse | ||
| Get hash | malicious | HTMLPhisher | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse |
⊘No context
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| CLOUDFLARENETUS | Get hash | malicious | DCRat | Browse |
| |
| Get hash | malicious | DCRat | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
| Process: | C:\Users\user\Desktop\MV XH DOLPHINPDF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 79420 |
| Entropy (8bit): | 7.939998789485532 |
| Encrypted: | false |
| SSDEEP: | 1536:dPT6zH3JigADZsv1iTiXUXnUMOGOCTx2B5eDMeCJJK4S9frxB7bm40U:JT6zH3J4aNqnrOpDfMD9frxB7boU |
| MD5: | 4E5A3A6A60BEF5DC2B2F969E61F2FC88 |
| SHA1: | 37299CBCC947C05E398EF4ED776FA0B6933076B0 |
| SHA-256: | 10938607EA09B4CF8CF7D74DDB1A17613986F18A779D4B22A9E18900869E8D9B |
| SHA-512: | 08D967B2079934F5BBEC9B0339FA0D80BF470E1990391DD255CF68AD3EB16303F74E4BEEBCA96258CB664849B1CEC2BAAB1F58CB8B752E70828C34F6581E71D9 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Users\user\Desktop\MV XH DOLPHINPDF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 9860 |
| Entropy (8bit): | 7.598889720442583 |
| Encrypted: | false |
| SSDEEP: | 192:yyaFcTok4nEeZ6CFsim8+sXxK3v0/qq6XP1DgADZNbgIfycKYf:cFxk4EewCFsvaxK3v0/CP1DLm2ycT |
| MD5: | 7F4BDDA389D57A01F86AC0D3754F2EF1 |
| SHA1: | 0903F134EE4B602EE5F88CDD8D2B3855E43F98A1 |
| SHA-256: | 93C1A70EE367EB5FDF86EE7DD7A8B4491BCDD85866AB06B2F07B3CDE6D70E2B6 |
| SHA-512: | DC1013B1776EB6AF2024965729842D9D36FBB74BC742D383E9E3FA580EFDD48B4B6456F1B80DBABBEF376745E53AB93C4122368CF9E318AD6FE2F968242BF7D8 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Users\user\Desktop\MV XH DOLPHINPDF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 106496 |
| Entropy (8bit): | 7.350845188738085 |
| Encrypted: | false |
| SSDEEP: | 1536:FlIrSF/+WCXbtf591JjoMZ/s01DL2ByIHX18JISyOVIZqMu4yiOQ5HwvsoG0X3r:Fuq/+T5h5U0xL2FLTt5IsotX3r |
| MD5: | 475F555A82ACF0485F0E9A55B25109D7 |
| SHA1: | 70615534248833A418CA4F0FDF3E9A4E5A3EE3A6 |
| SHA-256: | 01B9A1D502CA4B0F2DA69C51A50AD787E4FE2ECA0AEBBC24B5CDA6D82C324DEC |
| SHA-512: | 27DDDE3DFAC0CB240E30C4A6FC3A1A953735F6CDF37DFBAC6B35ED2820CB4E7FB88AE5EF73859D5113B2E6F28FBABF56A0BC2F5F89FF88769011DEA45E33116D |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Users\user\Desktop\MV XH DOLPHINPDF.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 28724 |
| Entropy (8bit): | 3.59481481674996 |
| Encrypted: | false |
| SSDEEP: | 768:ViTZ+2QoioGRk6ZklputwjpjBkCiw2RuJ3nXKUrvzjsNbBE+Ii6m34vfF3if6gyU:ViTZ+2QoioGRk6ZklputwjpjBkCiw2Rt |
| MD5: | 2B45FA8433747E84F3A46F8069C919A0 |
| SHA1: | 0F4C6437834A4B5D624EA1D5CC904E8F503FD409 |
| SHA-256: | B389F60F28E4CE1B3B6367B1D48D01210398D8F240793016CD2B5F8BAEA3B7C3 |
| SHA-512: | 75400937725E94ABD16BE8BFD9561BC5D951A9D1BE1B711128A3DF7B7DFF00C85212EAA3DEFA42E832B0DF7286048C93212F29C0BE382713EE299A9E711F4B35 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Windows\SysWOW64\svchost.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:U:U |
| MD5: | C4CA4238A0B923820DCC509A6F75849B |
| SHA1: | 356A192B7913B04C54574D18C28D46E6395428AB |
| SHA-256: | 6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B |
| SHA-512: | 4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A |
| Malicious: | false |
| Reputation: | high, very likely benign file |
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\89dad5d484a9f889a3a8dfca823edc3e_9e146be9-c76a-4720-bcdb-53011b87bd06
Download File
| Process: | C:\Windows\SysWOW64\svchost.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 47 |
| Entropy (8bit): | 1.168829563685559 |
| Encrypted: | false |
| SSDEEP: | 3:/lSll2DQi:AoMi |
| MD5: | DAB633BEBCCE13575989DCFA4E2203D6 |
| SHA1: | 33186D50F04C5B5196C1FCC1FAD17894B35AC6C7 |
| SHA-256: | 1C00FBA1B82CD386E866547F33E1526B03F59E577449792D99C882DEF05A1D17 |
| SHA-512: | EDDBB22D9FC6065B8F5376EC95E316E7569530EFAA9EA9BC641881D763B91084DCCC05BC793E8E29131D20946392A31BD943E8FC632D91EE13ABA7B0CD1C626F |
| Malicious: | false |
| Reputation: | moderate, very likely benign file |
| Preview: |
| File type: | |
| Entropy (8bit): | 6.8018685177528155 |
| TrID: |
|
| File name: | MV XH DOLPHINPDF.exe |
| File size: | 963'072 bytes |
| MD5: | e3d3d93759a0552c63ec2c3ccbf6c383 |
| SHA1: | cfa0d6279822bc75a22e54e3dcb6e378a0772605 |
| SHA256: | 31607008c03354cf7b6b21d8d3ecc31186e39a92dca54c0c26c30ecd85957cec |
| SHA512: | a907954c0554dfa1f20f87e1c71e32f65276197672065d321b249fba96662b7ab853e12a67482d2c860213d63ab76ead7b69bb89c19931bc2fcca7dbbf83e8c7 |
| SSDEEP: | 24576:sAHnh+eWsN3skA4RV1Hom2KXMmHaIEUS6WH5:Lh+ZkldoPK8YaIEUjq |
| TLSH: | C2259C0273D2C036FFABA2739B6AF24156BD79254123852F13981DB9BD701B2273D663 |
| File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$........s..R...R...R....C..P.....;.S..._@#.a..._@......_@..g...[j..[...[jo.w...R...r.............#.S..._@'.S...R.k.S.....".S...RichR.. |
 | |
| Icon Hash: | aaf3e3e3938382a0 |
| Entrypoint: | 0x42800a |
| Entrypoint Section: | .text |
| Digitally signed: | false |
| Imagebase: | 0x400000 |
| Subsystem: | windows gui |
| Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE |
| DLL Characteristics: | DYNAMIC_BASE, TERMINAL_SERVER_AWARE |
| Time Stamp: | 0x6653C7B2 [Sun May 26 23:37:22 2024 UTC] |
| TLS Callbacks: | |
| CLR (.Net) Version: | |
| OS Version Major: | 5 |
| OS Version Minor: | 1 |
| File Version Major: | 5 |
| File Version Minor: | 1 |
| Subsystem Version Major: | 5 |
| Subsystem Version Minor: | 1 |
| Import Hash: | afcdf79be1557326c854b6e20cb900a7 |
| Instruction |
|---|
| call 00007F9C80E3093Dh |
| jmp 00007F9C80E236F4h |
| int3 |
| int3 |
| int3 |
| int3 |
| int3 |
| int3 |
| int3 |
| int3 |
| int3 |
| int3 |
| int3 |
| int3 |
| push edi |
| push esi |
| mov esi, dword ptr [esp+10h] |
| mov ecx, dword ptr [esp+14h] |
| mov edi, dword ptr [esp+0Ch] |
| mov eax, ecx |
| mov edx, ecx |
| add eax, esi |
| cmp edi, esi |
| jbe 00007F9C80E2387Ah |
| cmp edi, eax |
| jc 00007F9C80E23BDEh |
| bt dword ptr [004C41FCh], 01h |
| jnc 00007F9C80E23879h |
| rep movsb |
| jmp 00007F9C80E23B8Ch |
| cmp ecx, 00000080h |
| jc 00007F9C80E23A44h |
| mov eax, edi |
| xor eax, esi |
| test eax, 0000000Fh |
| jne 00007F9C80E23880h |
| bt dword ptr [004BF324h], 01h |
| jc 00007F9C80E23D50h |
| bt dword ptr [004C41FCh], 00000000h |
| jnc 00007F9C80E23A1Dh |
| test edi, 00000003h |
| jne 00007F9C80E23A2Eh |
| test esi, 00000003h |
| jne 00007F9C80E23A0Dh |
| bt edi, 02h |
| jnc 00007F9C80E2387Fh |
| mov eax, dword ptr [esi] |
| sub ecx, 04h |
| lea esi, dword ptr [esi+04h] |
| mov dword ptr [edi], eax |
| lea edi, dword ptr [edi+04h] |
| bt edi, 03h |
| jnc 00007F9C80E23883h |
| movq xmm1, qword ptr [esi] |
| sub ecx, 08h |
| lea esi, dword ptr [esi+08h] |
| movq qword ptr [edi], xmm1 |
| lea edi, dword ptr [edi+08h] |
| test esi, 00000007h |
| je 00007F9C80E238D5h |
| bt esi, 03h |
| Programming Language: |
|
| Name | Virtual Address | Virtual Size | Is in Section |
|---|---|---|---|
| IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IMPORT | 0xbc0cc | 0x17c | .rdata |
| IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xc8000 | 0x20ae4 | .rsrc |
| IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xe9000 | 0x7134 | .reloc |
| IMAGE_DIRECTORY_ENTRY_DEBUG | 0x92bc0 | 0x1c | .rdata |
| IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xa4b50 | 0x40 | .rdata |
| IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IAT | 0x8f000 | 0x884 | .rdata |
| IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
| Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
|---|---|---|---|---|---|---|---|---|---|
| .text | 0x1000 | 0x8dfdd | 0x8e000 | 310e36668512d53489c005622bb1b4a9 | False | 0.5735602580325704 | data | 6.675248351711057 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
| .rdata | 0x8f000 | 0x2fd8e | 0x2fe00 | 748cf1ab2605ce1fd72d53d912abb68f | False | 0.32828818537859006 | data | 5.763244005758284 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .data | 0xbf000 | 0x8f74 | 0x5200 | aae9601d920f07080bdfadf43dfeff12 | False | 0.1017530487804878 | data | 1.1963819235530628 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
| .rsrc | 0xc8000 | 0x20ae4 | 0x20c00 | 3715dbd8b9820085845ddaab578c3d8d | False | 0.798254114980916 | data | 7.528537187270758 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .reloc | 0xe9000 | 0x7134 | 0x7200 | f04128ad0f87f42830e4a6cdbc38c719 | False | 0.7617530153508771 | data | 6.783955557128661 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
| Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
|---|---|---|---|---|---|---|
| RT_ICON | 0xc85a8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
| RT_ICON | 0xc86d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
| RT_ICON | 0xc87f8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.3885135135135135 |
| RT_ICON | 0xc8920 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 0 | English | Great Britain | 0.3333333333333333 |
| RT_ICON | 0xc8c08 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 0 | English | Great Britain | 0.5 |
| RT_ICON | 0xc8d30 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | English | Great Britain | 0.2835820895522388 |
| RT_ICON | 0xc9bd8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | Great Britain | 0.37906137184115524 |
| RT_ICON | 0xca480 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | English | Great Britain | 0.23699421965317918 |
| RT_ICON | 0xca9e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | English | Great Britain | 0.13858921161825727 |
| RT_ICON | 0xccf90 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | English | Great Britain | 0.25070356472795496 |
| RT_ICON | 0xce038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | Great Britain | 0.3173758865248227 |
| RT_MENU | 0xce4a0 | 0x50 | data | English | Great Britain | 0.9 |
| RT_STRING | 0xce4f0 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
| RT_STRING | 0xcea84 | 0x68a | data | English | Great Britain | 0.2747909199522103 |
| RT_STRING | 0xcf110 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
| RT_STRING | 0xcf5a0 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
| RT_STRING | 0xcfb9c | 0x65c | data | English | Great Britain | 0.34336609336609336 |
| RT_STRING | 0xd01f8 | 0x466 | data | English | Great Britain | 0.3605683836589698 |
| RT_STRING | 0xd0660 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
| RT_RCDATA | 0xd07b8 | 0x17d7c | data | 1.0003686258447675 | ||
| RT_GROUP_ICON | 0xe8534 | 0x76 | data | English | Great Britain | 0.6610169491525424 |
| RT_GROUP_ICON | 0xe85ac | 0x14 | data | English | Great Britain | 1.25 |
| RT_GROUP_ICON | 0xe85c0 | 0x14 | data | English | Great Britain | 1.15 |
| RT_GROUP_ICON | 0xe85d4 | 0x14 | data | English | Great Britain | 1.25 |
| RT_VERSION | 0xe85e8 | 0x10c | data | English | Great Britain | 0.5932835820895522 |
| RT_MANIFEST | 0xe86f4 | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
| DLL | Import |
|---|---|
| WSOCK32.dll | WSACleanup, socket, inet_ntoa, setsockopt, ntohs, recvfrom, ioctlsocket, htons, WSAStartup, __WSAFDIsSet, select, accept, listen, bind, closesocket, WSAGetLastError, recv, sendto, send, inet_addr, gethostbyname, gethostname, connect |
| VERSION.dll | GetFileVersionInfoW, GetFileVersionInfoSizeW, VerQueryValueW |
| WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
| COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
| MPR.dll | WNetUseConnectionW, WNetCancelConnection2W, WNetGetConnectionW, WNetAddConnection2W |
| WININET.dll | InternetQueryDataAvailable, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, HttpOpenRequestW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetConnectW |
| PSAPI.DLL | GetProcessMemoryInfo |
| IPHLPAPI.DLL | IcmpCreateFile, IcmpCloseHandle, IcmpSendEcho |
| USERENV.dll | DestroyEnvironmentBlock, UnloadUserProfile, CreateEnvironmentBlock, LoadUserProfileW |
| UxTheme.dll | IsThemeActive |
| KERNEL32.dll | DuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, SetCurrentDirectoryW, GetLongPathNameW, GetShortPathNameW, DeleteFileW, FindNextFileW, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, FindResourceW, LoadResource, LockResource, SizeofResource, EnumResourceNamesW, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, GetLocalTime, CompareStringW, GetCurrentProcess, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, LoadLibraryW, VirtualAlloc, IsDebuggerPresent, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, GetCurrentThread, CloseHandle, GetFullPathNameW, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, GetSystemTimeAsFileTime, ResumeThread, GetCommandLineW, IsProcessorFeaturePresent, IsValidCodePage, GetACP, GetOEMCP, GetCPInfo, SetLastError, UnhandledExceptionFilter, SetUnhandledExceptionFilter, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, GetStartupInfoW, GetStringTypeW, SetStdHandle, GetFileType, GetConsoleCP, GetConsoleMode, RtlUnwind, ReadConsoleW, GetTimeZoneInformation, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetEnvironmentStringsW, FreeEnvironmentStringsW, WriteConsoleW, FindClose, SetEnvironmentVariableA |
| USER32.dll | AdjustWindowRectEx, CopyImage, SetWindowPos, GetCursorInfo, RegisterHotKey, ClientToScreen, GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, MonitorFromPoint, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, CreateIconFromResourceEx, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, TrackPopupMenuEx, GetCursorPos, DeleteMenu, SetRect, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, MonitorFromRect, keybd_event, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, ScreenToClient, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, GetMessageW, LockWindowUpdate, DispatchMessageW, TranslateMessage, PeekMessageW, UnregisterHotKey, CheckMenuRadioItem, CharLowerBuffW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, SystemParametersInfoW, LoadImageW, GetClassNameW |
| GDI32.dll | StrokePath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, GetDeviceCaps, EndPath, SetPixel, CloseFigure, CreateCompatibleBitmap, CreateCompatibleDC, SelectObject, StretchBlt, GetDIBits, LineTo, AngleArc, MoveToEx, Ellipse, DeleteDC, GetPixel, CreateDCW, GetStockObject, GetTextFaceW, CreateFontW, SetTextColor, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, CreateSolidBrush, StrokeAndFillPath |
| COMDLG32.dll | GetOpenFileNameW, GetSaveFileNameW |
| ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, RegCreateKeyExW, FreeSid, GetTokenInformation, GetSecurityDescriptorDacl, GetAclInformation, AddAce, SetSecurityDescriptorDacl, GetUserNameW, InitiateSystemShutdownExW |
| SHELL32.dll | DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW, DragFinish |
| ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoSetProxyBlanket, CoCreateInstanceEx, CoInitializeSecurity |
| OLEAUT32.dll | LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, SafeArrayDestroyDescriptor, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, RegisterTypeLib, CreateStdDispatch, DispCallFunc, VariantChangeType, SysStringLen, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, VariantCopy, VariantClear, OleLoadPicture, QueryPathOfRegTypeLib, RegisterTypeLibForUser, UnRegisterTypeLibForUser, UnRegisterTypeLib, CreateDispTypeInfo, SysAllocString, VariantInit |
| Language of compilation system | Country where language is spoken | Map |
|---|---|---|
| English | Great Britain |  |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node| Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|---|---|---|
| 05/27/24-02:58:09.186594 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49791 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:42.432686 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49825 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:11.985959 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49730 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:09.186594 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49791 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:39.855398 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49822 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:09.229387 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49724 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:53.803473 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49774 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:25.471357 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49808 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:37.210299 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49819 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:38.993699 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49821 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:42.432686 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49825 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:27.314357 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49746 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:02.822734 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49784 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:03.699908 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49785 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:06.518525 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49788 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:11.985959 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49730 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:21.327353 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49741 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:06.518525 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49788 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:53.747051 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49836 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:12.795525 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49731 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:07.399031 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49789 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:05.187815 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49718 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:10.970619 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49728 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:32.850963 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49752 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:43.888980 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49763 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:10.936240 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49793 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:43.888980 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49763 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:36.335492 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49818 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:18.265929 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49800 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:35.485663 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49817 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:03.327854 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49716 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:19.144546 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49801 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:00.615870 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49713 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:37.342738 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49757 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:18.265929 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49800 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:35.485663 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49817 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:34.740166 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49754 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:55.635319 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49776 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:54.907197 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49707 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:54.907197 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49707 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:50.878814 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49771 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:57.681674 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49710 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:56.483967 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49777 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:57.681674 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49710 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:17.171322 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49736 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:25.218772 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49744 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:11.776104 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49794 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:59.127367 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49780 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:16.316242 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49735 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:16.316242 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49735 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:50.878814 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49771 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:10.108178 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49726 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:44.306693 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49827 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:17.383670 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49799 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:30.108861 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49749 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:55.869978 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49708 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:08.406183 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49721 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:26.338973 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49809 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:55.869978 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49708 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:23.648663 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49743 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:31.013040 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49814 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:52.045782 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49772 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:23.648663 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49743 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:45.171221 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49828 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:25.218772 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49744 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:04.647547 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49786 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:19.638609 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49739 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:51.174321 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49833 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:40.730674 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49823 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:19.638609 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49739 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:15.663990 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49797 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:15.342998 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49734 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:22.168783 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49742 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:22.168783 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49742 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:31.965000 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49751 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:30.172586 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49813 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:24.574893 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49807 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:31.965000 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49751 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:48.003346 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49767 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:56.824671 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49709 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:33.866649 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49753 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:26.338973 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49809 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:58.817936 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49711 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:48.003346 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49767 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:31.013040 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49814 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:52.045782 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49772 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:18.265929 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49800 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:19.144546 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49801 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:48.003346 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49767 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:30.172586 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49813 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:59.664329 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49712 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:27.314091 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49810 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:29.323327 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49812 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:54.048379 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49706 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:58.817936 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49711 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:48.941539 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49769 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:52.872776 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49835 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:29.323327 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49812 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:49.900695 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49770 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:46.007126 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49829 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:11.985959 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49730 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:50.878814 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49771 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:46.007126 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49829 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:10.970619 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49728 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:49.900695 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49770 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:48.941539 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49769 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:06.518525 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49788 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:12.860512 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49795 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:20.475127 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49740 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:59.993911 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49781 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:02.427081 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49715 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:46.289681 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49765 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:30.172586 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49813 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:09.229387 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49724 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:47.148785 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49766 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:01.718197 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49783 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:01.718197 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49783 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:23.648663 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49743 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:36.373420 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49756 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:41.567295 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49824 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:00.847332 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49782 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:35.556016 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49755 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:43.411668 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49826 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:01.572690 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49714 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:18.824360 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49738 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:57.446786 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49778 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:35.556016 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49755 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:02.822734 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49784 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:58.296639 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49779 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:01.572690 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49714 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:13.812339 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49796 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:13.812339 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49796 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:17.983497 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49737 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:15.663990 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49797 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:43.411668 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49826 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:36.373420 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49756 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:28.412600 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49811 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:01.718197 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49783 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:51.977503 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49834 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:15.663990 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49797 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:14.514493 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49733 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:28.354051 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49747 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:38.132174 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49820 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:45.171221 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49828 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:15.663990 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49797 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:17.983497 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49737 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:47.000038 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49830 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:31.965000 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49751 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:07.503626 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49719 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:51.977503 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49834 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:05.187815 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49718 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:58.296639 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49779 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:20.087463 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49802 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:35.556016 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49755 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:05.187815 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49718 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:19.144546 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49801 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:19.144546 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49801 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:07.503626 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49719 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:54.770134 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49775 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:58.296639 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49779 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:05.571891 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49787 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:36.335492 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49818 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:38.132174 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49820 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:27.314357 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49746 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:05.571891 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49787 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:41.567295 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49824 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:41.567295 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49824 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:52.872776 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49835 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:27.314357 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49746 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:23.686553 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49806 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:53.233272 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49705 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:06.518525 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49788 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:28.354051 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49747 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:23.686553 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49806 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:29.323327 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49812 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:40.730674 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49823 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:10.970619 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49728 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:46.289681 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49765 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:10.970619 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49728 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:48.941539 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49769 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:48.941539 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49769 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:39.944131 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49760 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:22.782486 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49805 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:39.029387 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49759 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:22.168783 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49742 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:39.029387 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49759 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:53.803473 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49774 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:42.432686 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49825 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:04.194340 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49717 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:57.446786 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49778 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:51.174321 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49833 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:36.373420 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49756 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:16.532869 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49798 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:26.338973 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49809 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:13.622626 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49732 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:36.373420 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49756 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:37.342738 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49757 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:52.944507 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49773 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:53.747051 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49836 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:02.822734 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49784 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:56.824671 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49709 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:27.314091 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49810 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:49.900695 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49770 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:38.993699 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49821 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:41.138153 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49761 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:30.108861 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49749 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:38.993699 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49821 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:54.770134 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49775 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:29.208414 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49748 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:39.855398 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49822 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:07.399031 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49789 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:03.699908 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49785 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:48.820321 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49832 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:29.208414 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49748 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:12.795525 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49731 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:07.399031 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49789 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:48.820321 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49832 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:52.319655 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49704 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:02.822734 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49784 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:25.471357 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49808 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:26.436407 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49745 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:17.171322 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49736 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:59.127367 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49780 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:11.776104 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49794 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:46.007126 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49829 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:42.432686 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49825 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:21.838596 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49804 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:02.427081 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49715 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:42.867143 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49762 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:22.782486 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49805 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:55.635319 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49776 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:55.635319 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49776 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:00.847332 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49782 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:03.327854 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49716 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:21.838596 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49804 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:02.427081 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49715 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:11.776104 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49794 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:38.199508 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49758 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:13.812339 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49796 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:34.740166 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49754 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:12.860512 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49795 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:44.712946 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49764 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:56.483967 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49777 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:08.266294 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49790 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:09.229387 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49724 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:10.081251 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49792 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:30.172586 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49813 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:47.923427 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49831 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:37.210299 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49819 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:16.532869 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49798 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:20.087463 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49802 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:00.615870 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49713 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:48.003346 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49767 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:28.412600 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49811 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:44.712946 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49764 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:31.110921 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49750 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:28.412600 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49811 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:57.681674 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49710 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:58.817936 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49711 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:18.265929 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49800 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:19.638609 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49739 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:21.327353 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49741 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:18.824360 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49738 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:47.000038 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49830 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:31.110921 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49750 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:21.007407 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49803 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:45.171221 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49828 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:01.572690 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49714 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:18.824360 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49738 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:44.306693 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49827 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:33.866649 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49753 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:44.306693 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49827 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:33.866649 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49753 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:33.709940 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49815 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:10.108178 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49726 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:34.603701 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49816 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:31.965000 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49751 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:10.936240 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49793 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:32.850963 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49752 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:10.081251 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49792 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:57.681674 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49710 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:33.709940 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49815 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:12.860512 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49795 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:31.013040 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49814 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:10.108178 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49726 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:34.740166 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49754 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:31.013040 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49814 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:47.148785 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49766 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:47.148785 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49766 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:19.638609 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49739 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:21.327353 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49741 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:07.399031 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49789 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:26.436407 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49745 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:17.383670 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49799 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:43.411668 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49826 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:10.970619 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49728 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:22.168783 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49742 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:26.436407 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49745 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:52.944507 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49773 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:24.574893 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49807 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:56.824671 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49709 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:52.944507 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49773 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:21.838596 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49804 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:59.664329 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49712 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:24.574893 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49807 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:00.615870 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49713 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:48.003346 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49767 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:26.338973 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49809 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:27.314091 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49810 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:54.048379 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49706 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:47.148785 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49766 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:25.471357 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49808 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:59.664329 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49712 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:27.314091 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49810 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:19.144546 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49801 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:59.993911 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49781 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:20.475127 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49740 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:56.824671 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49709 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:04.194340 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49717 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:53.233272 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49705 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:27.314357 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49746 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:29.323327 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49812 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:04.194340 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49717 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:02.822734 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49784 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:49.900695 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49770 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:46.007126 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49829 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:17.171322 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49736 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:47.923427 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49831 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:52.872776 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49835 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:20.475127 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49740 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:12.795525 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49731 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:16.532869 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49798 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:52.872776 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49835 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:15.342998 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49734 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:54.770134 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49775 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:53.747051 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49836 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:11.776104 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49794 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:16.532869 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49798 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:59.993911 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49781 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:31.965000 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49751 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:20.087463 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49802 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:58.296639 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49779 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:46.289681 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49765 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:52.319655 | TCP | 2024312 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 | 49704 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:46.289681 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49765 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:00.847332 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49782 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:41.138153 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49761 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:48.941539 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49769 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:34.603701 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49816 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:15.663990 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49797 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:52.319655 | TCP | 2024317 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 | 49704 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:01.718197 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49783 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:20.087463 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49802 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:28.354051 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49747 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:38.993699 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49821 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:31.110921 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49750 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:23.686553 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49806 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:57.446786 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49778 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:44.712946 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49764 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:33.709940 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49815 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:28.412600 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49811 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:57.446786 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49778 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:13.622626 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49732 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:53.803473 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49774 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:21.007407 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49803 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:01.572690 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49714 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:13.622626 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49732 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:39.944131 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49760 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:33.709940 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49815 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:02.427081 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49715 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:35.556016 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49755 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:36.373420 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49756 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:38.132174 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49820 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:14.514493 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49733 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:39.944131 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49760 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:17.983497 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49737 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:07.503626 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49719 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:17.983497 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49737 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:10.081251 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49792 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:51.977503 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49834 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:18.824360 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49738 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:45.171221 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49828 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:11.985959 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49730 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:14.514493 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49733 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:39.855398 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49822 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:47.923427 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49831 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:47.923427 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49831 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:03.327854 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49716 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:14.514493 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49733 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:45.171221 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49828 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:31.013040 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49814 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:39.029387 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49759 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:37.210299 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49819 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:39.855398 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49822 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:34.603701 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49816 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:05.187815 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49718 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:05.571891 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49787 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:57.446786 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49778 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:09.229387 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49724 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:08.406183 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49721 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:06.518525 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49788 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:08.266294 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49790 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:09.229387 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49724 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:59.993911 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49781 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:40.730674 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49823 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:32.850963 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49752 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:38.199508 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49758 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:46.007126 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49829 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:16.316242 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49735 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:55.635319 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49776 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:10.936240 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49793 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:17.383670 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49799 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:27.314357 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49746 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:05.571891 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49787 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:17.383670 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49799 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:38.199508 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49758 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:04.647547 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49786 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:53.233272 | TCP | 2024312 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M1 | 49705 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:54.907197 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49707 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:04.647547 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49786 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:52.045782 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49772 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:53.233272 | TCP | 2024317 | ET TROJAN LokiBot Application/Credential Data Exfiltration Detected M2 | 49705 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:18.265929 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49800 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:54.048379 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49706 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:29.208414 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49748 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:35.485663 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49817 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:32.850963 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49752 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:10.936240 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49793 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:33.866649 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49753 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:59.664329 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49712 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:05.187815 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49718 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:42.867143 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49762 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:53.803473 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49774 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:56.824671 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49709 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:50.878814 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49771 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:24.574893 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49807 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:37.342738 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49757 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:39.029387 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49759 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:56.483967 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49777 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:56.483967 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49777 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:59.127367 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49780 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:09.186594 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49791 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:36.335492 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49818 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:59.127367 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49780 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:03.699908 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49785 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:53.803473 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49774 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:48.820321 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49832 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:15.342998 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49734 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:20.475127 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49740 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:51.174321 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49833 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:30.108861 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49749 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:47.000038 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49830 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:25.218772 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49744 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:17.983497 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49737 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:23.648663 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49743 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:21.007407 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49803 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:44.306693 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49827 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:55.869978 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49708 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:30.108861 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49749 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:41.138153 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49761 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:21.007407 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49803 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:55.869978 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49708 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:42.867143 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49762 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:37.210299 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49819 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:41.138153 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49761 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:08.266294 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49790 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:08.406183 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49721 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:22.782486 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49805 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:43.888980 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49763 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:48.820321 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49832 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:21.838596 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49804 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:27.314091 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49810 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:17.171322 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49736 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:47.923427 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49831 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:31.110921 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49750 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:10.936240 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49793 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:16.532869 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49798 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:00.847332 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49782 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:13.622626 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49732 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:52.872776 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49835 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:17.171322 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49736 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:35.485663 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49817 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:34.603701 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49816 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:52.319655 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49704 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:55.635319 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49776 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:30.172586 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49813 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:02.427081 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49715 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:00.847332 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49782 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:34.603701 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49816 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:08.406183 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49721 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:31.110921 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49750 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:35.485663 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49817 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:08.406183 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49721 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:11.776104 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49794 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:58.817936 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49711 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:39.944131 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49760 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:24.574893 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49807 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:59.664329 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49712 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:38.199508 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49758 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:58.817936 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49711 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:44.712946 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49764 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:10.081251 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49792 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:44.712946 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49764 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:01.718197 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49783 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:22.168783 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49742 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:10.081251 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49792 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:04.647547 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49786 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:46.289681 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49765 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:42.432686 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49825 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:20.087463 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49802 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:42.867143 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49762 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:00.615870 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49713 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:00.615870 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49713 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:37.210299 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49819 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:21.327353 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49741 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:35.556016 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49755 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:21.327353 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49741 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:17.383670 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49799 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:32.850963 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49752 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:29.323327 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49812 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:33.866649 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49753 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:42.867143 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49762 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:18.824360 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49738 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:33.709940 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49815 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:21.838596 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49804 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:43.888980 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49763 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:10.108178 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49726 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:59.127367 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49780 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:10.108178 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49726 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:12.860512 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49795 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:21.007407 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49803 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:01.572690 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49714 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:13.812339 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49796 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:34.740166 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49754 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:59.993911 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49781 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:09.186594 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49791 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:20.475127 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49740 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:12.860512 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49795 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:43.411668 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49826 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:34.740166 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49754 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:57.681674 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49710 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:08.266294 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49790 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:19.638609 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49739 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:47.148785 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49766 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:08.266294 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49790 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:43.411668 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49826 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:44.306693 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49827 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:09.186594 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49791 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:51.977503 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49834 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:03.699908 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49785 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:50.878814 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49771 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:26.436407 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49745 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:48.820321 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49832 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:23.648663 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49743 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:13.812339 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49796 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:54.907197 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49707 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:30.108861 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49749 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:52.944507 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49773 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:58.296639 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49779 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:54.048379 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49706 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:54.048379 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49706 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:03.699908 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49785 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:36.335492 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49818 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:41.138153 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49761 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:04.194340 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49717 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:36.335492 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49818 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:41.567295 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49824 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:23.686553 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49806 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:23.686553 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49806 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:47.000038 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49830 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:47.000038 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49830 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:37.342738 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49757 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:15.342998 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49734 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:40.730674 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49823 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:04.194340 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49717 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:39.029387 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49759 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:43.888980 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49763 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:38.199508 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49758 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:03.327854 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49716 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:28.412600 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49811 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:41.567295 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49824 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:15.342998 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49734 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:16.316242 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49735 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:56.483967 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49777 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:54.770134 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49775 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:37.342738 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49757 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:03.327854 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49716 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:54.770134 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49775 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:40.730674 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49823 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:52.319655 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49704 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:54.907197 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49707 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:52.944507 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49773 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:22.782486 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49805 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:49.900695 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49770 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:25.471357 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49808 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:22.782486 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49805 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:53.233272 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49705 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:11.985959 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49730 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:53.747051 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49836 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:25.218772 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49744 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:51.174321 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49833 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:51.977503 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49834 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:28.354051 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49747 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:25.218772 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49744 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:05.571891 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49787 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:16.316242 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49735 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:29.208414 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49748 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:51.174321 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49833 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:56:55.869978 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49708 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:28.354051 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49747 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:53.747051 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49836 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:04.647547 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49786 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:52.045782 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49772 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:26.436407 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49745 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:13.622626 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49732 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:38.993699 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49821 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:12.795525 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49731 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:14.514493 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49733 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:07.399031 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49789 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:38.132174 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49820 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:39.855398 | TCP | 2025381 | ET TROJAN LokiBot Checkin | 49822 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:39.944131 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49760 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:38.132174 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49820 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:12.795525 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49731 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:52.045782 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49772 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:26.338973 | TCP | 2825766 | ETPRO TROJAN LokiBot Checkin M2 | 49809 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:58:25.471357 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49808 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:07.503626 | TCP | 2024313 | ET TROJAN LokiBot Request for C2 Commands Detected M1 | 49719 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:29.208414 | TCP | 2021641 | ET TROJAN LokiBot User-Agent (Charon/Inferno) | 49748 | 80 | 192.168.2.5 | 104.21.85.101 |
| 05/27/24-02:57:07.503626 | TCP | 2024318 | ET TROJAN LokiBot Request for C2 Commands Detected M2 | 49719 | 80 | 192.168.2.5 | 104.21.85.101 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| May 27, 2024 02:56:52.312513113 CEST | 49704 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:52.317562103 CEST | 80 | 49704 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:52.317651987 CEST | 49704 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:52.319654942 CEST | 49704 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:52.368638039 CEST | 80 | 49704 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:52.368702888 CEST | 49704 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:52.373723984 CEST | 80 | 49704 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:53.089746952 CEST | 80 | 49704 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:53.089977980 CEST | 49704 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:53.094388962 CEST | 80 | 49704 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:53.094455957 CEST | 49704 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:53.140590906 CEST | 80 | 49704 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:53.226043940 CEST | 49705 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:53.231175900 CEST | 80 | 49705 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:53.231259108 CEST | 49705 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:53.233272076 CEST | 49705 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:53.284951925 CEST | 80 | 49705 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:53.285285950 CEST | 49705 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:53.290266037 CEST | 80 | 49705 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:53.949858904 CEST | 80 | 49705 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:53.950040102 CEST | 49705 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:53.954638004 CEST | 80 | 49705 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:53.954714060 CEST | 49705 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:54.000726938 CEST | 80 | 49705 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:54.039807081 CEST | 49706 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:54.045183897 CEST | 80 | 49706 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:54.045420885 CEST | 49706 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:54.048378944 CEST | 49706 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:54.096757889 CEST | 80 | 49706 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:54.096872091 CEST | 49706 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:54.101864100 CEST | 80 | 49706 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:54.715260983 CEST | 80 | 49706 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:54.715780020 CEST | 49706 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:54.719912052 CEST | 80 | 49706 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:54.719991922 CEST | 49706 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:54.768757105 CEST | 80 | 49706 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:54.898726940 CEST | 49707 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:54.904005051 CEST | 80 | 49707 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:54.904280901 CEST | 49707 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:54.907196999 CEST | 49707 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:54.956741095 CEST | 80 | 49707 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:54.956893921 CEST | 49707 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:54.966689110 CEST | 80 | 49707 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:55.708489895 CEST | 80 | 49707 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:55.708655119 CEST | 49707 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:55.713155031 CEST | 80 | 49707 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:55.713238001 CEST | 49707 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:55.760920048 CEST | 80 | 49707 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:55.861649990 CEST | 49708 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:55.866889000 CEST | 80 | 49708 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:55.867022991 CEST | 49708 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:55.869977951 CEST | 49708 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:55.891875982 CEST | 80 | 49708 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:55.898742914 CEST | 49708 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:55.955552101 CEST | 80 | 49708 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:56.538176060 CEST | 80 | 49708 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:56.541887045 CEST | 49708 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:56.543682098 CEST | 80 | 49708 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:56.543771982 CEST | 49708 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:56.592350006 CEST | 80 | 49708 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:56.802452087 CEST | 49709 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:56.807854891 CEST | 80 | 49709 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:56.808006048 CEST | 49709 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:56.824671030 CEST | 49709 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:56.864959002 CEST | 80 | 49709 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:56.865248919 CEST | 49709 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:56.870639086 CEST | 80 | 49709 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:57.501184940 CEST | 80 | 49709 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:57.501656055 CEST | 49709 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:57.505911112 CEST | 80 | 49709 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:57.505980968 CEST | 49709 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:57.552598953 CEST | 80 | 49709 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:57.673229933 CEST | 49710 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:57.678591967 CEST | 80 | 49710 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:57.678714991 CEST | 49710 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:57.681674004 CEST | 49710 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:57.730161905 CEST | 80 | 49710 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:57.730348110 CEST | 49710 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:57.735512018 CEST | 80 | 49710 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:58.659352064 CEST | 80 | 49710 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:58.659765005 CEST | 49710 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:58.665517092 CEST | 80 | 49710 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:58.665606022 CEST | 49710 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:58.712652922 CEST | 80 | 49710 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:58.809490919 CEST | 49711 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:58.814963102 CEST | 80 | 49711 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:58.815095901 CEST | 49711 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:58.817935944 CEST | 49711 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:58.869062901 CEST | 80 | 49711 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:58.869282007 CEST | 49711 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:58.874253988 CEST | 80 | 49711 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:59.507848024 CEST | 80 | 49711 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:59.507972002 CEST | 49711 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:59.512520075 CEST | 80 | 49711 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:59.512581110 CEST | 49711 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:59.559489965 CEST | 80 | 49711 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:59.657116890 CEST | 49712 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:59.662290096 CEST | 80 | 49712 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:59.662381887 CEST | 49712 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:59.664329052 CEST | 49712 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:59.713223934 CEST | 80 | 49712 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:56:59.713324070 CEST | 49712 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:56:59.718306065 CEST | 80 | 49712 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:00.450532913 CEST | 80 | 49712 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:00.450815916 CEST | 49712 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:00.455219984 CEST | 80 | 49712 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:00.455275059 CEST | 49712 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:00.501224995 CEST | 80 | 49712 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:00.607683897 CEST | 49713 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:00.612828970 CEST | 80 | 49713 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:00.612900972 CEST | 49713 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:00.615869999 CEST | 49713 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:00.665589094 CEST | 80 | 49713 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:00.665637970 CEST | 49713 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:00.670761108 CEST | 80 | 49713 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:01.321350098 CEST | 80 | 49713 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:01.326082945 CEST | 80 | 49713 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:01.326205969 CEST | 49713 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:01.348222017 CEST | 49713 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:01.377149105 CEST | 80 | 49713 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:01.556698084 CEST | 49714 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:01.561892033 CEST | 80 | 49714 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:01.561974049 CEST | 49714 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:01.572690010 CEST | 49714 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:01.612998962 CEST | 80 | 49714 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:01.613050938 CEST | 49714 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:01.618071079 CEST | 80 | 49714 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:02.255939960 CEST | 80 | 49714 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:02.256061077 CEST | 49714 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:02.260658979 CEST | 80 | 49714 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:02.260708094 CEST | 49714 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:02.308562040 CEST | 80 | 49714 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:02.410670042 CEST | 49715 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:02.415793896 CEST | 80 | 49715 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:02.415914059 CEST | 49715 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:02.427081108 CEST | 49715 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:02.468693018 CEST | 80 | 49715 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:02.469031096 CEST | 49715 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:02.473887920 CEST | 80 | 49715 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:03.154740095 CEST | 80 | 49715 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:03.154906988 CEST | 49715 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:03.159415960 CEST | 80 | 49715 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:03.159478903 CEST | 49715 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:03.208559036 CEST | 80 | 49715 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:03.314008951 CEST | 49716 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:03.319175959 CEST | 80 | 49716 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:03.319256067 CEST | 49716 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:03.327853918 CEST | 49716 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:03.372840881 CEST | 80 | 49716 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:03.372904062 CEST | 49716 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:03.377851963 CEST | 80 | 49716 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:04.029386997 CEST | 80 | 49716 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:04.029488087 CEST | 49716 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:04.034157038 CEST | 80 | 49716 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:04.034228086 CEST | 49716 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:04.079363108 CEST | 80 | 49716 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:04.185394049 CEST | 49717 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:04.191138983 CEST | 80 | 49717 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:04.191251040 CEST | 49717 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:04.194339991 CEST | 49717 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:04.244729042 CEST | 80 | 49717 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:04.244805098 CEST | 49717 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:04.249749899 CEST | 80 | 49717 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:04.953733921 CEST | 80 | 49717 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:04.958506107 CEST | 80 | 49717 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:04.958635092 CEST | 49717 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:04.983184099 CEST | 49717 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:05.013298035 CEST | 80 | 49717 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:05.179474115 CEST | 49718 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:05.184751987 CEST | 80 | 49718 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:05.184853077 CEST | 49718 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:05.187814951 CEST | 49718 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:05.236850977 CEST | 80 | 49718 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:05.236978054 CEST | 49718 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:05.241995096 CEST | 80 | 49718 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:05.876110077 CEST | 80 | 49718 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:05.880733013 CEST | 80 | 49718 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:05.880896091 CEST | 49718 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:07.138566017 CEST | 49718 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:07.143817902 CEST | 80 | 49718 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:07.496299982 CEST | 49719 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:07.501509905 CEST | 80 | 49719 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:07.501593113 CEST | 49719 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:07.503626108 CEST | 49719 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:07.552687883 CEST | 80 | 49719 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:07.552756071 CEST | 49719 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:07.558058023 CEST | 80 | 49719 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:08.177527905 CEST | 80 | 49719 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:08.177799940 CEST | 49719 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:08.182444096 CEST | 80 | 49719 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:08.182519913 CEST | 49719 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:08.192210913 CEST | 80 | 49719 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:08.398608923 CEST | 49721 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:08.403863907 CEST | 80 | 49721 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:08.403980017 CEST | 49721 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:08.406183004 CEST | 49721 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:08.461049080 CEST | 80 | 49721 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:08.461241961 CEST | 49721 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:08.470576048 CEST | 80 | 49721 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:09.077306032 CEST | 80 | 49721 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:09.077398062 CEST | 80 | 49721 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:09.077471972 CEST | 49721 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:09.077471972 CEST | 49721 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:09.087101936 CEST | 80 | 49721 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:09.222493887 CEST | 49724 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:09.227494955 CEST | 80 | 49724 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:09.227711916 CEST | 49724 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:09.229387045 CEST | 49724 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:09.284996033 CEST | 80 | 49724 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:09.285092115 CEST | 49724 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:09.290091991 CEST | 80 | 49724 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:09.939446926 CEST | 80 | 49724 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:09.939486027 CEST | 80 | 49724 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:09.939542055 CEST | 49724 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:09.939579964 CEST | 49724 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:09.944319963 CEST | 80 | 49724 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:09.944411039 CEST | 49724 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:09.949316978 CEST | 80 | 49724 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:10.089961052 CEST | 49726 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:10.106264114 CEST | 80 | 49726 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:10.106378078 CEST | 49726 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:10.108177900 CEST | 49726 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:10.207539082 CEST | 80 | 49726 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:10.207612991 CEST | 49726 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:10.212739944 CEST | 80 | 49726 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:10.817708969 CEST | 80 | 49726 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:10.817807913 CEST | 49726 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:10.822535992 CEST | 80 | 49726 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:10.822598934 CEST | 49726 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:10.868810892 CEST | 80 | 49726 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:10.959023952 CEST | 49728 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:10.968811989 CEST | 80 | 49728 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:10.968898058 CEST | 49728 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:10.970618963 CEST | 49728 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:10.978605032 CEST | 80 | 49728 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:10.978754044 CEST | 49728 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:10.988239050 CEST | 80 | 49728 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:11.630388021 CEST | 80 | 49728 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:11.630945921 CEST | 49728 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:11.635076046 CEST | 80 | 49728 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:11.635189056 CEST | 49728 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:11.637042999 CEST | 80 | 49728 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:11.922975063 CEST | 49730 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:11.983378887 CEST | 80 | 49730 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:11.983799934 CEST | 49730 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:11.985959053 CEST | 49730 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:12.036879063 CEST | 80 | 49730 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:12.036964893 CEST | 49730 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:12.046808958 CEST | 80 | 49730 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:12.650402069 CEST | 80 | 49730 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:12.650445938 CEST | 80 | 49730 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:12.650535107 CEST | 49730 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:12.650535107 CEST | 49730 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:12.660239935 CEST | 80 | 49730 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:12.788033962 CEST | 49731 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:12.793236017 CEST | 80 | 49731 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:12.793344975 CEST | 49731 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:12.795525074 CEST | 49731 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:12.848046064 CEST | 80 | 49731 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:12.848125935 CEST | 49731 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:12.857811928 CEST | 80 | 49731 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:13.470117092 CEST | 80 | 49731 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:13.471539021 CEST | 49731 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:13.474898100 CEST | 80 | 49731 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:13.476196051 CEST | 49731 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:13.481282949 CEST | 80 | 49731 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:13.613702059 CEST | 49732 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:13.618899107 CEST | 80 | 49732 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:13.620429993 CEST | 49732 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:13.622626066 CEST | 49732 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:13.672755003 CEST | 80 | 49732 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:13.672837019 CEST | 49732 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:13.677805901 CEST | 80 | 49732 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:14.366130114 CEST | 80 | 49732 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:14.366255999 CEST | 49732 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:14.370784998 CEST | 80 | 49732 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:14.370857000 CEST | 49732 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:14.422008038 CEST | 80 | 49732 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:14.507213116 CEST | 49733 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:14.512413025 CEST | 80 | 49733 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:14.512557983 CEST | 49733 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:14.514492989 CEST | 49733 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:14.565176964 CEST | 80 | 49733 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:14.565294981 CEST | 49733 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:14.570370913 CEST | 80 | 49733 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:15.185714006 CEST | 80 | 49733 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:15.185861111 CEST | 49733 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:15.190360069 CEST | 80 | 49733 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:15.190466881 CEST | 49733 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:15.236865997 CEST | 80 | 49733 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:15.335751057 CEST | 49734 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:15.340933084 CEST | 80 | 49734 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:15.341022968 CEST | 49734 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:15.342998028 CEST | 49734 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:15.393002987 CEST | 80 | 49734 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:15.393141031 CEST | 49734 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:15.398083925 CEST | 80 | 49734 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:16.152654886 CEST | 80 | 49734 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:16.152776003 CEST | 49734 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:16.157166958 CEST | 80 | 49734 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:16.157238007 CEST | 49734 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:16.203532934 CEST | 80 | 49734 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:16.308536053 CEST | 49735 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:16.313942909 CEST | 80 | 49735 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:16.314048052 CEST | 49735 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:16.316241980 CEST | 49735 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:16.354820967 CEST | 80 | 49735 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:16.354906082 CEST | 49735 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:16.377644062 CEST | 80 | 49735 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:17.016735077 CEST | 80 | 49735 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:17.016863108 CEST | 49735 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:17.021574974 CEST | 80 | 49735 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:17.021745920 CEST | 49735 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:17.026624918 CEST | 80 | 49735 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:17.163584948 CEST | 49736 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:17.168996096 CEST | 80 | 49736 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:17.169217110 CEST | 49736 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:17.171322107 CEST | 49736 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:17.220815897 CEST | 80 | 49736 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:17.221159935 CEST | 49736 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:17.226170063 CEST | 80 | 49736 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:17.836726904 CEST | 80 | 49736 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:17.837018013 CEST | 49736 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:17.841473103 CEST | 80 | 49736 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:17.841588974 CEST | 49736 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:17.888484001 CEST | 80 | 49736 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:17.976373911 CEST | 49737 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:17.981450081 CEST | 80 | 49737 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:17.981657982 CEST | 49737 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:17.983496904 CEST | 49737 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:18.032655954 CEST | 80 | 49737 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:18.032838106 CEST | 49737 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:18.037744999 CEST | 80 | 49737 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:18.678615093 CEST | 80 | 49737 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:18.678937912 CEST | 49737 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:18.683870077 CEST | 80 | 49737 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:18.684039116 CEST | 49737 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:18.688945055 CEST | 80 | 49737 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:18.817509890 CEST | 49738 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:18.822465897 CEST | 80 | 49738 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:18.822608948 CEST | 49738 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:18.824359894 CEST | 49738 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:18.872642040 CEST | 80 | 49738 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:18.872872114 CEST | 49738 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:18.877846956 CEST | 80 | 49738 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:19.488892078 CEST | 80 | 49738 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:19.489116907 CEST | 49738 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:19.493675947 CEST | 80 | 49738 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:19.493853092 CEST | 49738 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:19.540760040 CEST | 80 | 49738 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:19.631479025 CEST | 49739 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:19.636743069 CEST | 80 | 49739 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:19.636838913 CEST | 49739 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:19.638608932 CEST | 49739 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:19.692679882 CEST | 80 | 49739 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:19.692770958 CEST | 49739 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:19.697742939 CEST | 80 | 49739 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:20.317183971 CEST | 80 | 49739 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:20.317219973 CEST | 80 | 49739 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:20.317426920 CEST | 49739 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:20.317696095 CEST | 49739 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:20.327491999 CEST | 80 | 49739 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:20.467920065 CEST | 49740 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:20.473217010 CEST | 80 | 49740 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:20.473370075 CEST | 49740 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:20.475126982 CEST | 49740 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:20.524898052 CEST | 80 | 49740 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:20.525090933 CEST | 49740 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:20.530169010 CEST | 80 | 49740 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:21.181163073 CEST | 80 | 49740 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:21.181504011 CEST | 49740 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:21.185965061 CEST | 80 | 49740 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:21.186182022 CEST | 49740 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:21.232805014 CEST | 80 | 49740 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:21.320000887 CEST | 49741 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:21.325273991 CEST | 80 | 49741 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:21.325498104 CEST | 49741 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:21.327353001 CEST | 49741 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:21.380803108 CEST | 80 | 49741 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:21.381038904 CEST | 49741 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:21.386013031 CEST | 80 | 49741 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:22.008224010 CEST | 80 | 49741 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:22.008498907 CEST | 49741 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:22.012988091 CEST | 80 | 49741 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:22.013197899 CEST | 49741 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:22.060558081 CEST | 80 | 49741 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:22.160370111 CEST | 49742 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:22.165544987 CEST | 80 | 49742 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:22.165832996 CEST | 49742 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:22.168782949 CEST | 49742 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:22.216743946 CEST | 80 | 49742 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:22.217107058 CEST | 49742 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:22.222198963 CEST | 80 | 49742 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:23.031837940 CEST | 80 | 49742 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:23.031878948 CEST | 80 | 49742 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:23.032208920 CEST | 49742 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:23.485805988 CEST | 49742 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:23.491159916 CEST | 80 | 49742 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:23.640984058 CEST | 49743 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:23.646420002 CEST | 80 | 49743 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:23.646591902 CEST | 49743 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:23.648663044 CEST | 49743 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:23.697046995 CEST | 80 | 49743 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:23.697263002 CEST | 49743 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:23.702421904 CEST | 80 | 49743 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:24.333389044 CEST | 80 | 49743 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:24.338048935 CEST | 80 | 49743 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:24.338157892 CEST | 49743 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:25.060008049 CEST | 49743 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:25.065335989 CEST | 80 | 49743 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:25.211287022 CEST | 49744 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:25.216567039 CEST | 80 | 49744 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:25.216795921 CEST | 49744 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:25.218771935 CEST | 49744 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:25.268852949 CEST | 80 | 49744 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:25.269093990 CEST | 49744 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:25.274049044 CEST | 80 | 49744 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:26.282572031 CEST | 80 | 49744 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:26.283016920 CEST | 49744 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:26.287218094 CEST | 80 | 49744 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:26.287306070 CEST | 49744 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:26.336915016 CEST | 80 | 49744 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:26.428956032 CEST | 49745 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:26.434245110 CEST | 80 | 49745 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:26.434498072 CEST | 49745 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:26.436407089 CEST | 49745 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:26.484807968 CEST | 80 | 49745 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:26.485061884 CEST | 49745 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:26.490070105 CEST | 80 | 49745 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:27.153357029 CEST | 80 | 49745 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:27.153783083 CEST | 49745 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:27.158102036 CEST | 80 | 49745 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:27.158349037 CEST | 49745 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:27.203418016 CEST | 80 | 49745 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:27.304811954 CEST | 49746 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:27.312283039 CEST | 80 | 49746 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:27.312511921 CEST | 49746 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:27.314357042 CEST | 49746 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:27.364923954 CEST | 80 | 49746 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:27.365293980 CEST | 49746 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:27.370294094 CEST | 80 | 49746 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:28.185755014 CEST | 80 | 49746 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:28.186028004 CEST | 49746 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:28.190324068 CEST | 80 | 49746 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:28.190505981 CEST | 49746 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:28.236768961 CEST | 80 | 49746 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:28.345597029 CEST | 49747 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:28.350882053 CEST | 80 | 49747 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:28.351121902 CEST | 49747 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:28.354051113 CEST | 49747 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:28.404678106 CEST | 80 | 49747 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:28.404791117 CEST | 49747 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:28.409900904 CEST | 80 | 49747 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:29.049575090 CEST | 80 | 49747 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:29.049787045 CEST | 49747 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:29.054367065 CEST | 80 | 49747 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:29.054562092 CEST | 49747 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:29.099349976 CEST | 80 | 49747 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:29.201137066 CEST | 49748 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:29.206218958 CEST | 80 | 49748 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:29.206335068 CEST | 49748 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:29.208414078 CEST | 49748 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:29.256649971 CEST | 80 | 49748 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:29.256799936 CEST | 49748 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:29.261722088 CEST | 80 | 49748 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:29.953603029 CEST | 80 | 49748 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:29.953819990 CEST | 49748 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:29.958384991 CEST | 80 | 49748 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:29.958467960 CEST | 49748 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:30.003396034 CEST | 80 | 49748 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:30.101236105 CEST | 49749 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:30.106507063 CEST | 80 | 49749 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:30.106719971 CEST | 49749 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:30.108860970 CEST | 49749 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:30.163933039 CEST | 80 | 49749 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:30.164151907 CEST | 49749 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:30.170681000 CEST | 80 | 49749 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:30.933007956 CEST | 80 | 49749 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:30.933280945 CEST | 49749 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:30.937639952 CEST | 80 | 49749 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:30.937715054 CEST | 49749 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:30.984467983 CEST | 80 | 49749 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:31.102510929 CEST | 49750 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:31.107594967 CEST | 80 | 49750 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:31.107871056 CEST | 49750 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:31.110920906 CEST | 49750 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:31.161170959 CEST | 80 | 49750 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:31.161364079 CEST | 49750 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:31.167037010 CEST | 80 | 49750 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:31.781552076 CEST | 80 | 49750 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:31.781913042 CEST | 49750 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:31.786338091 CEST | 80 | 49750 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:31.786546946 CEST | 49750 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:31.832762957 CEST | 80 | 49750 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:31.956747055 CEST | 49751 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:31.961889029 CEST | 80 | 49751 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:31.962121964 CEST | 49751 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:31.964999914 CEST | 49751 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:32.013128996 CEST | 80 | 49751 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:32.013323069 CEST | 49751 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:32.018306017 CEST | 80 | 49751 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:32.678488016 CEST | 80 | 49751 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:32.678767920 CEST | 49751 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:32.683260918 CEST | 80 | 49751 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:32.683478117 CEST | 49751 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:32.728672028 CEST | 80 | 49751 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:32.842663050 CEST | 49752 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:32.847877026 CEST | 80 | 49752 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:32.847991943 CEST | 49752 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:32.850963116 CEST | 49752 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:32.906471014 CEST | 80 | 49752 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:32.906555891 CEST | 49752 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:32.911607981 CEST | 80 | 49752 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:33.694895029 CEST | 80 | 49752 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:33.695147991 CEST | 49752 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:33.700099945 CEST | 80 | 49752 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:33.700186014 CEST | 49752 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:33.705075026 CEST | 80 | 49752 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:33.858342886 CEST | 49753 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:33.863522053 CEST | 80 | 49753 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:33.863653898 CEST | 49753 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:33.866648912 CEST | 49753 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:33.914700985 CEST | 80 | 49753 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:33.915070057 CEST | 49753 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:33.920136929 CEST | 80 | 49753 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:34.563853025 CEST | 80 | 49753 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:34.564157963 CEST | 49753 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:34.568738937 CEST | 80 | 49753 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:34.568823099 CEST | 49753 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:34.616530895 CEST | 80 | 49753 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:34.731753111 CEST | 49754 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:34.737052917 CEST | 80 | 49754 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:34.737138987 CEST | 49754 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:34.740165949 CEST | 49754 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:34.788774014 CEST | 80 | 49754 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:34.788880110 CEST | 49754 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:34.793971062 CEST | 80 | 49754 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:35.395363092 CEST | 80 | 49754 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:35.395622015 CEST | 49754 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:35.400163889 CEST | 80 | 49754 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:35.400314093 CEST | 49754 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:35.448666096 CEST | 80 | 49754 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:35.548085928 CEST | 49755 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:35.553216934 CEST | 80 | 49755 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:35.553343058 CEST | 49755 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:35.556015968 CEST | 49755 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:35.605089903 CEST | 80 | 49755 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:35.605241060 CEST | 49755 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:35.616199970 CEST | 80 | 49755 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:36.209853888 CEST | 80 | 49755 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:36.210032940 CEST | 49755 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:36.214441061 CEST | 80 | 49755 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:36.214525938 CEST | 49755 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:36.260771990 CEST | 80 | 49755 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:36.365789890 CEST | 49756 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:36.370959044 CEST | 80 | 49756 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:36.371042967 CEST | 49756 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:36.373420000 CEST | 49756 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:36.424835920 CEST | 80 | 49756 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:36.424917936 CEST | 49756 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:36.438441992 CEST | 80 | 49756 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:37.170723915 CEST | 80 | 49756 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:37.170758963 CEST | 80 | 49756 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:37.170967102 CEST | 49756 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:37.170967102 CEST | 49756 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:37.183821917 CEST | 80 | 49756 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:37.183876991 CEST | 49756 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:37.188714027 CEST | 80 | 49756 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:37.333396912 CEST | 49757 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:37.338757038 CEST | 80 | 49757 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:37.338886976 CEST | 49757 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:37.342737913 CEST | 49757 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:37.392834902 CEST | 80 | 49757 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:37.392899036 CEST | 49757 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:37.397890091 CEST | 80 | 49757 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:38.021918058 CEST | 80 | 49757 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:38.022022963 CEST | 49757 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:38.026649952 CEST | 80 | 49757 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:38.026770115 CEST | 49757 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:38.072767973 CEST | 80 | 49757 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:38.191371918 CEST | 49758 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:38.196502924 CEST | 80 | 49758 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:38.196603060 CEST | 49758 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:38.199507952 CEST | 49758 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:38.248898029 CEST | 80 | 49758 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:38.252654076 CEST | 49758 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:38.257764101 CEST | 80 | 49758 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:38.868324041 CEST | 80 | 49758 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:38.868545055 CEST | 49758 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:38.873121023 CEST | 80 | 49758 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:38.873186111 CEST | 49758 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:38.920955896 CEST | 80 | 49758 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:39.019498110 CEST | 49759 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:39.024667025 CEST | 80 | 49759 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:39.026218891 CEST | 49759 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:39.029386997 CEST | 49759 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:39.076889992 CEST | 80 | 49759 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:39.077013016 CEST | 49759 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:39.082256079 CEST | 80 | 49759 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:39.769953012 CEST | 80 | 49759 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:39.770066977 CEST | 49759 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:39.774736881 CEST | 80 | 49759 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:39.774801970 CEST | 49759 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:39.820557117 CEST | 80 | 49759 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:39.935400963 CEST | 49760 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:39.940821886 CEST | 80 | 49760 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:39.941109896 CEST | 49760 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:39.944130898 CEST | 49760 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:39.999195099 CEST | 80 | 49760 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:39.999458075 CEST | 49760 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:40.004921913 CEST | 80 | 49760 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:40.616909027 CEST | 80 | 49760 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:40.617027998 CEST | 49760 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:40.621669054 CEST | 80 | 49760 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:40.621736050 CEST | 49760 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:40.668539047 CEST | 80 | 49760 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:41.129575014 CEST | 49761 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:41.134767056 CEST | 80 | 49761 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:41.134979010 CEST | 49761 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:41.138153076 CEST | 49761 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:41.189515114 CEST | 80 | 49761 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:41.189774036 CEST | 49761 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:41.194919109 CEST | 80 | 49761 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:41.901529074 CEST | 80 | 49761 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:41.906255960 CEST | 80 | 49761 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:41.908729076 CEST | 49761 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:42.572794914 CEST | 49761 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:42.578082085 CEST | 80 | 49761 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:42.859649897 CEST | 49762 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:42.865010977 CEST | 80 | 49762 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:42.865228891 CEST | 49762 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:42.867142916 CEST | 49762 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:42.916920900 CEST | 80 | 49762 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:42.917149067 CEST | 49762 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:42.922636032 CEST | 80 | 49762 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:43.720607996 CEST | 80 | 49762 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:43.720904112 CEST | 49762 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:43.725265026 CEST | 80 | 49762 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:43.725450039 CEST | 49762 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:43.772809029 CEST | 80 | 49762 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:43.874269009 CEST | 49763 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:43.879530907 CEST | 80 | 49763 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:43.879786968 CEST | 49763 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:43.888979912 CEST | 49763 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:43.936824083 CEST | 80 | 49763 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:43.937016964 CEST | 49763 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:43.942008972 CEST | 80 | 49763 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:44.546736002 CEST | 80 | 49763 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:44.546878099 CEST | 49763 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:44.552895069 CEST | 80 | 49763 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:44.552988052 CEST | 49763 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:44.599670887 CEST | 80 | 49763 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:44.705420971 CEST | 49764 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:44.710746050 CEST | 80 | 49764 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:44.710848093 CEST | 49764 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:44.712945938 CEST | 49764 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:44.764801979 CEST | 80 | 49764 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:44.765171051 CEST | 49764 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:44.770390034 CEST | 80 | 49764 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:46.118210077 CEST | 80 | 49764 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:46.118567944 CEST | 49764 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:46.119273901 CEST | 80 | 49764 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:46.119303942 CEST | 80 | 49764 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:46.119332075 CEST | 80 | 49764 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:46.119448900 CEST | 49764 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:46.119448900 CEST | 49764 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:46.119448900 CEST | 49764 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:46.124115944 CEST | 80 | 49764 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:46.124310970 CEST | 49764 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:46.128870964 CEST | 80 | 49764 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:46.282428980 CEST | 49765 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:46.287571907 CEST | 80 | 49765 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:46.287765026 CEST | 49765 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:46.289680958 CEST | 49765 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:46.344784021 CEST | 80 | 49765 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:46.344846964 CEST | 49765 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:46.349844933 CEST | 80 | 49765 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:46.974343061 CEST | 80 | 49765 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:46.974497080 CEST | 49765 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:46.978792906 CEST | 80 | 49765 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:46.978866100 CEST | 49765 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:47.028625965 CEST | 80 | 49765 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:47.140403986 CEST | 49766 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:47.145591021 CEST | 80 | 49766 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:47.145912886 CEST | 49766 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:47.148785114 CEST | 49766 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:47.190393925 CEST | 80 | 49766 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:47.190504074 CEST | 49766 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:47.251609087 CEST | 80 | 49766 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:47.822921038 CEST | 80 | 49766 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:47.823256969 CEST | 49766 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:47.827460051 CEST | 80 | 49766 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:47.827660084 CEST | 49766 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:47.876694918 CEST | 80 | 49766 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:47.995590925 CEST | 49767 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:48.000873089 CEST | 80 | 49767 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:48.001121998 CEST | 49767 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:48.003345966 CEST | 49767 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:48.052567005 CEST | 80 | 49767 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:48.052622080 CEST | 49767 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:48.057528019 CEST | 80 | 49767 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:48.780354977 CEST | 80 | 49767 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:48.780478001 CEST | 49767 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:48.785029888 CEST | 80 | 49767 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:48.785096884 CEST | 49767 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:48.832859993 CEST | 80 | 49767 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:48.933967113 CEST | 49769 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:48.939270973 CEST | 80 | 49769 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:48.939377069 CEST | 49769 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:48.941539049 CEST | 49769 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:48.992657900 CEST | 80 | 49769 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:48.992826939 CEST | 49769 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:48.997797966 CEST | 80 | 49769 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:49.714660883 CEST | 80 | 49769 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:49.715955019 CEST | 49769 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:49.719228029 CEST | 80 | 49769 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:49.719290972 CEST | 49769 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:49.728744984 CEST | 80 | 49769 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:49.892410994 CEST | 49770 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:49.897715092 CEST | 80 | 49770 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:49.897793055 CEST | 49770 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:49.900695086 CEST | 49770 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:49.948822021 CEST | 80 | 49770 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:49.948944092 CEST | 49770 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:49.953943968 CEST | 80 | 49770 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:50.718691111 CEST | 80 | 49770 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:50.718945980 CEST | 49770 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:50.723433018 CEST | 80 | 49770 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:50.723489046 CEST | 49770 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:50.771409035 CEST | 80 | 49770 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:50.870773077 CEST | 49771 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:50.875785112 CEST | 80 | 49771 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:50.875880003 CEST | 49771 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:50.878813982 CEST | 49771 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:50.928755999 CEST | 80 | 49771 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:50.928930044 CEST | 49771 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:50.933835030 CEST | 80 | 49771 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:51.638334990 CEST | 80 | 49771 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:51.638650894 CEST | 49771 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:51.643038988 CEST | 80 | 49771 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:51.643151999 CEST | 49771 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:51.691386938 CEST | 80 | 49771 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:51.811686039 CEST | 49772 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:52.042690039 CEST | 80 | 49772 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:52.042800903 CEST | 49772 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:52.045782089 CEST | 49772 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:52.052638054 CEST | 80 | 49772 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:52.052719116 CEST | 49772 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:52.057634115 CEST | 80 | 49772 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:52.737632036 CEST | 80 | 49772 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:52.737765074 CEST | 49772 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:52.742366076 CEST | 80 | 49772 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:52.742418051 CEST | 49772 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:52.787327051 CEST | 80 | 49772 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:52.936361074 CEST | 49773 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:52.941406012 CEST | 80 | 49773 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:52.941553116 CEST | 49773 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:52.944506884 CEST | 49773 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:52.991318941 CEST | 80 | 49773 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:52.991462946 CEST | 49773 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:53.044720888 CEST | 80 | 49773 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:53.621182919 CEST | 80 | 49773 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:53.621419907 CEST | 49773 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:53.625725985 CEST | 80 | 49773 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:53.625803947 CEST | 49773 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:53.672660112 CEST | 80 | 49773 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:53.786672115 CEST | 49774 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:53.800630093 CEST | 80 | 49774 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:53.800833941 CEST | 49774 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:53.803472996 CEST | 49774 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:53.852643013 CEST | 80 | 49774 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:53.852787971 CEST | 49774 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:53.857822895 CEST | 80 | 49774 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:54.612775087 CEST | 80 | 49774 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:54.613096952 CEST | 49774 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:54.617502928 CEST | 80 | 49774 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:54.617584944 CEST | 49774 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:54.664438963 CEST | 80 | 49774 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:54.762588978 CEST | 49775 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:54.767791986 CEST | 80 | 49775 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:54.767873049 CEST | 49775 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:54.770133972 CEST | 49775 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:54.820533037 CEST | 80 | 49775 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:54.820686102 CEST | 49775 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:54.825591087 CEST | 80 | 49775 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:55.466506004 CEST | 80 | 49775 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:55.466617107 CEST | 49775 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:55.471187115 CEST | 80 | 49775 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:55.471251965 CEST | 49775 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:55.516726971 CEST | 80 | 49775 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:55.628468990 CEST | 49776 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:55.633508921 CEST | 80 | 49776 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:55.633619070 CEST | 49776 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:55.635318995 CEST | 49776 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:55.684775114 CEST | 80 | 49776 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:55.684921026 CEST | 49776 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:55.689863920 CEST | 80 | 49776 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:56.310836077 CEST | 80 | 49776 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:56.310993910 CEST | 49776 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:56.315583944 CEST | 80 | 49776 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:56.315663099 CEST | 49776 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:56.364403009 CEST | 80 | 49776 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:56.476814985 CEST | 49777 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:56.481878996 CEST | 80 | 49777 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:56.481956959 CEST | 49777 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:56.483967066 CEST | 49777 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:56.532608986 CEST | 80 | 49777 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:56.532691956 CEST | 49777 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:56.537600040 CEST | 80 | 49777 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:57.280860901 CEST | 80 | 49777 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:57.281090021 CEST | 49777 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:57.285531044 CEST | 80 | 49777 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:57.285604954 CEST | 49777 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:57.332592964 CEST | 80 | 49777 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:57.439784050 CEST | 49778 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:57.444885015 CEST | 80 | 49778 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:57.445034981 CEST | 49778 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:57.446785927 CEST | 49778 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:57.496566057 CEST | 80 | 49778 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:57.496686935 CEST | 49778 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:57.501710892 CEST | 80 | 49778 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:58.121378899 CEST | 80 | 49778 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:58.121532917 CEST | 49778 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:58.126049042 CEST | 80 | 49778 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:58.126102924 CEST | 49778 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:58.173788071 CEST | 80 | 49778 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:58.289558887 CEST | 49779 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:58.294605017 CEST | 80 | 49779 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:58.294722080 CEST | 49779 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:58.296638966 CEST | 49779 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:58.348681927 CEST | 80 | 49779 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:58.348908901 CEST | 49779 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:58.353836060 CEST | 80 | 49779 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:58.971550941 CEST | 80 | 49779 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:58.971577883 CEST | 80 | 49779 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:58.971695900 CEST | 49779 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:58.971998930 CEST | 49779 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:59.024560928 CEST | 80 | 49779 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:59.120295048 CEST | 49780 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:59.125499964 CEST | 80 | 49780 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:59.125670910 CEST | 49780 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:59.127367020 CEST | 49780 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:59.176670074 CEST | 80 | 49780 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:59.176888943 CEST | 49780 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:59.181849957 CEST | 80 | 49780 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:59.828756094 CEST | 80 | 49780 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:59.828974962 CEST | 49780 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:59.833429098 CEST | 80 | 49780 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:59.833501101 CEST | 49780 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:59.880527973 CEST | 80 | 49780 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:59.986643076 CEST | 49781 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:59.991846085 CEST | 80 | 49781 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:57:59.991951942 CEST | 49781 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:57:59.993911028 CEST | 49781 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:00.044550896 CEST | 80 | 49781 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:00.044909000 CEST | 49781 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:00.049941063 CEST | 80 | 49781 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:00.686615944 CEST | 80 | 49781 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:00.686764956 CEST | 49781 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:00.691226959 CEST | 80 | 49781 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:00.691301107 CEST | 49781 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:00.739542961 CEST | 80 | 49781 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:00.840040922 CEST | 49782 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:00.845246077 CEST | 80 | 49782 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:00.845357895 CEST | 49782 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:00.847332001 CEST | 49782 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:00.896826982 CEST | 80 | 49782 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:00.896893978 CEST | 49782 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:00.901844025 CEST | 80 | 49782 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:01.520950079 CEST | 80 | 49782 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:01.521094084 CEST | 49782 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:01.525610924 CEST | 80 | 49782 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:01.525671005 CEST | 49782 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:01.575385094 CEST | 80 | 49782 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:01.673562050 CEST | 49783 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:01.716034889 CEST | 80 | 49783 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:01.716147900 CEST | 49783 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:01.718197107 CEST | 49783 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:01.951544046 CEST | 80 | 49783 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:01.951710939 CEST | 49783 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:02.007471085 CEST | 80 | 49783 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:02.642004967 CEST | 80 | 49783 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:02.642319918 CEST | 49783 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:02.647181988 CEST | 80 | 49783 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:02.647280931 CEST | 49783 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:02.652147055 CEST | 80 | 49783 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:02.815197945 CEST | 49784 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:02.820447922 CEST | 80 | 49784 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:02.820544004 CEST | 49784 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:02.822734118 CEST | 49784 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:02.872524023 CEST | 80 | 49784 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:02.872600079 CEST | 49784 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:02.877572060 CEST | 80 | 49784 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:03.528973103 CEST | 80 | 49784 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:03.529086113 CEST | 49784 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:03.533555031 CEST | 80 | 49784 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:03.533612967 CEST | 49784 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:03.579535007 CEST | 80 | 49784 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:03.692250967 CEST | 49785 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:03.697509050 CEST | 80 | 49785 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:03.697719097 CEST | 49785 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:03.699908018 CEST | 49785 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:03.748526096 CEST | 80 | 49785 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:03.748639107 CEST | 49785 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:03.753669977 CEST | 80 | 49785 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:04.441762924 CEST | 80 | 49785 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:04.441797018 CEST | 80 | 49785 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:04.441992044 CEST | 49785 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:04.441992044 CEST | 49785 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:04.459734917 CEST | 80 | 49785 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:04.459944963 CEST | 49785 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:04.469414949 CEST | 80 | 49785 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:04.604108095 CEST | 49786 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:04.644155025 CEST | 80 | 49786 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:04.647547007 CEST | 49786 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:04.647547007 CEST | 49786 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:04.657269955 CEST | 80 | 49786 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:04.657346964 CEST | 49786 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:04.662244081 CEST | 80 | 49786 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:05.371351957 CEST | 80 | 49786 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:05.371388912 CEST | 80 | 49786 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:05.371414900 CEST | 80 | 49786 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:05.371543884 CEST | 49786 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:05.371857882 CEST | 49786 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:05.371857882 CEST | 49786 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:05.428550005 CEST | 80 | 49786 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:05.564271927 CEST | 49787 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:05.569581985 CEST | 80 | 49787 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:05.569693089 CEST | 49787 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:05.571891069 CEST | 49787 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:05.620557070 CEST | 80 | 49787 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:05.620650053 CEST | 49787 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:05.625633955 CEST | 80 | 49787 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:06.301511049 CEST | 80 | 49787 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:06.301523924 CEST | 80 | 49787 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:06.301534891 CEST | 80 | 49787 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:06.301702976 CEST | 49787 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:06.301800966 CEST | 49787 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:06.352483988 CEST | 80 | 49787 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:06.463181973 CEST | 49788 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:06.516297102 CEST | 80 | 49788 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:06.516402960 CEST | 49788 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:06.518524885 CEST | 49788 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:06.572469950 CEST | 80 | 49788 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:06.572700977 CEST | 49788 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:06.582205057 CEST | 80 | 49788 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:07.235222101 CEST | 80 | 49788 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:07.235552073 CEST | 49788 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:07.239959955 CEST | 80 | 49788 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:07.240168095 CEST | 49788 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:07.287832022 CEST | 80 | 49788 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:07.391726017 CEST | 49789 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:07.396914005 CEST | 80 | 49789 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:07.397135973 CEST | 49789 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:07.399030924 CEST | 49789 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:07.448662043 CEST | 80 | 49789 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:07.448867083 CEST | 49789 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:07.453835011 CEST | 80 | 49789 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:08.076312065 CEST | 80 | 49789 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:08.076706886 CEST | 49789 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:08.081021070 CEST | 80 | 49789 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:08.081218958 CEST | 49789 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:08.114573956 CEST | 80 | 49789 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:08.255527973 CEST | 49790 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:08.264097929 CEST | 80 | 49790 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:08.264223099 CEST | 49790 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:08.266294003 CEST | 49790 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:08.316450119 CEST | 80 | 49790 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:08.316637993 CEST | 49790 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:08.321563005 CEST | 80 | 49790 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:08.936168909 CEST | 80 | 49790 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:08.936439037 CEST | 49790 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:08.941313028 CEST | 80 | 49790 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:08.941391945 CEST | 49790 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:08.946213961 CEST | 80 | 49790 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:09.132159948 CEST | 49791 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:09.183491945 CEST | 80 | 49791 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:09.183664083 CEST | 49791 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:09.186594009 CEST | 49791 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:09.236479998 CEST | 80 | 49791 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:09.236658096 CEST | 49791 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:09.241600037 CEST | 80 | 49791 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:09.909831047 CEST | 80 | 49791 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:09.910124063 CEST | 49791 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:09.914633036 CEST | 80 | 49791 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:09.914714098 CEST | 49791 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:09.919719934 CEST | 80 | 49791 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:10.074193954 CEST | 49792 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:10.079288960 CEST | 80 | 49792 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:10.079371929 CEST | 49792 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:10.081250906 CEST | 49792 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:10.136526108 CEST | 80 | 49792 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:10.136637926 CEST | 49792 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:10.141623974 CEST | 80 | 49792 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:10.769464016 CEST | 80 | 49792 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:10.769623041 CEST | 49792 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:10.774172068 CEST | 80 | 49792 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:10.774228096 CEST | 49792 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:10.820781946 CEST | 80 | 49792 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:10.928201914 CEST | 49793 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:10.933252096 CEST | 80 | 49793 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:10.933347940 CEST | 49793 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:10.936239958 CEST | 49793 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:10.984668970 CEST | 80 | 49793 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:10.984827995 CEST | 49793 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:10.989765882 CEST | 80 | 49793 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:11.593967915 CEST | 80 | 49793 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:11.594111919 CEST | 49793 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:11.598689079 CEST | 80 | 49793 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:11.598803043 CEST | 49793 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:11.644382000 CEST | 80 | 49793 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:11.768038034 CEST | 49794 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:11.773080111 CEST | 80 | 49794 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:11.773185968 CEST | 49794 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:11.776103973 CEST | 49794 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:11.828440905 CEST | 80 | 49794 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:11.828528881 CEST | 49794 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:11.833420038 CEST | 80 | 49794 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:12.693614960 CEST | 80 | 49794 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:12.693819046 CEST | 49794 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:12.694123030 CEST | 80 | 49794 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:12.694142103 CEST | 80 | 49794 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:12.694176912 CEST | 49794 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:12.694204092 CEST | 49794 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:12.706406116 CEST | 80 | 49794 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:12.853431940 CEST | 49795 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:12.858444929 CEST | 80 | 49795 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:12.858561039 CEST | 49795 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:12.860512018 CEST | 49795 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:12.914747000 CEST | 80 | 49795 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:12.914796114 CEST | 49795 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:12.922126055 CEST | 80 | 49795 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:13.528036118 CEST | 80 | 49795 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:13.532783985 CEST | 80 | 49795 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:13.532876015 CEST | 49795 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:13.605233908 CEST | 49795 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:13.610219955 CEST | 80 | 49795 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:13.779447079 CEST | 49796 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:13.784492016 CEST | 80 | 49796 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:13.784593105 CEST | 49796 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:13.812339067 CEST | 49796 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:13.840498924 CEST | 80 | 49796 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:13.840562105 CEST | 49796 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:13.845451117 CEST | 80 | 49796 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:14.471988916 CEST | 80 | 49796 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:14.476711988 CEST | 80 | 49796 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:14.476886034 CEST | 49796 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:15.440879107 CEST | 49796 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:15.445962906 CEST | 80 | 49796 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:15.657161951 CEST | 49797 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:15.662180901 CEST | 80 | 49797 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:15.662262917 CEST | 49797 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:15.663990021 CEST | 49797 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:15.716494083 CEST | 80 | 49797 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:15.716706038 CEST | 49797 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:15.721576929 CEST | 80 | 49797 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:16.359973907 CEST | 80 | 49797 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:16.360327959 CEST | 49797 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:16.364799023 CEST | 80 | 49797 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:16.364851952 CEST | 49797 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:16.411894083 CEST | 80 | 49797 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:16.525631905 CEST | 49798 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:16.530657053 CEST | 80 | 49798 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:16.530791044 CEST | 49798 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:16.532869101 CEST | 49798 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:16.580713987 CEST | 80 | 49798 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:16.580800056 CEST | 49798 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:16.585649014 CEST | 80 | 49798 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:17.219400883 CEST | 80 | 49798 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:17.219585896 CEST | 49798 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:17.224148035 CEST | 80 | 49798 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:17.224234104 CEST | 49798 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:17.272473097 CEST | 80 | 49798 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:17.376526117 CEST | 49799 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:17.381623030 CEST | 80 | 49799 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:17.381716013 CEST | 49799 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:17.383670092 CEST | 49799 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:17.432544947 CEST | 80 | 49799 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:17.432650089 CEST | 49799 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:17.437658072 CEST | 80 | 49799 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:18.089358091 CEST | 80 | 49799 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:18.089473009 CEST | 49799 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:18.094146013 CEST | 80 | 49799 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:18.094225883 CEST | 49799 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:18.140397072 CEST | 80 | 49799 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:18.257750988 CEST | 49800 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:18.263796091 CEST | 80 | 49800 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:18.263911009 CEST | 49800 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:18.265928984 CEST | 49800 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:18.316555977 CEST | 80 | 49800 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:18.316752911 CEST | 49800 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:18.323223114 CEST | 80 | 49800 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:18.965111017 CEST | 80 | 49800 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:18.965338945 CEST | 49800 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:18.969830990 CEST | 80 | 49800 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:18.969934940 CEST | 49800 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:19.015408039 CEST | 80 | 49800 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:19.135952950 CEST | 49801 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:19.140995026 CEST | 80 | 49801 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:19.141258955 CEST | 49801 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:19.144546032 CEST | 49801 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:19.192508936 CEST | 80 | 49801 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:19.192615986 CEST | 49801 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:19.197565079 CEST | 80 | 49801 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:19.844598055 CEST | 80 | 49801 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:19.844846010 CEST | 49801 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:19.849298954 CEST | 80 | 49801 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:19.849384069 CEST | 49801 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:19.895394087 CEST | 80 | 49801 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:20.025708914 CEST | 49802 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:20.084130049 CEST | 80 | 49802 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:20.084228039 CEST | 49802 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:20.087462902 CEST | 49802 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:20.140125990 CEST | 80 | 49802 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:20.140235901 CEST | 49802 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:20.145138979 CEST | 80 | 49802 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:20.813754082 CEST | 80 | 49802 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:20.814006090 CEST | 49802 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:20.818584919 CEST | 80 | 49802 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:20.818669081 CEST | 49802 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:20.864412069 CEST | 80 | 49802 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:20.983241081 CEST | 49803 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:21.005189896 CEST | 80 | 49803 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:21.005312920 CEST | 49803 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:21.007406950 CEST | 49803 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:21.056545019 CEST | 80 | 49803 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:21.056752920 CEST | 49803 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:21.061747074 CEST | 80 | 49803 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:21.668618917 CEST | 80 | 49803 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:21.668903112 CEST | 49803 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:21.673774004 CEST | 80 | 49803 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:21.673860073 CEST | 49803 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:21.678658009 CEST | 80 | 49803 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:21.830562115 CEST | 49804 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:21.835577965 CEST | 80 | 49804 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:21.835676908 CEST | 49804 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:21.838596106 CEST | 49804 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:21.888536930 CEST | 80 | 49804 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:21.888648987 CEST | 49804 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:21.893596888 CEST | 80 | 49804 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:22.512217045 CEST | 80 | 49804 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:22.512398005 CEST | 49804 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:22.517222881 CEST | 80 | 49804 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:22.517294884 CEST | 49804 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:22.522095919 CEST | 80 | 49804 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:22.678400993 CEST | 49805 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:22.779400110 CEST | 80 | 49805 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:22.779517889 CEST | 49805 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:22.782485962 CEST | 49805 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:22.832542896 CEST | 80 | 49805 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:22.832621098 CEST | 49805 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:22.837615967 CEST | 80 | 49805 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:23.513103962 CEST | 80 | 49805 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:23.513123035 CEST | 80 | 49805 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:23.513245106 CEST | 49805 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:23.513381958 CEST | 49805 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:23.524513960 CEST | 80 | 49805 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:23.669594049 CEST | 49806 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:23.684541941 CEST | 80 | 49806 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:23.684642076 CEST | 49806 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:23.686553001 CEST | 49806 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:23.707112074 CEST | 80 | 49806 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:23.707205057 CEST | 49806 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:23.712104082 CEST | 80 | 49806 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:24.370537996 CEST | 80 | 49806 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:24.370564938 CEST | 80 | 49806 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:24.370690107 CEST | 49806 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:24.370748043 CEST | 49806 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:24.447354078 CEST | 80 | 49806 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:24.559679985 CEST | 49807 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:24.572763920 CEST | 80 | 49807 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:24.572858095 CEST | 49807 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:24.574892998 CEST | 49807 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:24.614725113 CEST | 80 | 49807 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:24.614794970 CEST | 49807 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:24.670221090 CEST | 80 | 49807 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:25.279051065 CEST | 80 | 49807 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:25.279063940 CEST | 80 | 49807 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:25.279269934 CEST | 49807 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:25.285311937 CEST | 49807 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:25.395560980 CEST | 80 | 49807 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:25.448493004 CEST | 49808 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:25.468339920 CEST | 80 | 49808 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:25.468539953 CEST | 49808 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:25.471357107 CEST | 49808 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:25.480986118 CEST | 80 | 49808 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:25.481043100 CEST | 49808 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:25.492717981 CEST | 80 | 49808 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:26.167741060 CEST | 80 | 49808 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:26.167761087 CEST | 80 | 49808 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:26.167972088 CEST | 49808 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:26.167973042 CEST | 49808 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:26.177723885 CEST | 80 | 49808 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:26.329184055 CEST | 49809 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:26.336601019 CEST | 80 | 49809 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:26.337060928 CEST | 49809 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:26.338973045 CEST | 49809 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:26.388745070 CEST | 80 | 49809 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:26.388911009 CEST | 49809 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:26.393883944 CEST | 80 | 49809 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:27.055355072 CEST | 80 | 49809 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:27.055372953 CEST | 80 | 49809 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:27.055399895 CEST | 80 | 49809 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:27.055653095 CEST | 49809 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:27.055653095 CEST | 49809 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:27.055653095 CEST | 49809 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:27.061683893 CEST | 80 | 49809 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:27.211745977 CEST | 49810 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:27.311834097 CEST | 80 | 49810 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:27.311980009 CEST | 49810 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:27.314090967 CEST | 49810 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:27.574935913 CEST | 80 | 49810 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:27.575017929 CEST | 49810 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:27.631501913 CEST | 80 | 49810 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:28.223341942 CEST | 80 | 49810 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:28.223392963 CEST | 80 | 49810 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:28.223575115 CEST | 49810 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:28.223576069 CEST | 49810 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:28.233128071 CEST | 80 | 49810 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:28.404319048 CEST | 49811 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:28.409416914 CEST | 80 | 49811 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:28.409503937 CEST | 49811 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:28.412600040 CEST | 49811 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:28.455708027 CEST | 80 | 49811 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:28.455782890 CEST | 49811 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:28.470972061 CEST | 80 | 49811 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:29.140816927 CEST | 80 | 49811 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:29.140973091 CEST | 49811 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:29.145558119 CEST | 80 | 49811 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:29.145644903 CEST | 49811 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:29.150713921 CEST | 80 | 49811 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:29.315139055 CEST | 49812 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:29.320280075 CEST | 80 | 49812 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:29.320379019 CEST | 49812 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:29.323327065 CEST | 49812 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:29.377953053 CEST | 80 | 49812 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:29.378393888 CEST | 49812 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:29.385000944 CEST | 80 | 49812 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:29.992249012 CEST | 80 | 49812 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:29.992288113 CEST | 80 | 49812 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:29.992609978 CEST | 49812 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:29.992610931 CEST | 49812 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:30.007694960 CEST | 80 | 49812 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:30.007772923 CEST | 49812 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:30.012598991 CEST | 80 | 49812 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:30.159703016 CEST | 49813 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:30.170361042 CEST | 80 | 49813 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:30.170588970 CEST | 49813 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:30.172585964 CEST | 49813 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:30.181174040 CEST | 80 | 49813 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:30.181250095 CEST | 49813 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:30.190952063 CEST | 80 | 49813 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:30.835333109 CEST | 80 | 49813 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:30.836564064 CEST | 49813 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:30.840212107 CEST | 80 | 49813 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:30.840275049 CEST | 49813 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:30.846476078 CEST | 80 | 49813 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:31.004713058 CEST | 49814 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:31.009857893 CEST | 80 | 49814 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:31.009969950 CEST | 49814 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:31.013040066 CEST | 49814 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:31.060441017 CEST | 80 | 49814 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:31.060694933 CEST | 49814 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:31.065646887 CEST | 80 | 49814 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:31.666645050 CEST | 80 | 49814 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:31.666878939 CEST | 49814 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:31.671412945 CEST | 80 | 49814 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:31.671509027 CEST | 49814 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:31.719475031 CEST | 80 | 49814 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:33.702701092 CEST | 49815 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:33.707798004 CEST | 80 | 49815 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:33.707901955 CEST | 49815 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:33.709939957 CEST | 49815 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:33.767677069 CEST | 80 | 49815 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:33.767760992 CEST | 49815 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:33.775983095 CEST | 80 | 49815 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:34.419543028 CEST | 80 | 49815 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:34.419585943 CEST | 80 | 49815 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:34.419614077 CEST | 80 | 49815 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:34.419644117 CEST | 49815 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:34.419692039 CEST | 49815 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:34.419692039 CEST | 49815 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:34.471379995 CEST | 80 | 49815 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:34.595525026 CEST | 49816 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:34.600656986 CEST | 80 | 49816 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:34.600748062 CEST | 49816 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:34.603701115 CEST | 49816 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:34.652522087 CEST | 80 | 49816 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:34.652604103 CEST | 49816 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:34.657529116 CEST | 80 | 49816 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:35.291377068 CEST | 80 | 49816 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:35.291390896 CEST | 80 | 49816 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:35.291398048 CEST | 80 | 49816 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:35.291517973 CEST | 49816 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:35.291609049 CEST | 49816 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:35.348855019 CEST | 80 | 49816 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:35.457710981 CEST | 49817 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:35.483587027 CEST | 80 | 49817 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:35.483681917 CEST | 49817 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:35.485662937 CEST | 49817 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:35.525257111 CEST | 80 | 49817 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:35.525350094 CEST | 49817 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:35.577752113 CEST | 80 | 49817 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:36.158514977 CEST | 80 | 49817 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:36.158967018 CEST | 49817 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:36.163469076 CEST | 80 | 49817 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:36.163588047 CEST | 49817 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:36.212738991 CEST | 80 | 49817 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:36.323508978 CEST | 49818 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:36.333426952 CEST | 80 | 49818 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:36.333499908 CEST | 49818 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:36.335491896 CEST | 49818 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:36.343085051 CEST | 80 | 49818 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:36.343144894 CEST | 49818 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:36.348128080 CEST | 80 | 49818 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:37.038999081 CEST | 80 | 49818 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:37.039057016 CEST | 80 | 49818 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:37.039148092 CEST | 49818 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:37.040606022 CEST | 49818 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:37.049273968 CEST | 80 | 49818 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:37.202152967 CEST | 49819 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:37.208080053 CEST | 80 | 49819 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:37.208169937 CEST | 49819 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:37.210299015 CEST | 49819 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:37.260487080 CEST | 80 | 49819 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:37.260607958 CEST | 49819 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:37.265738010 CEST | 80 | 49819 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:37.875157118 CEST | 80 | 49819 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:37.879981041 CEST | 80 | 49819 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:37.880079031 CEST | 49819 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:37.895136118 CEST | 49819 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:37.932671070 CEST | 80 | 49819 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:38.112019062 CEST | 49820 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:38.130037069 CEST | 80 | 49820 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:38.130109072 CEST | 49820 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:38.132174015 CEST | 49820 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:38.175890923 CEST | 80 | 49820 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:38.175991058 CEST | 49820 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:38.185589075 CEST | 80 | 49820 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:38.820672989 CEST | 80 | 49820 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:38.820801020 CEST | 49820 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:38.867321968 CEST | 80 | 49820 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:38.867383957 CEST | 49820 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:38.872160912 CEST | 80 | 49820 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:38.986418962 CEST | 49821 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:38.991487026 CEST | 80 | 49821 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:38.991573095 CEST | 49821 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:38.993699074 CEST | 49821 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:39.044617891 CEST | 80 | 49821 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:39.044789076 CEST | 49821 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:39.099453926 CEST | 80 | 49821 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:39.695341110 CEST | 80 | 49821 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:39.695358038 CEST | 80 | 49821 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:39.695368052 CEST | 80 | 49821 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:39.695436954 CEST | 49821 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:39.695488930 CEST | 49821 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:39.748497009 CEST | 80 | 49821 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:39.844711065 CEST | 49822 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:39.852327108 CEST | 80 | 49822 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:39.852440119 CEST | 49822 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:39.855397940 CEST | 49822 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:39.914623022 CEST | 80 | 49822 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:39.914705992 CEST | 49822 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:39.934828997 CEST | 80 | 49822 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:40.549830914 CEST | 80 | 49822 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:40.550263882 CEST | 49822 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:40.554476976 CEST | 80 | 49822 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:40.554656982 CEST | 49822 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:40.600392103 CEST | 80 | 49822 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:40.720199108 CEST | 49823 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:40.728365898 CEST | 80 | 49823 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:40.728461981 CEST | 49823 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:40.730674028 CEST | 49823 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:40.780683041 CEST | 80 | 49823 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:40.780827045 CEST | 49823 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:40.785844088 CEST | 80 | 49823 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:41.410542011 CEST | 80 | 49823 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:41.410741091 CEST | 49823 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:41.415319920 CEST | 80 | 49823 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:41.415430069 CEST | 49823 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:41.424937010 CEST | 80 | 49823 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:41.560205936 CEST | 49824 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:41.565223932 CEST | 80 | 49824 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:41.565299988 CEST | 49824 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:41.567295074 CEST | 49824 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:41.616569996 CEST | 80 | 49824 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:41.616677999 CEST | 49824 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:41.621594906 CEST | 80 | 49824 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:42.261049986 CEST | 80 | 49824 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:42.261056900 CEST | 80 | 49824 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:42.261145115 CEST | 49824 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:42.261145115 CEST | 49824 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:42.272593975 CEST | 80 | 49824 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:42.420584917 CEST | 49825 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:42.425522089 CEST | 80 | 49825 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:42.425781965 CEST | 49825 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:42.432686090 CEST | 49825 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:42.445123911 CEST | 80 | 49825 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:42.445364952 CEST | 49825 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:42.495357990 CEST | 80 | 49825 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:43.103023052 CEST | 80 | 49825 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:43.103751898 CEST | 49825 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:43.109174013 CEST | 80 | 49825 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:43.109616041 CEST | 49825 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:43.114068985 CEST | 80 | 49825 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:43.245845079 CEST | 49826 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:43.409599066 CEST | 80 | 49826 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:43.409696102 CEST | 49826 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:43.411668062 CEST | 49826 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:43.766269922 CEST | 80 | 49826 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:43.766479015 CEST | 49826 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:43.919636965 CEST | 80 | 49826 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:44.133662939 CEST | 80 | 49826 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:44.133677959 CEST | 80 | 49826 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:44.133763075 CEST | 49826 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:44.133865118 CEST | 49826 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:44.148757935 CEST | 80 | 49826 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:44.291457891 CEST | 49827 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:44.304550886 CEST | 80 | 49827 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:44.304733992 CEST | 49827 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:44.306693077 CEST | 49827 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:44.356698990 CEST | 80 | 49827 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:44.357331991 CEST | 49827 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:44.365664959 CEST | 80 | 49827 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:44.957022905 CEST | 80 | 49827 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:44.957416058 CEST | 49827 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:44.962284088 CEST | 80 | 49827 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:44.962408066 CEST | 49827 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:44.967236996 CEST | 80 | 49827 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:45.111287117 CEST | 49828 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:45.168595076 CEST | 80 | 49828 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:45.168903112 CEST | 49828 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:45.171221018 CEST | 49828 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:45.225033998 CEST | 80 | 49828 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:45.225220919 CEST | 49828 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:45.245867014 CEST | 80 | 49828 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:45.849267006 CEST | 80 | 49828 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:45.849281073 CEST | 80 | 49828 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:45.849375963 CEST | 49828 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:45.849463940 CEST | 49828 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:45.889781952 CEST | 80 | 49828 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:45.996154070 CEST | 49829 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:46.004050970 CEST | 80 | 49829 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:46.004964113 CEST | 49829 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:46.007126093 CEST | 49829 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:46.056502104 CEST | 80 | 49829 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:46.060276985 CEST | 49829 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:46.097276926 CEST | 80 | 49829 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:46.703253031 CEST | 80 | 49829 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:46.703263998 CEST | 80 | 49829 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:46.703341961 CEST | 49829 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:46.703408957 CEST | 49829 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:46.708029032 CEST | 80 | 49829 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:46.708302975 CEST | 49829 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:46.719625950 CEST | 80 | 49829 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:46.951128006 CEST | 49830 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:46.997658968 CEST | 80 | 49830 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:46.997891903 CEST | 49830 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:47.000037909 CEST | 49830 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:47.020993948 CEST | 80 | 49830 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:47.021167994 CEST | 49830 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:47.032406092 CEST | 80 | 49830 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:47.723396063 CEST | 80 | 49830 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:47.723418951 CEST | 80 | 49830 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:47.723495960 CEST | 49830 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:47.723546982 CEST | 49830 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:47.755316973 CEST | 80 | 49830 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:47.883685112 CEST | 49831 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:47.921360016 CEST | 80 | 49831 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:47.921453953 CEST | 49831 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:47.923427105 CEST | 49831 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:47.954193115 CEST | 80 | 49831 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:47.954287052 CEST | 49831 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:47.966826916 CEST | 80 | 49831 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:48.635387897 CEST | 80 | 49831 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:48.635399103 CEST | 80 | 49831 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:48.636920929 CEST | 49831 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:48.636920929 CEST | 49831 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:48.656078100 CEST | 80 | 49831 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:48.812705040 CEST | 49832 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:48.818309069 CEST | 80 | 49832 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:48.818378925 CEST | 49832 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:48.820321083 CEST | 49832 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:48.875577927 CEST | 80 | 49832 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:48.875657082 CEST | 49832 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:48.890387058 CEST | 80 | 49832 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:49.607772112 CEST | 80 | 49832 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:49.607908010 CEST | 49832 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:49.612519026 CEST | 80 | 49832 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:49.612615108 CEST | 49832 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:49.617386103 CEST | 80 | 49832 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:51.044157982 CEST | 49833 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:51.057923079 CEST | 80 | 49833 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:51.058002949 CEST | 49833 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:51.174320936 CEST | 49833 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:51.185900927 CEST | 80 | 49833 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:51.185956001 CEST | 49833 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:51.192835093 CEST | 80 | 49833 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:51.779365063 CEST | 80 | 49833 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:51.779371977 CEST | 80 | 49833 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:51.779495955 CEST | 49833 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:51.779496908 CEST | 49833 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:51.791702986 CEST | 80 | 49833 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:51.791774988 CEST | 49833 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:51.796447039 CEST | 80 | 49833 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:51.959186077 CEST | 49834 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:51.975063086 CEST | 80 | 49834 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:51.975178003 CEST | 49834 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:51.977503061 CEST | 49834 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:51.989427090 CEST | 80 | 49834 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:51.989470959 CEST | 49834 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:51.995167971 CEST | 80 | 49834 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:52.671401978 CEST | 80 | 49834 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:52.671509981 CEST | 80 | 49834 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:52.671577930 CEST | 49834 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:52.671577930 CEST | 49834 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:52.676124096 CEST | 80 | 49834 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:52.676178932 CEST | 49834 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:52.724303961 CEST | 80 | 49834 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:52.862560034 CEST | 49835 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:52.870969057 CEST | 80 | 49835 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:52.871069908 CEST | 49835 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:52.872776031 CEST | 49835 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:52.885047913 CEST | 80 | 49835 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:52.885123014 CEST | 49835 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:52.896502972 CEST | 80 | 49835 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:53.585647106 CEST | 80 | 49835 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:53.588198900 CEST | 49835 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:53.590540886 CEST | 80 | 49835 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:53.590677977 CEST | 49835 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:53.639494896 CEST | 80 | 49835 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:53.735918999 CEST | 49836 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:53.741640091 CEST | 80 | 49836 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:53.744445086 CEST | 49836 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:53.747051001 CEST | 49836 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:53.800399065 CEST | 80 | 49836 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:53.804162979 CEST | 49836 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:53.809103966 CEST | 80 | 49836 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:54.423554897 CEST | 80 | 49836 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:54.423602104 CEST | 80 | 49836 | 104.21.85.101 | 192.168.2.5 |
| May 27, 2024 02:58:54.423747063 CEST | 49836 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:54.423747063 CEST | 49836 | 80 | 192.168.2.5 | 104.21.85.101 |
| May 27, 2024 02:58:54.480426073 CEST | 80 | 49836 | 104.21.85.101 | 192.168.2.5 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| May 27, 2024 02:56:52.295789003 CEST | 58214 | 53 | 192.168.2.5 | 1.1.1.1 |
| May 27, 2024 02:56:52.308161020 CEST | 53 | 58214 | 1.1.1.1 | 192.168.2.5 |
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|
| May 27, 2024 02:56:52.295789003 CEST | 192.168.2.5 | 1.1.1.1 | 0xd9ff | Standard query (0) | A (IP address) | IN (0x0001) | false |
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|---|---|
| May 27, 2024 02:56:52.308161020 CEST | 1.1.1.1 | 192.168.2.5 | 0xd9ff | No error (0) | 104.21.85.101 | A (IP address) | IN (0x0001) | false | ||
| May 27, 2024 02:56:52.308161020 CEST | 1.1.1.1 | 192.168.2.5 | 0xd9ff | No error (0) | 172.67.204.114 | A (IP address) | IN (0x0001) | false |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 0 | 192.168.2.5 | 49704 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:56:52.319654942 CEST | 240 | OUT | |
| May 27, 2024 02:56:52.368702888 CEST | 180 | OUT | |
| May 27, 2024 02:56:53.089746952 CEST | 583 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 1 | 192.168.2.5 | 49705 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:56:53.233272076 CEST | 240 | OUT | |
| May 27, 2024 02:56:53.285285950 CEST | 180 | OUT | |
| May 27, 2024 02:56:53.949858904 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 2 | 192.168.2.5 | 49706 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:56:54.048378944 CEST | 240 | OUT | |
| May 27, 2024 02:56:54.096872091 CEST | 153 | OUT | |
| May 27, 2024 02:56:54.715260983 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 3 | 192.168.2.5 | 49707 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:56:54.907196999 CEST | 240 | OUT | |
| May 27, 2024 02:56:54.956893921 CEST | 153 | OUT | |
| May 27, 2024 02:56:55.708489895 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 4 | 192.168.2.5 | 49708 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:56:55.869977951 CEST | 240 | OUT | |
| May 27, 2024 02:56:55.898742914 CEST | 153 | OUT | |
| May 27, 2024 02:56:56.538176060 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 5 | 192.168.2.5 | 49709 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:56:56.824671030 CEST | 240 | OUT | |
| May 27, 2024 02:56:56.865248919 CEST | 153 | OUT | |
| May 27, 2024 02:56:57.501184940 CEST | 591 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 6 | 192.168.2.5 | 49710 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:56:57.681674004 CEST | 240 | OUT | |
| May 27, 2024 02:56:57.730348110 CEST | 153 | OUT | |
| May 27, 2024 02:56:58.659352064 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 7 | 192.168.2.5 | 49711 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:56:58.817935944 CEST | 240 | OUT | |
| May 27, 2024 02:56:58.869282007 CEST | 153 | OUT | |
| May 27, 2024 02:56:59.507848024 CEST | 603 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 8 | 192.168.2.5 | 49712 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:56:59.664329052 CEST | 240 | OUT | |
| May 27, 2024 02:56:59.713324070 CEST | 153 | OUT | |
| May 27, 2024 02:57:00.450532913 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 9 | 192.168.2.5 | 49713 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:00.615869999 CEST | 240 | OUT | |
| May 27, 2024 02:57:00.665637970 CEST | 153 | OUT | |
| May 27, 2024 02:57:01.321350098 CEST | 591 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 10 | 192.168.2.5 | 49714 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:01.572690010 CEST | 240 | OUT | |
| May 27, 2024 02:57:01.613050938 CEST | 153 | OUT | |
| May 27, 2024 02:57:02.255939960 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 11 | 192.168.2.5 | 49715 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:02.427081108 CEST | 240 | OUT | |
| May 27, 2024 02:57:02.469031096 CEST | 153 | OUT | |
| May 27, 2024 02:57:03.154740095 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 12 | 192.168.2.5 | 49716 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:03.327853918 CEST | 240 | OUT | |
| May 27, 2024 02:57:03.372904062 CEST | 153 | OUT | |
| May 27, 2024 02:57:04.029386997 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 13 | 192.168.2.5 | 49717 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:04.194339991 CEST | 240 | OUT | |
| May 27, 2024 02:57:04.244805098 CEST | 153 | OUT | |
| May 27, 2024 02:57:04.953733921 CEST | 601 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 14 | 192.168.2.5 | 49718 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:05.187814951 CEST | 240 | OUT | |
| May 27, 2024 02:57:05.236978054 CEST | 153 | OUT | |
| May 27, 2024 02:57:05.876110077 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 15 | 192.168.2.5 | 49719 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:07.503626108 CEST | 240 | OUT | |
| May 27, 2024 02:57:07.552756071 CEST | 153 | OUT | |
| May 27, 2024 02:57:08.177527905 CEST | 591 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 16 | 192.168.2.5 | 49721 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:08.406183004 CEST | 240 | OUT | |
| May 27, 2024 02:57:08.461241961 CEST | 153 | OUT | |
| May 27, 2024 02:57:09.077306032 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 17 | 192.168.2.5 | 49724 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:09.229387045 CEST | 240 | OUT | |
| May 27, 2024 02:57:09.285092115 CEST | 153 | OUT | |
| May 27, 2024 02:57:09.939446926 CEST | 591 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 18 | 192.168.2.5 | 49726 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:10.108177900 CEST | 240 | OUT | |
| May 27, 2024 02:57:10.207612991 CEST | 153 | OUT | |
| May 27, 2024 02:57:10.817708969 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 19 | 192.168.2.5 | 49728 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:10.970618963 CEST | 240 | OUT | |
| May 27, 2024 02:57:10.978754044 CEST | 153 | OUT | |
| May 27, 2024 02:57:11.630388021 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 20 | 192.168.2.5 | 49730 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:11.985959053 CEST | 240 | OUT | |
| May 27, 2024 02:57:12.036964893 CEST | 153 | OUT | |
| May 27, 2024 02:57:12.650402069 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 21 | 192.168.2.5 | 49731 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:12.795525074 CEST | 240 | OUT | |
| May 27, 2024 02:57:12.848125935 CEST | 153 | OUT | |
| May 27, 2024 02:57:13.470117092 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 22 | 192.168.2.5 | 49732 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:13.622626066 CEST | 240 | OUT | |
| May 27, 2024 02:57:13.672837019 CEST | 153 | OUT | |
| May 27, 2024 02:57:14.366130114 CEST | 601 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 23 | 192.168.2.5 | 49733 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:14.514492989 CEST | 240 | OUT | |
| May 27, 2024 02:57:14.565294981 CEST | 153 | OUT | |
| May 27, 2024 02:57:15.185714006 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 24 | 192.168.2.5 | 49734 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:15.342998028 CEST | 240 | OUT | |
| May 27, 2024 02:57:15.393141031 CEST | 153 | OUT | |
| May 27, 2024 02:57:16.152654886 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 25 | 192.168.2.5 | 49735 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:16.316241980 CEST | 240 | OUT | |
| May 27, 2024 02:57:16.354906082 CEST | 153 | OUT | |
| May 27, 2024 02:57:17.016735077 CEST | 607 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 26 | 192.168.2.5 | 49736 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:17.171322107 CEST | 240 | OUT | |
| May 27, 2024 02:57:17.221159935 CEST | 153 | OUT | |
| May 27, 2024 02:57:17.836726904 CEST | 601 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 27 | 192.168.2.5 | 49737 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:17.983496904 CEST | 240 | OUT | |
| May 27, 2024 02:57:18.032838106 CEST | 153 | OUT | |
| May 27, 2024 02:57:18.678615093 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 28 | 192.168.2.5 | 49738 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:18.824359894 CEST | 240 | OUT | |
| May 27, 2024 02:57:18.872872114 CEST | 153 | OUT | |
| May 27, 2024 02:57:19.488892078 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 29 | 192.168.2.5 | 49739 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:19.638608932 CEST | 240 | OUT | |
| May 27, 2024 02:57:19.692770958 CEST | 153 | OUT | |
| May 27, 2024 02:57:20.317183971 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 30 | 192.168.2.5 | 49740 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:20.475126982 CEST | 240 | OUT | |
| May 27, 2024 02:57:20.525090933 CEST | 153 | OUT | |
| May 27, 2024 02:57:21.181163073 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 31 | 192.168.2.5 | 49741 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:21.327353001 CEST | 240 | OUT | |
| May 27, 2024 02:57:21.381038904 CEST | 153 | OUT | |
| May 27, 2024 02:57:22.008224010 CEST | 591 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 32 | 192.168.2.5 | 49742 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:22.168782949 CEST | 240 | OUT | |
| May 27, 2024 02:57:22.217107058 CEST | 153 | OUT | |
| May 27, 2024 02:57:23.031837940 CEST | 605 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 33 | 192.168.2.5 | 49743 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:23.648663044 CEST | 240 | OUT | |
| May 27, 2024 02:57:23.697263002 CEST | 153 | OUT | |
| May 27, 2024 02:57:24.333389044 CEST | 591 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 34 | 192.168.2.5 | 49744 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:25.218771935 CEST | 240 | OUT | |
| May 27, 2024 02:57:25.269093990 CEST | 153 | OUT | |
| May 27, 2024 02:57:26.282572031 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 35 | 192.168.2.5 | 49745 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:26.436407089 CEST | 240 | OUT | |
| May 27, 2024 02:57:26.485061884 CEST | 153 | OUT | |
| May 27, 2024 02:57:27.153357029 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 36 | 192.168.2.5 | 49746 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:27.314357042 CEST | 240 | OUT | |
| May 27, 2024 02:57:27.365293980 CEST | 153 | OUT | |
| May 27, 2024 02:57:28.185755014 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 37 | 192.168.2.5 | 49747 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:28.354051113 CEST | 240 | OUT | |
| May 27, 2024 02:57:28.404791117 CEST | 153 | OUT | |
| May 27, 2024 02:57:29.049575090 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 38 | 192.168.2.5 | 49748 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:29.208414078 CEST | 240 | OUT | |
| May 27, 2024 02:57:29.256799936 CEST | 153 | OUT | |
| May 27, 2024 02:57:29.953603029 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 39 | 192.168.2.5 | 49749 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:30.108860970 CEST | 240 | OUT | |
| May 27, 2024 02:57:30.164151907 CEST | 153 | OUT | |
| May 27, 2024 02:57:30.933007956 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 40 | 192.168.2.5 | 49750 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:31.110920906 CEST | 240 | OUT | |
| May 27, 2024 02:57:31.161364079 CEST | 153 | OUT | |
| May 27, 2024 02:57:31.781552076 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 41 | 192.168.2.5 | 49751 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:31.964999914 CEST | 240 | OUT | |
| May 27, 2024 02:57:32.013323069 CEST | 153 | OUT | |
| May 27, 2024 02:57:32.678488016 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 42 | 192.168.2.5 | 49752 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:32.850963116 CEST | 240 | OUT | |
| May 27, 2024 02:57:32.906555891 CEST | 153 | OUT | |
| May 27, 2024 02:57:33.694895029 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 43 | 192.168.2.5 | 49753 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:33.866648912 CEST | 240 | OUT | |
| May 27, 2024 02:57:33.915070057 CEST | 153 | OUT | |
| May 27, 2024 02:57:34.563853025 CEST | 601 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 44 | 192.168.2.5 | 49754 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:34.740165949 CEST | 240 | OUT | |
| May 27, 2024 02:57:34.788880110 CEST | 153 | OUT | |
| May 27, 2024 02:57:35.395363092 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 45 | 192.168.2.5 | 49755 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:35.556015968 CEST | 240 | OUT | |
| May 27, 2024 02:57:35.605241060 CEST | 153 | OUT | |
| May 27, 2024 02:57:36.209853888 CEST | 603 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 46 | 192.168.2.5 | 49756 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:36.373420000 CEST | 240 | OUT | |
| May 27, 2024 02:57:36.424917936 CEST | 153 | OUT | |
| May 27, 2024 02:57:37.170723915 CEST | 601 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 47 | 192.168.2.5 | 49757 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:37.342737913 CEST | 240 | OUT | |
| May 27, 2024 02:57:37.392899036 CEST | 153 | OUT | |
| May 27, 2024 02:57:38.021918058 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 48 | 192.168.2.5 | 49758 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:38.199507952 CEST | 240 | OUT | |
| May 27, 2024 02:57:38.252654076 CEST | 153 | OUT | |
| May 27, 2024 02:57:38.868324041 CEST | 601 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 49 | 192.168.2.5 | 49759 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:39.029386997 CEST | 240 | OUT | |
| May 27, 2024 02:57:39.077013016 CEST | 153 | OUT | |
| May 27, 2024 02:57:39.769953012 CEST | 589 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 50 | 192.168.2.5 | 49760 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:39.944130898 CEST | 240 | OUT | |
| May 27, 2024 02:57:39.999458075 CEST | 153 | OUT | |
| May 27, 2024 02:57:40.616909027 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 51 | 192.168.2.5 | 49761 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:41.138153076 CEST | 240 | OUT | |
| May 27, 2024 02:57:41.189774036 CEST | 153 | OUT | |
| May 27, 2024 02:57:41.901529074 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 52 | 192.168.2.5 | 49762 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:42.867142916 CEST | 240 | OUT | |
| May 27, 2024 02:57:42.917149067 CEST | 153 | OUT | |
| May 27, 2024 02:57:43.720607996 CEST | 601 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 53 | 192.168.2.5 | 49763 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:43.888979912 CEST | 240 | OUT | |
| May 27, 2024 02:57:43.937016964 CEST | 153 | OUT | |
| May 27, 2024 02:57:44.546736002 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 54 | 192.168.2.5 | 49764 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:44.712945938 CEST | 240 | OUT | |
| May 27, 2024 02:57:44.765171051 CEST | 153 | OUT | |
| May 27, 2024 02:57:46.118210077 CEST | 599 | IN | |
| May 27, 2024 02:57:46.119332075 CEST | 599 | IN | |
| May 27, 2024 02:57:46.124115944 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 55 | 192.168.2.5 | 49765 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:46.289680958 CEST | 240 | OUT | |
| May 27, 2024 02:57:46.344846964 CEST | 153 | OUT | |
| May 27, 2024 02:57:46.974343061 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 56 | 192.168.2.5 | 49766 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:47.148785114 CEST | 240 | OUT | |
| May 27, 2024 02:57:47.190504074 CEST | 153 | OUT | |
| May 27, 2024 02:57:47.822921038 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 57 | 192.168.2.5 | 49767 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:48.003345966 CEST | 240 | OUT | |
| May 27, 2024 02:57:48.052622080 CEST | 153 | OUT | |
| May 27, 2024 02:57:48.780354977 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 58 | 192.168.2.5 | 49769 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:48.941539049 CEST | 240 | OUT | |
| May 27, 2024 02:57:48.992826939 CEST | 153 | OUT | |
| May 27, 2024 02:57:49.714660883 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 59 | 192.168.2.5 | 49770 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:49.900695086 CEST | 240 | OUT | |
| May 27, 2024 02:57:49.948944092 CEST | 153 | OUT | |
| May 27, 2024 02:57:50.718691111 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 60 | 192.168.2.5 | 49771 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:50.878813982 CEST | 240 | OUT | |
| May 27, 2024 02:57:50.928930044 CEST | 153 | OUT | |
| May 27, 2024 02:57:51.638334990 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 61 | 192.168.2.5 | 49772 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:52.045782089 CEST | 240 | OUT | |
| May 27, 2024 02:57:52.052719116 CEST | 153 | OUT | |
| May 27, 2024 02:57:52.737632036 CEST | 603 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 62 | 192.168.2.5 | 49773 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:52.944506884 CEST | 240 | OUT | |
| May 27, 2024 02:57:52.991462946 CEST | 153 | OUT | |
| May 27, 2024 02:57:53.621182919 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 63 | 192.168.2.5 | 49774 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:53.803472996 CEST | 240 | OUT | |
| May 27, 2024 02:57:53.852787971 CEST | 153 | OUT | |
| May 27, 2024 02:57:54.612775087 CEST | 603 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 64 | 192.168.2.5 | 49775 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:54.770133972 CEST | 240 | OUT | |
| May 27, 2024 02:57:54.820686102 CEST | 153 | OUT | |
| May 27, 2024 02:57:55.466506004 CEST | 591 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 65 | 192.168.2.5 | 49776 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:55.635318995 CEST | 240 | OUT | |
| May 27, 2024 02:57:55.684921026 CEST | 153 | OUT | |
| May 27, 2024 02:57:56.310836077 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 66 | 192.168.2.5 | 49777 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:56.483967066 CEST | 240 | OUT | |
| May 27, 2024 02:57:56.532691956 CEST | 153 | OUT | |
| May 27, 2024 02:57:57.280860901 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 67 | 192.168.2.5 | 49778 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:57.446785927 CEST | 240 | OUT | |
| May 27, 2024 02:57:57.496686935 CEST | 153 | OUT | |
| May 27, 2024 02:57:58.121378899 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 68 | 192.168.2.5 | 49779 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:58.296638966 CEST | 240 | OUT | |
| May 27, 2024 02:57:58.348908901 CEST | 153 | OUT | |
| May 27, 2024 02:57:58.971550941 CEST | 601 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 69 | 192.168.2.5 | 49780 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:59.127367020 CEST | 240 | OUT | |
| May 27, 2024 02:57:59.176888943 CEST | 153 | OUT | |
| May 27, 2024 02:57:59.828756094 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 70 | 192.168.2.5 | 49781 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:57:59.993911028 CEST | 240 | OUT | |
| May 27, 2024 02:58:00.044909000 CEST | 153 | OUT | |
| May 27, 2024 02:58:00.686615944 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 71 | 192.168.2.5 | 49782 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:00.847332001 CEST | 240 | OUT | |
| May 27, 2024 02:58:00.896893978 CEST | 153 | OUT | |
| May 27, 2024 02:58:01.520950079 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 72 | 192.168.2.5 | 49783 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:01.718197107 CEST | 240 | OUT | |
| May 27, 2024 02:58:01.951710939 CEST | 153 | OUT | |
| May 27, 2024 02:58:02.642004967 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 73 | 192.168.2.5 | 49784 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:02.822734118 CEST | 240 | OUT | |
| May 27, 2024 02:58:02.872600079 CEST | 153 | OUT | |
| May 27, 2024 02:58:03.528973103 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 74 | 192.168.2.5 | 49785 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:03.699908018 CEST | 240 | OUT | |
| May 27, 2024 02:58:03.748639107 CEST | 153 | OUT | |
| May 27, 2024 02:58:04.441762924 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 75 | 192.168.2.5 | 49786 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:04.647547007 CEST | 240 | OUT | |
| May 27, 2024 02:58:04.657346964 CEST | 153 | OUT | |
| May 27, 2024 02:58:05.371351957 CEST | 603 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 76 | 192.168.2.5 | 49787 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:05.571891069 CEST | 240 | OUT | |
| May 27, 2024 02:58:05.620650053 CEST | 153 | OUT | |
| May 27, 2024 02:58:06.301511049 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 77 | 192.168.2.5 | 49788 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:06.518524885 CEST | 240 | OUT | |
| May 27, 2024 02:58:06.572700977 CEST | 153 | OUT | |
| May 27, 2024 02:58:07.235222101 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 78 | 192.168.2.5 | 49789 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:07.399030924 CEST | 240 | OUT | |
| May 27, 2024 02:58:07.448867083 CEST | 153 | OUT | |
| May 27, 2024 02:58:08.076312065 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 79 | 192.168.2.5 | 49790 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:08.266294003 CEST | 240 | OUT | |
| May 27, 2024 02:58:08.316637993 CEST | 153 | OUT | |
| May 27, 2024 02:58:08.936168909 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 80 | 192.168.2.5 | 49791 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:09.186594009 CEST | 240 | OUT | |
| May 27, 2024 02:58:09.236658096 CEST | 153 | OUT | |
| May 27, 2024 02:58:09.909831047 CEST | 603 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 81 | 192.168.2.5 | 49792 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:10.081250906 CEST | 240 | OUT | |
| May 27, 2024 02:58:10.136637926 CEST | 153 | OUT | |
| May 27, 2024 02:58:10.769464016 CEST | 601 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 82 | 192.168.2.5 | 49793 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:10.936239958 CEST | 240 | OUT | |
| May 27, 2024 02:58:10.984827995 CEST | 153 | OUT | |
| May 27, 2024 02:58:11.593967915 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 83 | 192.168.2.5 | 49794 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:11.776103973 CEST | 240 | OUT | |
| May 27, 2024 02:58:11.828528881 CEST | 153 | OUT | |
| May 27, 2024 02:58:12.693614960 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 84 | 192.168.2.5 | 49795 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:12.860512018 CEST | 240 | OUT | |
| May 27, 2024 02:58:12.914796114 CEST | 153 | OUT | |
| May 27, 2024 02:58:13.528036118 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 85 | 192.168.2.5 | 49796 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:13.812339067 CEST | 240 | OUT | |
| May 27, 2024 02:58:13.840562105 CEST | 153 | OUT | |
| May 27, 2024 02:58:14.471988916 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 86 | 192.168.2.5 | 49797 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:15.663990021 CEST | 240 | OUT | |
| May 27, 2024 02:58:15.716706038 CEST | 153 | OUT | |
| May 27, 2024 02:58:16.359973907 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 87 | 192.168.2.5 | 49798 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:16.532869101 CEST | 240 | OUT | |
| May 27, 2024 02:58:16.580800056 CEST | 153 | OUT | |
| May 27, 2024 02:58:17.219400883 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 88 | 192.168.2.5 | 49799 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:17.383670092 CEST | 240 | OUT | |
| May 27, 2024 02:58:17.432650089 CEST | 153 | OUT | |
| May 27, 2024 02:58:18.089358091 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 89 | 192.168.2.5 | 49800 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:18.265928984 CEST | 240 | OUT | |
| May 27, 2024 02:58:18.316752911 CEST | 153 | OUT | |
| May 27, 2024 02:58:18.965111017 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 90 | 192.168.2.5 | 49801 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:19.144546032 CEST | 240 | OUT | |
| May 27, 2024 02:58:19.192615986 CEST | 153 | OUT | |
| May 27, 2024 02:58:19.844598055 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 91 | 192.168.2.5 | 49802 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:20.087462902 CEST | 240 | OUT | |
| May 27, 2024 02:58:20.140235901 CEST | 153 | OUT | |
| May 27, 2024 02:58:20.813754082 CEST | 603 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 92 | 192.168.2.5 | 49803 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:21.007406950 CEST | 240 | OUT | |
| May 27, 2024 02:58:21.056752920 CEST | 153 | OUT | |
| May 27, 2024 02:58:21.668618917 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 93 | 192.168.2.5 | 49804 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:21.838596106 CEST | 240 | OUT | |
| May 27, 2024 02:58:21.888648987 CEST | 153 | OUT | |
| May 27, 2024 02:58:22.512217045 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 94 | 192.168.2.5 | 49805 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:22.782485962 CEST | 240 | OUT | |
| May 27, 2024 02:58:22.832621098 CEST | 153 | OUT | |
| May 27, 2024 02:58:23.513103962 CEST | 603 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 95 | 192.168.2.5 | 49806 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:23.686553001 CEST | 240 | OUT | |
| May 27, 2024 02:58:23.707205057 CEST | 153 | OUT | |
| May 27, 2024 02:58:24.370537996 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 96 | 192.168.2.5 | 49807 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:24.574892998 CEST | 240 | OUT | |
| May 27, 2024 02:58:24.614794970 CEST | 153 | OUT | |
| May 27, 2024 02:58:25.279051065 CEST | 601 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 97 | 192.168.2.5 | 49808 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:25.471357107 CEST | 240 | OUT | |
| May 27, 2024 02:58:25.481043100 CEST | 153 | OUT | |
| May 27, 2024 02:58:26.167741060 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 98 | 192.168.2.5 | 49809 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:26.338973045 CEST | 240 | OUT | |
| May 27, 2024 02:58:26.388911009 CEST | 153 | OUT | |
| May 27, 2024 02:58:27.055355072 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 99 | 192.168.2.5 | 49810 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:27.314090967 CEST | 240 | OUT | |
| May 27, 2024 02:58:27.575017929 CEST | 153 | OUT | |
| May 27, 2024 02:58:28.223341942 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 100 | 192.168.2.5 | 49811 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:28.412600040 CEST | 240 | OUT | |
| May 27, 2024 02:58:28.455782890 CEST | 153 | OUT | |
| May 27, 2024 02:58:29.140816927 CEST | 601 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 101 | 192.168.2.5 | 49812 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:29.323327065 CEST | 240 | OUT | |
| May 27, 2024 02:58:29.378393888 CEST | 153 | OUT | |
| May 27, 2024 02:58:29.992249012 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 102 | 192.168.2.5 | 49813 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:30.172585964 CEST | 240 | OUT | |
| May 27, 2024 02:58:30.181250095 CEST | 153 | OUT | |
| May 27, 2024 02:58:30.835333109 CEST | 603 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 103 | 192.168.2.5 | 49814 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:31.013040066 CEST | 240 | OUT | |
| May 27, 2024 02:58:31.060694933 CEST | 153 | OUT | |
| May 27, 2024 02:58:31.666645050 CEST | 591 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 104 | 192.168.2.5 | 49815 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:33.709939957 CEST | 240 | OUT | |
| May 27, 2024 02:58:33.767760992 CEST | 153 | OUT | |
| May 27, 2024 02:58:34.419543028 CEST | 601 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 105 | 192.168.2.5 | 49816 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:34.603701115 CEST | 240 | OUT | |
| May 27, 2024 02:58:34.652604103 CEST | 153 | OUT | |
| May 27, 2024 02:58:35.291377068 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port |
|---|---|---|---|---|
| 106 | 192.168.2.5 | 49817 | 104.21.85.101 | 80 |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:35.485662937 CEST | 240 | OUT | |
| May 27, 2024 02:58:35.525350094 CEST | 153 | OUT | |
| May 27, 2024 02:58:36.158514977 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 107 | 192.168.2.5 | 49818 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:36.335491896 CEST | 240 | OUT | |
| May 27, 2024 02:58:36.343144894 CEST | 153 | OUT | |
| May 27, 2024 02:58:37.038999081 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 108 | 192.168.2.5 | 49819 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:37.210299015 CEST | 240 | OUT | |
| May 27, 2024 02:58:37.260607958 CEST | 153 | OUT | |
| May 27, 2024 02:58:37.875157118 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 109 | 192.168.2.5 | 49820 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:38.132174015 CEST | 240 | OUT | |
| May 27, 2024 02:58:38.175991058 CEST | 153 | OUT | |
| May 27, 2024 02:58:38.820672989 CEST | 591 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 110 | 192.168.2.5 | 49821 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:38.993699074 CEST | 240 | OUT | |
| May 27, 2024 02:58:39.044789076 CEST | 153 | OUT | |
| May 27, 2024 02:58:39.695341110 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 111 | 192.168.2.5 | 49822 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:39.855397940 CEST | 240 | OUT | |
| May 27, 2024 02:58:39.914705992 CEST | 153 | OUT | |
| May 27, 2024 02:58:40.549830914 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 112 | 192.168.2.5 | 49823 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:40.730674028 CEST | 240 | OUT | |
| May 27, 2024 02:58:40.780827045 CEST | 153 | OUT | |
| May 27, 2024 02:58:41.410542011 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 113 | 192.168.2.5 | 49824 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:41.567295074 CEST | 240 | OUT | |
| May 27, 2024 02:58:41.616677999 CEST | 153 | OUT | |
| May 27, 2024 02:58:42.261049986 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 114 | 192.168.2.5 | 49825 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:42.432686090 CEST | 240 | OUT | |
| May 27, 2024 02:58:42.445364952 CEST | 153 | OUT | |
| May 27, 2024 02:58:43.103023052 CEST | 603 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 115 | 192.168.2.5 | 49826 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:43.411668062 CEST | 240 | OUT | |
| May 27, 2024 02:58:43.766479015 CEST | 153 | OUT | |
| May 27, 2024 02:58:44.133662939 CEST | 597 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 116 | 192.168.2.5 | 49827 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:44.306693077 CEST | 240 | OUT | |
| May 27, 2024 02:58:44.357331991 CEST | 153 | OUT | |
| May 27, 2024 02:58:44.957022905 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 117 | 192.168.2.5 | 49828 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:45.171221018 CEST | 240 | OUT | |
| May 27, 2024 02:58:45.225220919 CEST | 153 | OUT | |
| May 27, 2024 02:58:45.849267006 CEST | 593 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 118 | 192.168.2.5 | 49829 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:46.007126093 CEST | 240 | OUT | |
| May 27, 2024 02:58:46.060276985 CEST | 153 | OUT | |
| May 27, 2024 02:58:46.703253031 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 119 | 192.168.2.5 | 49830 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:47.000037909 CEST | 240 | OUT | |
| May 27, 2024 02:58:47.021167994 CEST | 153 | OUT | |
| May 27, 2024 02:58:47.723396063 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 120 | 192.168.2.5 | 49831 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:47.923427105 CEST | 240 | OUT | |
| May 27, 2024 02:58:47.954287052 CEST | 153 | OUT | |
| May 27, 2024 02:58:48.635387897 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 121 | 192.168.2.5 | 49832 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:48.820321083 CEST | 240 | OUT | |
| May 27, 2024 02:58:48.875657082 CEST | 153 | OUT | |
| May 27, 2024 02:58:49.607772112 CEST | 595 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 122 | 192.168.2.5 | 49833 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:51.174320936 CEST | 240 | OUT | |
| May 27, 2024 02:58:51.185956001 CEST | 153 | OUT | |
| May 27, 2024 02:58:51.779365063 CEST | 591 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 123 | 192.168.2.5 | 49834 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:51.977503061 CEST | 240 | OUT | |
| May 27, 2024 02:58:51.989470959 CEST | 153 | OUT | |
| May 27, 2024 02:58:52.671401978 CEST | 601 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 124 | 192.168.2.5 | 49835 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:52.872776031 CEST | 240 | OUT | |
| May 27, 2024 02:58:52.885123014 CEST | 153 | OUT | |
| May 27, 2024 02:58:53.585647106 CEST | 599 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 125 | 192.168.2.5 | 49836 | 104.21.85.101 | 80 | 5504 | C:\Windows\SysWOW64\svchost.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| May 27, 2024 02:58:53.747051001 CEST | 240 | OUT | |
| May 27, 2024 02:58:53.804162979 CEST | 153 | OUT | |
| May 27, 2024 02:58:54.423554897 CEST | 591 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
| Target ID: | 0 |
| Start time: | 20:56:49 |
| Start date: | 26/05/2024 |
| Path: | C:\Users\user\Desktop\MV XH DOLPHINPDF.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x80000 |
| File size: | 963'072 bytes |
| MD5 hash: | E3D3D93759A0552C63EC2C3CCBF6C383 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Yara matches: |
|
| Reputation: | low |
| Has exited: | true |
| Target ID: | 2 |
| Start time: | 20:56:50 |
| Start date: | 26/05/2024 |
| Path: | C:\Windows\SysWOW64\svchost.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xca0000 |
| File size: | 46'504 bytes |
| MD5 hash: | 1ED18311E3DA35942DB37D15FA40CC5B |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Yara matches: |
|
| Reputation: | moderate |
| Has exited: | false |
Execution Graph
| Execution Coverage: | 3.9% |
| Dynamic/Decrypted Code Coverage: | 1.3% |
| Signature Coverage: | 6.1% |
| Total number of Nodes: | 2000 |
| Total number of Limit Nodes: | 163 |
Graph
Function 00083B4C Relevance: 17.7, APIs: 8, Strings: 2, Instructions: 153windowCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00084AFE Relevance: 10.7, APIs: 7, Instructions: 223COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E4696 Relevance: 4.5, APIs: 3, Instructions: 25fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0008E800 Relevance: 2.4, Strings: 1, Instructions: 1102COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00090B30 Relevance: 57.3, APIs: 27, Strings: 5, Instructions: 1300windowsleeptimeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E93DF Relevance: 19.8, APIs: 13, Instructions: 322fileCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00083015 Relevance: 19.3, APIs: 7, Strings: 4, Instructions: 73windowregistryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00083041 Relevance: 19.3, APIs: 7, Strings: 4, Instructions: 54windowregistryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000871EB Relevance: 17.7, APIs: 6, Strings: 4, Instructions: 201registryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00083A58 Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 71windowregistryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00083633 Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 151windowtimeregistryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Control-flow Graph
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01DD2630 Relevance: 10.7, APIs: 7, Instructions: 239fileCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Control-flow Graph
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01DD2410 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 139fileCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Strings |
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0008410D Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 88windowCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Control-flow Graph
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000835B0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 59registryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000A493A Relevance: 6.1, APIs: 4, Instructions: 136COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000FCDF1 Relevance: 4.9, APIs: 3, Instructions: 392COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0008F8CF Relevance: 4.7, APIs: 3, Instructions: 168comCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000843DB Relevance: 4.6, APIs: 3, Instructions: 77windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000A594C Relevance: 4.6, APIs: 3, Instructions: 59memoryCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E8F97 Relevance: 4.5, APIs: 3, Instructions: 22COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0008492E Relevance: 3.1, APIs: 2, Instructions: 59COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00085DF9 Relevance: 3.1, APIs: 2, Instructions: 57fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000881C1 Relevance: 2.6, APIs: 2, Instructions: 54COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00092123 Relevance: 1.7, APIs: 1, Instructions: 171COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00085C4E Relevance: 1.6, APIs: 1, Instructions: 97COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000C00D6 Relevance: 1.6, APIs: 1, Instructions: 88COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000880D7 Relevance: 1.6, APIs: 1, Instructions: 64COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00084F3D Relevance: 1.6, APIs: 1, Instructions: 64libraryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000C01AF Relevance: 1.6, APIs: 1, Instructions: 63COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00085D20 Relevance: 1.6, APIs: 1, Instructions: 53fileCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000A4A93 Relevance: 1.5, APIs: 1, Instructions: 36COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00084FAA Relevance: 1.5, APIs: 1, Instructions: 28COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000A09D5 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E9129 Relevance: 1.5, APIs: 1, Instructions: 22COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00085DAE Relevance: 1.5, APIs: 1, Instructions: 16COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000A548B Relevance: 1.5, APIs: 1, Instructions: 9COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000ED2E6 Relevance: 1.4, APIs: 1, Instructions: 198COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000A0E48 Relevance: 1.3, APIs: 1, Instructions: 94memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01DD22FC Relevance: 1.3, APIs: 1, Instructions: 21sleepCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01DD2300 Relevance: 1.3, APIs: 1, Instructions: 18sleepCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010CDAC Relevance: 74.1, APIs: 40, Strings: 2, Instructions: 637windowkeyboardCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010804A Relevance: 60.1, APIs: 33, Strings: 1, Instructions: 571windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00084A35 Relevance: 43.9, APIs: 24, Strings: 1, Instructions: 131keyboardthreadwindowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000EC9C7 Relevance: 28.3, APIs: 13, Strings: 3, Instructions: 280timefileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000EF200 Relevance: 28.1, APIs: 15, Strings: 1, Instructions: 119fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00100AE2 Relevance: 26.7, APIs: 9, Strings: 6, Instructions: 477registryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000EF35D Relevance: 24.6, APIs: 13, Strings: 1, Instructions: 112fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00096843 Relevance: 19.6, Strings: 15, Instructions: 883COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F4458 Relevance: 15.1, APIs: 10, Instructions: 83clipboardmemoryCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E3A2B Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 167fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000EF65E Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 120filesleepCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000958C0 Relevance: 11.0, APIs: 7, Instructions: 532COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E545F Relevance: 10.6, APIs: 3, Strings: 3, Instructions: 59shutdownCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F6596 Relevance: 9.1, APIs: 6, Instructions: 84networkCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00081287 Relevance: 7.9, APIs: 5, Instructions: 379COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 001055FD Relevance: 7.6, APIs: 5, Instructions: 69windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000FC304 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 19libraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000DEB07 Relevance: 5.1, APIs: 1, Strings: 2, Instructions: 561stringCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000EB59E Relevance: 4.6, APIs: 3, Instructions: 73COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D8CC3 Relevance: 4.6, APIs: 3, Instructions: 67COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E4021 Relevance: 4.6, APIs: 3, Instructions: 61fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E4C03 Relevance: 4.5, APIs: 3, Instructions: 43memoryCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0008E060 Relevance: 3.5, APIs: 2, Instructions: 539COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000EC93C Relevance: 3.1, APIs: 2, Instructions: 52fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000EA2D5 Relevance: 3.0, APIs: 2, Instructions: 31windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D8713 Relevance: 3.0, APIs: 2, Instructions: 22COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000AF419 Relevance: 2.1, APIs: 1, Instructions: 645COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000B267E Relevance: 1.8, APIs: 1, Instructions: 294COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E8B13 Relevance: 1.6, APIs: 1, Instructions: 68COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E4EC9 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D8C93 Relevance: 1.5, APIs: 1, Instructions: 19COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000C2230 Relevance: 1.5, APIs: 1, Instructions: 7COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000AA364 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00098A0E Relevance: .6, Instructions: 608COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000A2405 Relevance: .3, Instructions: 345COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000A283A Relevance: .3, Instructions: 341COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01DD3650 Relevance: .1, Instructions: 92COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01DD3540 Relevance: .0, Instructions: 35COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01DD34E0 Relevance: .0, Instructions: 35COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01DD1ED0 Relevance: .0, Instructions: 6COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F7B1B Relevance: 77.5, APIs: 40, Strings: 4, Instructions: 491filecommemoryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 001037F3 Relevance: 51.1, APIs: 6, Strings: 23, Instructions: 365windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010A849 Relevance: 49.8, APIs: 33, Instructions: 274COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00082C18 Relevance: 49.5, APIs: 27, Strings: 1, Instructions: 486windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F77BE Relevance: 45.8, APIs: 22, Strings: 4, Instructions: 284windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00108C44 Relevance: 38.9, APIs: 21, Strings: 1, Instructions: 401windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00104B16 Relevance: 37.0, APIs: 18, Strings: 3, Instructions: 290windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000827D9 Relevance: 33.5, APIs: 18, Strings: 1, Instructions: 286windowtimeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00104069 Relevance: 28.3, APIs: 3, Strings: 13, Instructions: 283windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F52F0 Relevance: 27.1, APIs: 18, Instructions: 124COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000DAA64 Relevance: 26.5, APIs: 14, Strings: 1, Instructions: 273windowtimeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010A428 Relevance: 24.7, APIs: 12, Strings: 2, Instructions: 205windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010C8EE Relevance: 24.7, APIs: 11, Strings: 3, Instructions: 181windowfileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00104619 Relevance: 23.0, APIs: 2, Strings: 11, Instructions: 251windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010BAB8 Relevance: 22.9, APIs: 10, Strings: 3, Instructions: 197windowlibraryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000EA45A Relevance: 22.9, APIs: 10, Strings: 3, Instructions: 102fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010C49C Relevance: 21.2, APIs: 11, Strings: 1, Instructions: 229windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F762D Relevance: 21.2, APIs: 11, Strings: 1, Instructions: 160windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E48F3 Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 73networkCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E5217 Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 72sleepwindowtimeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000ED7F8 Relevance: 18.3, APIs: 12, Instructions: 283comCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000DC72A Relevance: 18.2, APIs: 12, Instructions: 174COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0008201B Relevance: 18.2, APIs: 12, Instructions: 170timeCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000821A5 Relevance: 18.1, APIs: 12, Instructions: 132COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 001073C1 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 103windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010772A Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 101windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000A7040 Relevance: 16.8, APIs: 11, Instructions: 258COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F86D0 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 197comCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F5A45 Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 163networkfileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D9471 Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 82windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D955C Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 81windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D9645 Relevance: 15.8, APIs: 4, Strings: 5, Instructions: 72windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F8BC0 Relevance: 15.3, APIs: 10, Instructions: 324fileCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00082E26 Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 186windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010C27C Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 149windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F8F5B Relevance: 13.9, APIs: 9, Instructions: 438COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 001088B4 Relevance: 13.7, APIs: 9, Instructions: 168COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D9B50 Relevance: 13.6, APIs: 9, Instructions: 66sleepkeyboardwindowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00106FEF Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 143windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E3226 Relevance: 12.3, APIs: 2, Strings: 5, Instructions: 82windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E4534 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 47windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00082A5B Relevance: 12.1, APIs: 8, Instructions: 129COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E7368 Relevance: 12.1, APIs: 8, Instructions: 101fileCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00106442 Relevance: 12.1, APIs: 8, Instructions: 95windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000DC072 Relevance: 12.1, APIs: 8, Instructions: 92COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00081424 Relevance: 10.7, APIs: 7, Instructions: 219COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E589F Relevance: 10.6, APIs: 7, Instructions: 138timeCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E38AD Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 111filestringCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00107500 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 103windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010653C Relevance: 10.6, APIs: 7, Instructions: 99windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000DE0B5 Relevance: 10.6, APIs: 7, Instructions: 90memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010783C Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 75windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000A41C9 Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 24libraryloaderCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000A429E Relevance: 10.5, APIs: 4, Strings: 2, Instructions: 19libraryloaderCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E675A Relevance: 9.2, APIs: 6, Instructions: 205COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00105A20 Relevance: 9.2, APIs: 6, Instructions: 160windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000DF3DD Relevance: 9.2, APIs: 6, Instructions: 159COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E26F9 Relevance: 9.1, APIs: 6, Instructions: 138windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00081765 Relevance: 9.1, APIs: 6, Instructions: 113COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010B958 Relevance: 9.1, APIs: 6, Instructions: 109windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F73B1 Relevance: 9.1, APIs: 6, Instructions: 97COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D8D5B Relevance: 9.1, APIs: 6, Instructions: 69memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D8AF9 Relevance: 9.1, APIs: 6, Instructions: 65processCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010C19A Relevance: 9.0, APIs: 6, Instructions: 49COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E74D2 Relevance: 9.0, APIs: 6, Instructions: 33synchronizationthreadCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D8E74 Relevance: 9.0, APIs: 6, Instructions: 23memorysynchronizationCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E2F86 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 195windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000DDA5D Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 121comlibraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E2C42 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 114windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D9372 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 94windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F1B21 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 86networkCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00106656 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 80windowlibraryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E703E Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 79filepipeCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E710C Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 79filepipeCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000DA52F Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 68windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000FEE69 Relevance: 7.7, APIs: 5, Instructions: 247COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000EE7DC Relevance: 7.6, APIs: 5, Instructions: 135COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010A2C5 Relevance: 7.6, APIs: 5, Instructions: 130COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D6920 Relevance: 7.6, APIs: 5, Instructions: 97windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000DB6AF Relevance: 7.6, APIs: 5, Instructions: 88windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010B405 Relevance: 7.6, APIs: 5, Instructions: 85COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D97E9 Relevance: 7.6, APIs: 5, Instructions: 84windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000812F3 Relevance: 7.6, APIs: 5, Instructions: 67COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000DC161 Relevance: 7.6, APIs: 5, Instructions: 61COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E4D35 Relevance: 7.6, APIs: 5, Instructions: 56synchronizationthreadwindowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D874A Relevance: 7.5, APIs: 5, Instructions: 49memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E54E6 Relevance: 7.5, APIs: 5, Instructions: 48sleepCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D7652 Relevance: 7.5, APIs: 5, Instructions: 48stringCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D85F1 Relevance: 7.5, APIs: 5, Instructions: 45memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D8652 Relevance: 7.5, APIs: 5, Instructions: 45memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000813B0 Relevance: 7.5, APIs: 5, Instructions: 29COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00107648 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 90windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00106F1F Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 84windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010797D Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 66windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00084C95 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 18libraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00084D61 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 18libraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00084D94 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 18libraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00101072 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 18libraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F93F5 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 18libraryloaderCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D76C5 Relevance: 6.3, APIs: 4, Instructions: 333COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000FE33E Relevance: 6.3, APIs: 4, Instructions: 307memoryCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F83A8 Relevance: 6.3, APIs: 4, Instructions: 267COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D7A78 Relevance: 6.2, APIs: 4, Instructions: 231COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D6DF3 Relevance: 6.2, APIs: 4, Instructions: 202memoryCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E97E5 Relevance: 6.2, APIs: 4, Instructions: 155COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00109A63 Relevance: 6.1, APIs: 4, Instructions: 140COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F672D Relevance: 6.1, APIs: 4, Instructions: 116COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000EBA5F Relevance: 6.1, APIs: 4, Instructions: 111fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00108AC0 Relevance: 6.1, APIs: 4, Instructions: 109COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010ADF1 Relevance: 6.1, APIs: 4, Instructions: 106windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00105175 Relevance: 6.1, APIs: 4, Instructions: 95COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010C788 Relevance: 6.1, APIs: 4, Instructions: 83windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D8B9E Relevance: 6.1, APIs: 4, Instructions: 79memoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000A0BD0 Relevance: 6.1, APIs: 4, Instructions: 79COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F1A5B Relevance: 6.1, APIs: 4, Instructions: 78networkCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000DE1AF Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 68stringCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E40B1 Relevance: 6.1, APIs: 4, Instructions: 65fileCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F667C Relevance: 6.1, APIs: 4, Instructions: 61networkCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D9023 Relevance: 6.1, APIs: 4, Instructions: 59windowCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00081290 Relevance: 6.1, APIs: 4, Instructions: 59COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E1652 Relevance: 6.1, APIs: 4, Instructions: 51sleepCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010B57F Relevance: 6.0, APIs: 4, Instructions: 47COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010B8EF Relevance: 6.0, APIs: 4, Instructions: 40processCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E6E7C Relevance: 6.0, APIs: 4, Instructions: 33COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0010C00C Relevance: 6.0, APIs: 4, Instructions: 31COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00082218 Relevance: 6.0, APIs: 4, Instructions: 23COMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D8C5A Relevance: 6.0, APIs: 4, Instructions: 23threadCOMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000C2187 Relevance: 6.0, APIs: 4, Instructions: 20COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000C219B Relevance: 6.0, APIs: 4, Instructions: 19COMMON
Download Yara Rule
| APIs |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000EB217 Relevance: 5.5, APIs: 2, Strings: 1, Instructions: 201shareCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00092AB7 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 144sleepCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F2882 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 97networkCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E2D91 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 88windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00106943 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 72windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00106B8F Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 64windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000E2E9E Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 63windowCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F24CA Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 62networkCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000F80A0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 55networkCOMMON
Download Yara Rule
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D92E7 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 52windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D91DF Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 50windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D9264 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 49windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000D81BC Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 22windowCOMMON
Download Yara Rule
| APIs |
| Strings |
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|