Windows
Analysis Report
Bank Slip 2.doc
Overview
General Information
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w7x64
WINWORD.EXE (PID: 2780 cmdline:
"C:\Progra m Files\Mi crosoft Of fice\Offic e14\WINWOR D.EXE" /Au tomation - Embedding MD5: 9EE74859D22DAE61F1750B3A1BACB6F5) EQNEDT32.EXE (PID: 1804 cmdline:
"C:\Progra m Files\Co mmon Files \Microsoft Shared\EQ UATION\EQN EDT32.EXE" -Embeddin g MD5: A87236E214F6D42A65F5DEDAC816AEC8) obie8920193.exe (PID: 3152 cmdline:
"C:\Users\ user\AppDa ta\Roaming \obie89201 93.exe" MD5: DBDACF479A9DD40133701E06E6DC401C) powershell.exe (PID: 3236 cmdline:
"C:\Window s\System32 \WindowsPo werShell\v 1.0\powers hell.exe" Add-MpPref erence -Ex clusionPat h "C:\User s\user\App Data\Roami ng\obie892 0193.exe" MD5: EB32C070E658937AA9FA9F3AE629B2B8) obie8920193.exe (PID: 3244 cmdline:
"C:\Users\ user\AppDa ta\Roaming \obie89201 93.exe" MD5: DBDACF479A9DD40133701E06E6DC401C) EQNEDT32.EXE (PID: 3480 cmdline:
"C:\Progra m Files\Co mmon Files \Microsoft Shared\EQ UATION\EQN EDT32.EXE" -Embeddin g MD5: A87236E214F6D42A65F5DEDAC816AEC8)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
404 Keylogger, Snake Keylogger | Snake Keylogger (aka 404 Keylogger) is a subscription-based keylogger that has many capabilities. The infostealer can steal a victims sensitive information, log keyboard strokes, take screenshots and extract information from the system clipboard. It was initially released on a Russian hacking forum in August 2019. It is notable for its relatively unusual methods of data exfiltration, including via email, FTP, SMTP, Pastebin or the messaging app Telegram. | No Attribution |
{"Exfil Mode": "SMTP", "Username": "reservation@artefes.com", "Password": "ArtEfes4765*+", "Host": "mail.artefes.com", "Port": "587", "Version": "5.1"}
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
INDICATOR_RTF_MalVer_Objects | Detects RTF documents with non-standard version and embeding one of the object mostly observed in exploit documents. | ditekSHen |
|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
JoeSecurity_SnakeKeylogger | Yara detected Snake Keylogger | Joe Security | ||
Windows_Trojan_SnakeKeylogger_af3faa65 | unknown | unknown |
| |
MALWARE_Win_SnakeKeylogger | Detects Snake Keylogger | ditekSHen |
| |
JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
Click to see the 13 entries |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
JoeSecurity_SnakeKeylogger | Yara detected Snake Keylogger | Joe Security | ||
Windows_Trojan_SnakeKeylogger_af3faa65 | unknown | unknown |
| |
MAL_Envrial_Jan18_1 | Detects Encrial credential stealer malware | Florian Roth |
| |
INDICATOR_SUSPICIOUS_EXE_DotNetProcHook | Detects executables with potential process hoocking | ditekSHen |
| |
Click to see the 28 entries |
Exploits |
---|
Source: | Author: Joe Security: |
System Summary |
---|
Source: | Author: Max Altgelt (Nextron Systems): |
Source: | Author: Florian Roth (Nextron Systems): |
Source: | Author: Jason Lynch: |
Source: | Author: Florian Roth (Nextron Systems), Markus Neis, FPT.EagleEye Team, Vadim Khrykov, Cyb3rEng, Michael Haag, Christopher Peacock @securepeacock, @scythe_io: |
Source: | Author: Florian Roth (Nextron Systems): |
Source: | Author: Brandon George (blog post), Thomas Patzke: |
Source: | Author: frack113: |
Source: | Author: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): |
Source: | Author: Nasreddine Bencherchali (Nextron Systems): |
Source: | Author: frack113: |
Click to jump to signature section
AV Detection |
---|
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: |
Source: | Malware Configuration Extractor: |
Source: | ReversingLabs: |
Source: | Joe Sandbox ML: | ||
Source: | Joe Sandbox ML: |
Location Tracking |
---|
Source: | DNS query: |
Exploits |
---|
Source: | Network connect: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Process created: | ||
Source: | Process created: |
Source: | HTTPS traffic detected: |
Source: | File opened: | Jump to behavior |
Source: | HTTPS traffic detected: |
Software Vulnerabilities |
---|
Source: | Process created: |
Source: | Code function: | 5_2_001C230D | |
Source: | Code function: | 7_2_003C5038 | |
Source: | Code function: | 7_2_003C78C1 | |
Source: | Code function: | 7_2_003C5B18 | |
Source: | Code function: | 7_2_003C5B18 | |
Source: | Code function: | 7_2_003C7D30 | |
Source: | Code function: | 7_2_003C6740 | |
Source: | Code function: | 7_2_003C7000 | |
Source: | Code function: | 7_2_003C8072 | |
Source: | Code function: | 7_2_003C6BA0 | |
Source: | Code function: | 7_2_003C7460 | |
Source: | Code function: | 7_2_00574448 | |
Source: | Code function: | 7_2_0057AA48 | |
Source: | Code function: | 7_2_00579468 | |
Source: | Code function: | 7_2_00575A00 | |
Source: | Code function: | 7_2_00572A38 | |
Source: | Code function: | 7_2_00571028 | |
Source: | Code function: | 7_2_0057C028 | |
Source: | Code function: | 7_2_005718D8 | |
Source: | Code function: | 7_2_0057C8D8 | |
Source: | Code function: | 7_2_00574CF8 | |
Source: | Code function: | 7_2_005732E8 | |
Source: | Code function: | 7_2_005798E8 | |
Source: | Code function: | 7_2_00572E90 | |
Source: | Code function: | 7_2_00577698 | |
Source: | Code function: | 7_2_00571480 | |
Source: | Code function: | 7_2_0057C480 | |
Source: | Code function: | 7_2_005748A0 | |
Source: | Code function: | 7_2_0057AEA0 | |
Source: | Code function: | 7_2_00575150 | |
Source: | Code function: | 7_2_00573740 | |
Source: | Code function: | 7_2_00579D40 | |
Source: | Code function: | 7_2_00570778 | |
Source: | Code function: | 7_2_0057B778 | |
Source: | Code function: | 7_2_00571D30 | |
Source: | Code function: | 7_2_00570320 | |
Source: | Code function: | 7_2_0057B320 | |
Source: | Code function: | 7_2_00570BD0 | |
Source: | Code function: | 7_2_0057BBD0 | |
Source: | Code function: | 7_2_00573FF0 | |
Source: | Code function: | 7_2_0057A5F0 | |
Source: | Code function: | 7_2_005725E0 | |
Source: | Code function: | 7_2_00573B98 | |
Source: | Code function: | 7_2_0057A198 | |
Source: | Code function: | 7_2_00572188 | |
Source: | Code function: | 7_2_005779AE | |
Source: | Code function: | 7_2_005755A8 |
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Networking |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | IP Address: | ||
Source: | IP Address: | ||
Source: | IP Address: |
Source: | ASN Name: |
Source: | JA3 fingerprint: | ||
Source: | JA3 fingerprint: |
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | HTTPS traffic detected: |
Source: | File created: | Jump to behavior |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | Process Stats: |
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior |
Source: | Code function: | 5_2_001C1C58 | |
Source: | Code function: | 5_2_002605E0 | |
Source: | Code function: | 5_2_0026F0C8 | |
Source: | Code function: | 5_2_002612C9 | |
Source: | Code function: | 5_2_0026E370 | |
Source: | Code function: | 5_2_0026E7A8 | |
Source: | Code function: | 5_2_0026E798 | |
Source: | Code function: | 5_2_0026FA60 | |
Source: | Code function: | 5_2_0026FA70 | |
Source: | Code function: | 5_2_0026EC90 | |
Source: | Code function: | 7_2_003C5038 | |
Source: | Code function: | 7_2_003C3055 | |
Source: | Code function: | 7_2_003C3891 | |
Source: | Code function: | 7_2_003C78C1 | |
Source: | Code function: | 7_2_003C4130 | |
Source: | Code function: | 7_2_003C2910 | |
Source: | Code function: | 7_2_003CD1D8 | |
Source: | Code function: | 7_2_003C8A19 | |
Source: | Code function: | 7_2_003C5B18 | |
Source: | Code function: | 7_2_003C3B72 | |
Source: | Code function: | 7_2_003C2BF1 | |
Source: | Code function: | 7_2_003C844A | |
Source: | Code function: | 7_2_003C35B0 | |
Source: | Code function: | 7_2_003C3E50 | |
Source: | Code function: | 7_2_003CC750 | |
Source: | Code function: | 7_2_003C6740 | |
Source: | Code function: | 7_2_003C7000 | |
Source: | Code function: | 7_2_003C6BA0 | |
Source: | Code function: | 7_2_003C7460 | |
Source: | Code function: | 7_2_003CC740 | |
Source: | Code function: | 7_2_003CBFBA | |
Source: | Code function: | 7_2_003CBFC8 | |
Source: | Code function: | 7_2_00575E58 | |
Source: | Code function: | 7_2_0057F460 | |
Source: | Code function: | 7_2_0057EE10 | |
Source: | Code function: | 7_2_0057D4E0 | |
Source: | Code function: | 7_2_0057E178 | |
Source: | Code function: | 7_2_0057DB30 | |
Source: | Code function: | 7_2_0057E7C0 | |
Source: | Code function: | 7_2_00579459 | |
Source: | Code function: | 7_2_00574448 | |
Source: | Code function: | 7_2_0057AA48 | |
Source: | Code function: | 7_2_00571471 | |
Source: | Code function: | 7_2_00579468 | |
Source: | Code function: | 7_2_00577A10 | |
Source: | Code function: | 7_2_00571018 | |
Source: | Code function: | 7_2_00575A00 | |
Source: | Code function: | 7_2_0057443E | |
Source: | Code function: | 7_2_00572A38 | |
Source: | Code function: | 7_2_0057AA38 | |
Source: | Code function: | 7_2_00571028 | |
Source: | Code function: | 7_2_0057C028 | |
Source: | Code function: | 7_2_00572A28 | |
Source: | Code function: | 7_2_005732D9 | |
Source: | Code function: | 7_2_005718D8 | |
Source: | Code function: | 7_2_0057C8D8 | |
Source: | Code function: | 7_2_005718C9 | |
Source: | Code function: | 7_2_00576CC8 | |
Source: | Code function: | 7_2_00574CF8 | |
Source: | Code function: | 7_2_00574CEA | |
Source: | Code function: | 7_2_005732E8 | |
Source: | Code function: | 7_2_005798E8 | |
Source: | Code function: | 7_2_00572E90 | |
Source: | Code function: | 7_2_00574890 | |
Source: | Code function: | 7_2_0057AE90 | |
Source: | Code function: | 7_2_00577698 | |
Source: | Code function: | 7_2_00572E81 | |
Source: | Code function: | 7_2_00571480 | |
Source: | Code function: | 7_2_0057C480 | |
Source: | Code function: | 7_2_00576CBC | |
Source: | Code function: | 7_2_005748A0 | |
Source: | Code function: | 7_2_0057AEA0 | |
Source: | Code function: | 7_2_00575150 | |
Source: | Code function: | 7_2_00573740 | |
Source: | Code function: | 7_2_00579D40 | |
Source: | Code function: | 7_2_00575140 | |
Source: | Code function: | 7_2_00570778 | |
Source: | Code function: | 7_2_0057B778 | |
Source: | Code function: | 7_2_00572178 | |
Source: | Code function: | 7_2_0057B767 | |
Source: | Code function: | 7_2_00570768 | |
Source: | Code function: | 7_2_0057B311 | |
Source: | Code function: | 7_2_00570310 | |
Source: | Code function: | 7_2_00578708 | |
Source: | Code function: | 7_2_00573732 | |
Source: | Code function: | 7_2_00571D30 | |
Source: | Code function: | 7_2_00570320 | |
Source: | Code function: | 7_2_0057B320 | |
Source: | Code function: | 7_2_00571D20 | |
Source: | Code function: | 7_2_005725D1 | |
Source: | Code function: | 7_2_00570BD0 | |
Source: | Code function: | 7_2_0057BBD0 | |
Source: | Code function: | 7_2_00570BC2 | |
Source: | Code function: | 7_2_0057BBC1 | |
Source: | Code function: | 7_2_005759F2 | |
Source: | Code function: | 7_2_00573FF0 | |
Source: | Code function: | 7_2_0057A5F0 | |
Source: | Code function: | 7_2_0057A5E1 | |
Source: | Code function: | 7_2_005725E0 | |
Source: | Code function: | 7_2_00573FEA | |
Source: | Code function: | 7_2_00573B98 | |
Source: | Code function: | 7_2_0057A198 | |
Source: | Code function: | 7_2_00575598 | |
Source: | Code function: | 7_2_00572188 | |
Source: | Code function: | 7_2_00573B88 | |
Source: | Code function: | 7_2_0057A188 | |
Source: | Code function: | 7_2_005755A8 | |
Source: | Code function: | 7_2_00690040 | |
Source: | Code function: | 7_2_00690CD8 | |
Source: | Code function: | 7_2_00690690 | |
Source: | Code function: | 7_2_00690006 |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: |
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: | ||
Source: | Security API names: |
Source: | Suspicious method names: | ||
Source: | Suspicious method names: | ||
Source: | Suspicious method names: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Mutant created: |
Source: | File created: | Jump to behavior |
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior | ||
Source: | Console Write: | Jump to behavior |
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior |
Source: | ReversingLabs: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | LNK file: |
Source: | Window detected: |
Source: | File opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Data Obfuscation |
---|
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: |
Source: | Code function: | 2_2_005D5357 | |
Source: | Code function: | 2_2_005D8883 | |
Source: | Code function: | 2_2_005CA67F | |
Source: | Code function: | 2_2_005D667B | |
Source: | Code function: | 2_2_005D666B | |
Source: | Code function: | 2_2_005C8F61 | |
Source: | Code function: | 2_2_005D631B | |
Source: | Code function: | 2_2_005D6313 | |
Source: | Code function: | 2_2_005D4E1B | |
Source: | Code function: | 2_2_005D4E2B | |
Source: | Code function: | 2_2_005D6C27 | |
Source: | Code function: | 2_2_005D4E23 | |
Source: | Code function: | 2_2_005D66EB | |
Source: | Code function: | 2_2_005D6B2B | |
Source: | Code function: | 2_2_005CA6CF | |
Source: | Code function: | 2_2_005D6ACB | |
Source: | Code function: | 2_2_005C01F5 | |
Source: | Code function: | 2_2_005D4493 | |
Source: | Code function: | 2_2_005CC289 | |
Source: | Code function: | 2_2_005D66B3 | |
Source: | Code function: | 2_2_005D66AB |
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: | ||
Source: | High entropy of concatenated method names: |
Persistence and Installation Behavior |
---|
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior | ||
Source: | Registry value created: | Jump to behavior |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | Key value created or modified: | Jump to behavior |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior |
Source: | Process information queried: | Jump to behavior |
Source: | Code function: | 7_2_003CFCB8 |
Source: | Process token adjusted: | Jump to behavior | ||
Source: | Process token adjusted: | Jump to behavior |
Source: | Memory allocated: | Jump to behavior |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Memory written: | Jump to behavior |
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | File opened: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 33 Exploitation for Client Execution | 1 DLL Side-Loading | 1 DLL Side-Loading | 11 Disable or Modify Tools | 1 OS Credential Dumping | 1 File and Directory Discovery | Remote Services | 11 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | 1 Command and Scripting Interpreter | Boot or Logon Initialization Scripts | 111 Process Injection | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 13 System Information Discovery | Remote Desktop Protocol | 1 Data from Local System | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 3 Obfuscated Files or Information | Security Account Manager | 1 Process Discovery | SMB/Windows Admin Shares | 1 Email Collection | 2 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 Install Root Certificate | NTDS | 31 Virtualization/Sandbox Evasion | Distributed Component Object Model | Input Capture | 13 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 12 Software Packing | LSA Secrets | 1 Application Window Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 DLL Side-Loading | Cached Domain Credentials | 1 Remote System Discovery | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 1 Masquerading | DCSync | 1 System Network Configuration Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 1 Modify Registry | Proc Filesystem | System Owner/User Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | 31 Virtualization/Sandbox Evasion | /etc/passwd and /etc/shadow | Network Sniffing | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
IP Addresses | Compromise Infrastructure | Supply Chain Compromise | PowerShell | Cron | Cron | 111 Process Injection | Network Sniffing | Network Service Discovery | Shared Webroot | Local Data Staging | File Transfer Protocols | Exfiltration Over Asymmetric Encrypted Non-C2 Protocol | External Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
39% | ReversingLabs | Document-RTF.Exploit.CVE-2017-11882 |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Joe Sandbox ML | |||
100% | Joe Sandbox ML |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
ampol.top | 104.21.53.203 | true | true | unknown | |
reallyfreegeoip.org | 188.114.96.3 | true | true | unknown | |
checkip.dyndns.com | 158.101.44.242 | true | false | unknown | |
checkip.dyndns.org | unknown | unknown | true | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
true |
| unknown | |
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
193.122.6.168 | unknown | United States | 31898 | ORACLE-BMC-31898US | false | |
188.114.96.3 | reallyfreegeoip.org | European Union | 13335 | CLOUDFLARENETUS | true | |
193.122.130.0 | unknown | United States | 31898 | ORACLE-BMC-31898US | false | |
158.101.44.242 | checkip.dyndns.com | United States | 31898 | ORACLE-BMC-31898US | false | |
104.21.53.203 | ampol.top | United States | 13335 | CLOUDFLARENETUS | true |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1465556 |
Start date and time: | 2024-07-01 20:05:15 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 9m 10s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsofficecookbook.jbs |
Analysis system description: | Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2) |
Number of analysed new started processes analysed: | 13 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | Bank Slip 2.doc |
Detection: | MAL |
Classification: | mal100.troj.spyw.expl.evad.winDOC@9/14@25/5 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WerFault.exe, WMIADAP.exe, conhost.exe, svchost.exe
- Execution Graph export aborted for target EQNEDT32.EXE, PID 1804 because there are no executed function
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing behavior information.
- Report size getting too big, too many NtCreateFile calls found.
- Report size getting too big, too many NtDeviceIoControlFile calls found.
- Report size getting too big, too many NtEnumerateValueKey calls found.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Report size getting too big, too many NtReadVirtualMemory calls found.
- Report size getting too big, too many NtSetInformationFile calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: Bank Slip 2.doc
Time | Type | Description |
---|---|---|
14:06:04 | API Interceptor | |
14:06:08 | API Interceptor | |
14:06:12 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
193.122.6.168 | Get hash | malicious | Snake Keylogger | Browse |
| |
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | PureLog Stealer, Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
188.114.96.3 | Get hash | malicious | AgentTesla, PureLog Stealer | Browse |
| |
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | DCRat, PureLog Stealer, zgRAT | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | DCRat, PureLog Stealer, zgRAT | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | AgentTesla, PureLog Stealer | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
reallyfreegeoip.org | Get hash | malicious | PureLog Stealer, Snake Keylogger | Browse |
| |
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
checkip.dyndns.com | Get hash | malicious | PureLog Stealer, Snake Keylogger | Browse |
| |
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
ORACLE-BMC-31898US | Get hash | malicious | PureLog Stealer, Snake Keylogger | Browse |
| |
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
CLOUDFLARENETUS | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | Babuk, Clipboard Hijacker, Djvu | Browse |
| ||
Get hash | malicious | AgentTesla | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Phisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
ORACLE-BMC-31898US | Get hash | malicious | PureLog Stealer, Snake Keylogger | Browse |
| |
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
ORACLE-BMC-31898US | Get hash | malicious | PureLog Stealer, Snake Keylogger | Browse |
| |
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
| ||
Get hash | malicious | Snake Keylogger | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
05af1f5ca1b87cc9cc9b25185115607d | Get hash | malicious | Lokibot | Browse |
| |
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
7dcce5b76c8b17472d024758970a406b | Get hash | malicious | Lokibot | Browse |
| |
Get hash | malicious | AgentTesla, PureLog Stealer | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Remcos | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
Download File
Process: | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 64 |
Entropy (8bit): | 0.34726597513537405 |
Encrypted: | false |
SSDEEP: | 3:Nlll:Nll |
MD5: | 446DD1CF97EABA21CF14D03AEBC79F27 |
SHA1: | 36E4CC7367E0C7B40F4A8ACE272941EA46373799 |
SHA-256: | A7DE5177C68A64BD48B36D49E2853799F4EBCFA8E4761F7CC472F333DC5F65CF |
SHA-512: | A6D754709F30B122112AE30E5AB22486393C5021D33DA4D1304C061863D2E1E79E8AEB029CAE61261BB77D0E7BECD53A7B0106D6EA4368B4C302464E3D941CF7 |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\T4O403JZ\FcdBUj68lnCbMtB[1].exe ![AV hit](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAXCAYAAAARIY8tAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyFpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMTQyIDc5LjE2MDkyNCwgMjAxNy8wNy8xMy0wMTowNjozOSAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtcE1NOkRvY3VtZW50SUQ9InhtcC5kaWQ6N0I2MkE5MENFMDExMTFFN0IwMUVBNjlCREU2MTc3OTIiIHhtcE1NOkluc3RhbmNlSUQ9InhtcC5paWQ6N0I2MkE5MEJFMDExMTFFN0IwMUVBNjlCREU2MTc3OTIiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENDIChXaW5kb3dzKSI+IDx4bXBNTTpEZXJpdmVkRnJvbSBzdFJlZjppbnN0YW5jZUlEPSJ4bXAuaWlkOjUxREYxNzEwRTAxMTExRTc4NzA2RDNFQTNEMTNCRTY1IiBzdFJlZjpkb2N1bWVudElEPSJ4bXAuZGlkOjUxREYxNzExRTAxMTExRTc4NzA2RDNFQTNEMTNCRTY1Ii8+IDwvcmRmOkRlc2NyaXB0aW9uPiA8L3JkZjpSREY+IDwveDp4bXBtZXRhPiA8P3hwYWNrZXQgZW5kPSJyIj8+WYtJ4AAAArxJREFUeNqsVU2IUlEUPu89fxJnBkW30y4KElpFtRnTpSmBIuQmysiVEaSBJkHLCMbQTaQVhD+VWqDgOAhtQiKZaDG1aAaMFi4CUzDJ1Abt3JdPnvp8KnXgcO99597vO++cc8+lBoMB8IWiKBCSGx4PMZxHvbO/t3dMubJyXyKR3E7E4wdC+zlcah4BAqtwsKNeRz1Ovn3c3WVtMpmsp1QqX0plsltI9HUhAo/XewSHk0M9NRwl/D0cAd8puVzeQqIv+FdlhmG2kolEFiYPDmUflhTiZKfTWUU9gUuiLsJLbLTA/gP4R+GHWYjg57KANE2D3W4Hp9PJglM0PfhvBBhz8Pv94HA4oFgssuGiKaovRtBbxnOfzwd6vR6CwSBUq1XuuyhBbVECt9sNGxsbkM/noVQq8Ym7YgTfFgG3Wq1gNpuhVqtBNBods2GZ/hAj+DwPXKfTgcvlYufhcBja7fZkXipiBB94noDFYgGtVjsyKhQKCAQCbPzL5TKrk8JIJO/ECF6Tu0Mmh9fX4Swm8KbXCwaDgQW12Wyg0Wig3+9DJBIRriyGeTC6E0K9CPvPW5yeIetzJhMYjUbWVq/XWXAiJLGhUGgKHP+wmcvlVBwuPSPMj7lJYXsbKpW/IeXAsSVALBYTPHhIociMlfIMgufEYTIhoYjF49BqtUbGbDYLjUZjOvYM05dKpb65BMHNTXKb73FrAk5IyG/3ej3IZDKCXq2urb3Ctv19LB8i1UgC7EQ9ShYkTFuFAltFzWZzajO26y6+D5enGp/Yg4PJPo3DG1QpZ0MQeL+zM3VGo9VeeJZMvph8cGixC4WhIvV8jX+o2+1O7VOpVE/54IskmU/yEAf/LDuCF1Kp1KWZDXGRvoMkd3G4ivqbHxa1Wv0knU6bRDvuop0TSR4NL98nTOgvvBMX0fMr8879EWAAxCD3JoAqg14AAAAASUVORK5CYII=)
![malicious](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABgAAAAXCAYAAAARIY8tAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAAAyFpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMTQyIDc5LjE2MDkyNCwgMjAxNy8wNy8xMy0wMTowNjozOSAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvIiB4bWxuczp4bXBNTT0iaHR0cDovL25zLmFkb2JlLmNvbS94YXAvMS4wL21tLyIgeG1sbnM6c3RSZWY9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9zVHlwZS9SZXNvdXJjZVJlZiMiIHhtcDpDcmVhdG9yVG9vbD0iQWRvYmUgUGhvdG9zaG9wIENDIChXaW5kb3dzKSIgeG1wTU06SW5zdGFuY2VJRD0ieG1wLmlpZDo1MURGMTcxMEUwMTExMUU3ODcwNkQzRUEzRDEzQkU2NSIgeG1wTU06RG9jdW1lbnRJRD0ieG1wLmRpZDo1MURGMTcxMUUwMTExMUU3ODcwNkQzRUEzRDEzQkU2NSI+IDx4bXBNTTpEZXJpdmVkRnJvbSBzdFJlZjppbnN0YW5jZUlEPSJ4bXAuaWlkOjUxREYxNzBFRTAxMTExRTc4NzA2RDNFQTNEMTNCRTY1IiBzdFJlZjpkb2N1bWVudElEPSJ4bXAuZGlkOjUxREYxNzBGRTAxMTExRTc4NzA2RDNFQTNEMTNCRTY1Ii8+IDwvcmRmOkRlc2NyaXB0aW9uPiA8L3JkZjpSREY+IDwveDp4bXBtZXRhPiA8P3hwYWNrZXQgZW5kPSJyIj8+ndzG2gAAA2JJREFUeNq0VVtIlEEU/nZXaTc1txbLMkrFxAuolA+Z3dQgqIdE0dSy1gclezJt1VWrh9TSBzUqKCorMs1L0ENJqV0helBMxTCSykUSzby77pKX7czorr/r6mLggcPMf/453zdz5pwzIoPBgNUUMVZZRJaM0evlUTRUrRArpmpouNIqAYFLaeggdV0hgYbUm0h01kJ0zhK4o9NGwdzJEsF20tRl74B270xDltC2RiZDpEqFTa7bTbbNHh6ISEvj/8xETRhbljtBPqm90JBV8xTa4WF8a2w02b5++oSJ0VGoq2vMCezmMBYTEPNOGpTmHjIHBwz09CyKB7OtXbfOUqhOEVagpROULJVVTCS2tjiafJYrm1vJzBIi4Vg2grTct5THjl2BiM5UQz8xwb8PxsXhc339ciTBDJa0UjyXloWWVsns7XmIjqWk8H29vH0Lz2/eoLmI29g/pktIAWHLJL4yqYo+IheckQAOxMZCVV4BhYuLKU19gvfCOygILp6eszcqlyPk5AmMDQ5C095uTiAn1TECVrGmbbj6+UFVVoag8HA8K7mGvzodnN3dIRaLURgXi8baFzxEM9PTNK9F3b27iL14CbvDj+FHSwuG+/qEJL4iOoZamFqn869AameHJ7mXMdLfj/tdGlxPSsSeiEhMjIxgemoKDooNeFv2GOdpIwlUHyyUx7NzwBrnwyy1kCCHZVExaZfRohsbw920VA5uFL1Wi5E//TicmIgjyckY6u0lsBnTf934OB5dyOG1YdY6iiRf9PopChNLdJZJ3PG3RjMPTs5JxSWccJu3z2wN/OrhlVyZl4vvzc3cZpiZYc7o7+42up6hvtQiEhTaB5aqIoo1XywQB4UCUekZ/ARMXt25g+rCAowNDCwsgHnfjwyLCAwS023IpK00JNEuRHaOjvwS2WIGHpOdjdD4eNSVlqKzqQmHlErYr5fzOUsCiY0NmA+bs8OwrCTwnkXtmk5RSkMCq9SQuBPw3b8P/qFh+NnaigfqTHR3dPB1W728kHDlKtwCAtD65jXa33/Au4pyTE9Ost8PCVxp8T2Y66adxobHct/N3w8tDQ0WKykgjMjb2oQJoSX1NO5+qQdHbd4RVyA5BJ5n7cFZkLYrfNGKrD76tAM9Den/QZBh/lwy+SfAAK5qO2iUYLhmAAAAAElFTkSuQmCC)
Download File
Process: | C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 554504 |
Entropy (8bit): | 7.930758266319395 |
Encrypted: | false |
SSDEEP: | 12288:+RfMJlRPMhU1n75ZyoFXm5PpVHSyE7ZhvCgC3UGGqRyUs3PKspeuD3kR:pbRj5ZrXm57ktqRyp3PKSM |
MD5: | DBDACF479A9DD40133701E06E6DC401C |
SHA1: | 5E78767CF2498D34FC27674FF326F2A7CE5AB2A3 |
SHA-256: | A597F53ED7D5E4CC1AF67800969953F431C7C99467D75A42E3DB360D7302283C |
SHA-512: | F46D0FCE9AD0E9C4A9142E53D02AA903DC082872068DEA6597C8D22E6154F25976A309815A8EFD721B5451CEB3646976D69E664DB261BECD18F250B8FDAA89A6 |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRF{B37302F7-876E-4976-9F51-EE39DA847933}.tmp
Download File
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 16384 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:: |
MD5: | CE338FE6899778AACFC28414F2D9498B |
SHA1: | 897256B6709E1A4DA9DABA92B6BDE39CCFCCD8C1 |
SHA-256: | 4FE7B59AF6DE3B665B67788CC2F99892AB827EFAE3A467342B3BB4E3BC8E5BFE |
SHA-512: | 6EB7F16CF7AFCABE9BDEA88BDAB0469A7937EB715ADA9DFD8F428D9D38D86133945F5F2F2688DDD96062223A39B5D47F07AFC3C48D9DB1D5EE3F41C8D274DCCF |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{29430A93-7164-4349-8A64-66C896FAA64C}.tmp
Download File
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 200192 |
Entropy (8bit): | 3.4930021702808727 |
Encrypted: | false |
SSDEEP: | 6144:LyemryemryemryemryemryemryemryemryemryemryemVKK:K |
MD5: | 579E4057D3780D9D70F542FA611E7DC6 |
SHA1: | 8BF86DD3DB525335BBD308999427520ACC530552 |
SHA-256: | 4EE9F7F074D9276AB50B886AC35B39F58A8AEA03486CA5C2F5D5CB9909FCC654 |
SHA-512: | C419FF0DD5454D934F331FB5799B66DE1923093F25F6D8FB2223FD306012C8FBAB2298167100A96F1688593CD495303B24B49EDBCE420E95F21F6C4F39327A9D |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{357DB24A-0983-48BF-8598-FD9D4AAB4B4E}.tmp
Download File
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 1536 |
Entropy (8bit): | 1.3568273340340578 |
Encrypted: | false |
SSDEEP: | 3:Iiiiiiiiiif3l/Hlnl/bl//l/bllBl/PvvvvvvvvvvFl/l/lAqsalHl3lldHzlbp:IiiiiiiiiifdLloZQc8++lsJe1Mze |
MD5: | FA901E7FCD2D72CCAD762E6F4E67345A |
SHA1: | 87DA4FC64F137B5C84C440C3EA31D52646BFA830 |
SHA-256: | 26CDB44AD37C36DFA9F40D19FFE63F8D0034E0887481DECCD09449AC5CDFB1F5 |
SHA-512: | 0BE49987BF98770B3E98A297C20557B3F1D5CF0C618BB37A8070E79085884A2E9B48C3D99323509FB259989238C938BCE6B1591A8ACE068007DE25031B137313 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.Word\~WRS{57BE0F5E-0BF5-4CE6-96F3-B3AC962F851D}.tmp
Download File
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 1024 |
Entropy (8bit): | 0.05390218305374581 |
Encrypted: | false |
SSDEEP: | 3:ol3lYdn:4Wn |
MD5: | 5D4D94EE7E06BBB0AF9584119797B23A |
SHA1: | DBB111419C704F116EFA8E72471DD83E86E49677 |
SHA-256: | 4826C0D860AF884D3343CA6460B0006A7A2CE7DBCCC4D743208585D997CC5FD1 |
SHA-512: | 95F83AE84CAFCCED5EAF504546725C34D5F9710E5CA2D11761486970F2FBECCB25F9CF50BBFC272BD75E1A66A18B7783F09E1C1454AFDA519624BC2BB2F28BA4 |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
Process: | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:U:U |
MD5: | C4CA4238A0B923820DCC509A6F75849B |
SHA1: | 356A192B7913B04C54574D18C28D46E6395428AB |
SHA-256: | 6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B |
SHA-512: | 4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A |
Malicious: | false |
Preview: |
Process: | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:U:U |
MD5: | C4CA4238A0B923820DCC509A6F75849B |
SHA1: | 356A192B7913B04C54574D18C28D46E6395428AB |
SHA-256: | 6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B |
SHA-512: | 4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 1019 |
Entropy (8bit): | 4.557659213137868 |
Encrypted: | false |
SSDEEP: | 12:8NBnC80gXg/XAlCPCHaXQ5B5B/BGFX+WIoNFjuicvbIuiarDtZ3YilMMEpxRljKc:8NBnvk/XTg5LbkeyNeEuiWDv3qOk7N |
MD5: | B835129373E7F5EED717412B30BB172E |
SHA1: | 25DBF2E5E4DF7AC2E31F87FF9AC41ED7776378E5 |
SHA-256: | D8CBEF2A456739AC1E0FB2DD3441023F0049EF92AD8FEE861ACC623AF51F465B |
SHA-512: | E58614E701B01800CF32C8EB085DFCD66B630E511291F868D571C3B8ACABD366F7A08541BFAAFC85A2DA8270DA58734691B19AA5987A98063D20485EB0A1DB07 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 56 |
Entropy (8bit): | 4.651017645233257 |
Encrypted: | false |
SSDEEP: | 3:M1tFucXLUYCm4VFucXLUYCv:MwZ0Z1 |
MD5: | 5CCBE259BC7302620DEE438CE2CDE35B |
SHA1: | 158323D4D5E544D1A4D755855E4278978FEF345F |
SHA-256: | 0EA5DFD0DC5E9DA1F2139AD6B340C6703E0B02282617453CEC09A683F41CB05C |
SHA-512: | 6F9FEBB5583CEA52833B8902884E33252093952044981D33C468D8FD201F21A4B82B9B66264A4C46D02995FE7F077D3CA8AC4E38CD9A4C06B378D5F014C0BFB3 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 162 |
Entropy (8bit): | 2.4797606462020307 |
Encrypted: | false |
SSDEEP: | 3:vrJlaCkWtVyHlqlzl0pbklMWjV4lc+/dllln:vdsCkWtWYlz21kF2JV/l |
MD5: | 2CF7D3B8DED3F1D5CE1AC92F3E51D4ED |
SHA1: | 95E13378EA9CACA068B2687F01E9EF13F56627C2 |
SHA-256: | 60DF94CDE4FD9B4A73BB13775079D75CE954B75DED5A2878277FA64AD767CAB1 |
SHA-512: | 2D5797FBBE44766D93A5DE3D92911358C70D8BE60D5DF542ECEDB77D1195DC1EEF85E4CA1445595BE81550335A20AB3F11B512385FE20F75B1E269D6AB048E0A |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 2 |
Entropy (8bit): | 1.0 |
Encrypted: | false |
SSDEEP: | 3:Qn:Qn |
MD5: | F3B25701FE362EC84616A93A45CE9998 |
SHA1: | D62636D8CAEC13F04E28442A0A6FA1AFEB024BBB |
SHA-256: | B3D510EF04275CA8E698E5B3CBB0ECE3949EF9252F0CDC839E9EE347409A2209 |
SHA-512: | 98C5F56F3DE340690C139E58EB7DAC111979F0D4DFFE9C4B24FF849510F4B6FFA9FD608C0A3DE9AC3C9FD2190F0EFAF715309061490F9755A9BFDF1C54CA0D84 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 554504 |
Entropy (8bit): | 7.930758266319395 |
Encrypted: | false |
SSDEEP: | 12288:+RfMJlRPMhU1n75ZyoFXm5PpVHSyE7ZhvCgC3UGGqRyUs3PKspeuD3kR:pbRj5ZrXm57ktqRyp3PKSM |
MD5: | DBDACF479A9DD40133701E06E6DC401C |
SHA1: | 5E78767CF2498D34FC27674FF326F2A7CE5AB2A3 |
SHA-256: | A597F53ED7D5E4CC1AF67800969953F431C7C99467D75A42E3DB360D7302283C |
SHA-512: | F46D0FCE9AD0E9C4A9142E53D02AA903DC082872068DEA6597C8D22E6154F25976A309815A8EFD721B5451CEB3646976D69E664DB261BECD18F250B8FDAA89A6 |
Malicious: | true |
Antivirus: |
|
Preview: |
Process: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 162 |
Entropy (8bit): | 2.4797606462020307 |
Encrypted: | false |
SSDEEP: | 3:vrJlaCkWtVyHlqlzl0pbklMWjV4lc+/dllln:vdsCkWtWYlz21kF2JV/l |
MD5: | 2CF7D3B8DED3F1D5CE1AC92F3E51D4ED |
SHA1: | 95E13378EA9CACA068B2687F01E9EF13F56627C2 |
SHA-256: | 60DF94CDE4FD9B4A73BB13775079D75CE954B75DED5A2878277FA64AD767CAB1 |
SHA-512: | 2D5797FBBE44766D93A5DE3D92911358C70D8BE60D5DF542ECEDB77D1195DC1EEF85E4CA1445595BE81550335A20AB3F11B512385FE20F75B1E269D6AB048E0A |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 3.4400007721781107 |
TrID: |
|
File name: | Bank Slip 2.doc |
File size: | 424'988 bytes |
MD5: | ff06a87dd0550386be1f780d560f1877 |
SHA1: | 69e95738ec635520a508f7424a759261e5032cb0 |
SHA256: | 511c82313461b74fe24201d13dead6a280311d248062e09a465eb950502d1c18 |
SHA512: | 60e39f9628edbcb5118d53a2887c8f4879260d1d480a6a25960d58366fef2ca248b7115b521ff7de57c61063c1c35da0ac318fc22ad472b38b0cf34ecfd2534c |
SSDEEP: | 6144:PGuqGuqGuqGuqGuqGuqGuqGuqGuqGuqGuVhG+qMh9c:xe |
TLSH: | F094AD6DD34B02598F620377AB571E5142BDBA7EF38552B1305C533933EAC38A2252BE |
File Content Preview: | {\rtf1..{\*\RS49Nonp2wIuEGruVyV2Djh9umOqq84rr6LkQ6ZgzbrhVSD3NN5nPjvlCWJeifzQ7YTznibzmwc5GTKEPbULUKcEBSug8oNvqoN9dBIY6yWLdsZEEfcxc3BKVc5FG}..{\635001118please click Enable editing from the yellow bar above.The independent auditors. opinion says the financi |
Icon Hash: | 2764a3aaaeb7bdbf |
Id | Start | Format ID | Format | Classname | Datasize | Filename | Sourcepath | Temppath | Exploit |
---|---|---|---|---|---|---|---|---|---|
0 | 00018E8Fh | no |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 1, 2024 20:06:07.563211918 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:07.563245058 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:07.563322067 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:07.574750900 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:07.574781895 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.064400911 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.064493895 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.070502996 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.070525885 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.070756912 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.070813894 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.143913984 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.184499979 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.288528919 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.288634062 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.288652897 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.288671017 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.288685083 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.288707018 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.288712978 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.288753033 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.288768053 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.288805008 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.288819075 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.288857937 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.289149046 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.289184093 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.289290905 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.289364100 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.289613008 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.289652109 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.289664984 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.289699078 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.289812088 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.289846897 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.293333054 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.293381929 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.293391943 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.293427944 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.293433905 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.293466091 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.295106888 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.386990070 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.387167931 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.387172937 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.387203932 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.387300014 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.387336969 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.387336969 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.387346983 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.387367010 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.387383938 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.387619019 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.387658119 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.387664080 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.387692928 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.387698889 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.387729883 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.387748957 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.388125896 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.388171911 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.388299942 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.388334990 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.388340950 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.388370991 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.388595104 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.388642073 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.388648987 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.388685942 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.388691902 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.388720989 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.389091969 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.389134884 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.389141083 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.389177084 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.389183044 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.389213085 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.389667034 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.389714956 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.389720917 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.389760017 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.389765024 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.389797926 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.389802933 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.389833927 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.390256882 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.390312910 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.390317917 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.390355110 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.390356064 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.390368938 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.390391111 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.390410900 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.390950918 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.390994072 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.391000986 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.391036987 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.478580952 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.478679895 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.478743076 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.478775024 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.478789091 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.478790045 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.478809118 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.478816986 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.478852987 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.478872061 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.479468107 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.479520082 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.479522943 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.479532003 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.479556084 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.479571104 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.480468988 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.480525017 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.480531931 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.480544090 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.480576038 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.481560946 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.481610060 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.481615067 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.481626034 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.481668949 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.481681108 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.482309103 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.482356071 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.482366085 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.482374907 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.482386112 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.482403994 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.483285904 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.483334064 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.483339071 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.483346939 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.483376026 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.484343052 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.484384060 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.484401941 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.484409094 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.484431982 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.484443903 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.485290051 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.485332012 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.485342979 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.485353947 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.485366106 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.485384941 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.569355011 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.569415092 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.569431067 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.569456100 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.569469929 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.569503069 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.569793940 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.569839001 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.569842100 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.569855928 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.569885015 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.570609093 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.570663929 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.571470976 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.571530104 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.571530104 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.571538925 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.571574926 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.572352886 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.572400093 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.572417974 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.572426081 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.572442055 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.572460890 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.573242903 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.573296070 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.573299885 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.573309898 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.573342085 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.574117899 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.574172974 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.574174881 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.574183941 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.574218035 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.575079918 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.575134039 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.575140953 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.575151920 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.575172901 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.575195074 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.575995922 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.576047897 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.576057911 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.576072931 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.576090097 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.576111078 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.576641083 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.576695919 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.576704025 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.576714993 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.576733112 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.576739073 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.576751947 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.576761961 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.576773882 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.576790094 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.577616930 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.577673912 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.577680111 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.577687979 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.577714920 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.577723980 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.577734947 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.577744961 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.577774048 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.577780962 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.578536987 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.578596115 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.579766035 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.579773903 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.579808950 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.579833984 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.579849005 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.579857111 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.579873085 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.579905033 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.659945011 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.660021067 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.660151958 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.660192013 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.660192013 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.660212040 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.660216093 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.660248041 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.660429955 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.661911964 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.661952019 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.661978960 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.661987066 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.662003994 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.662018061 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.662039995 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.664011955 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.664043903 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.664068937 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.664074898 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.664088011 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.664105892 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.664130926 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.665009975 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.665049076 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.665069103 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.665074110 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.665086031 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.665103912 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.666122913 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.666161060 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.666182995 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.666204929 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.666219950 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.666239023 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.667129040 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.667166948 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.667188883 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.667201042 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.667216063 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.667234898 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.668088913 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.668124914 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.668148041 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.668160915 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.668174982 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.668184996 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.669915915 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.669953108 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.669982910 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.669995070 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.670017004 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.670038939 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.670038939 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.749944925 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.749988079 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.750123024 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.750138998 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.750176907 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.750271082 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.751250029 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.751288891 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.751316071 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.751322031 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.751337051 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.751353979 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.752716064 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.752763033 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.752772093 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.752783060 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.752794027 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.752815008 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.754462004 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.754501104 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.754524946 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.754537106 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.754547119 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.754565954 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.755373955 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.755415916 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.755435944 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.755441904 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.755459070 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.755472898 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.757116079 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.757152081 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.757177114 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.757183075 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.757200956 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.757216930 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.757859945 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.757894993 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.757917881 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.757924080 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.757940054 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.757956982 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.758857965 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.758893967 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.758922100 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.758928061 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.758939981 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.758958101 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.759903908 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.759969950 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.840922117 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.841099024 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.841131926 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.841268063 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.841784000 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.841829062 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.841854095 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.841867924 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.841881037 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.841893911 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.842426062 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.842483044 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.844449997 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.844491005 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.844515085 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.844528913 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.844540119 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.844543934 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.844558954 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.844568968 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.844583035 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.844599962 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.844604969 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.844615936 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:08.844644070 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.844661951 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.844721079 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.845051050 CEST | 49163 | 443 | 192.168.2.22 | 104.21.53.203 |
Jul 1, 2024 20:06:08.845062971 CEST | 443 | 49163 | 104.21.53.203 | 192.168.2.22 |
Jul 1, 2024 20:06:13.873768091 CEST | 49164 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:13.878686905 CEST | 80 | 49164 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:13.878748894 CEST | 49164 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:13.880681992 CEST | 49164 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:13.885461092 CEST | 80 | 49164 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:14.596788883 CEST | 80 | 49164 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:14.681226969 CEST | 49164 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:14.686264038 CEST | 80 | 49164 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:14.855660915 CEST | 80 | 49164 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:15.079313993 CEST | 80 | 49164 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:15.079417944 CEST | 49164 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:15.535375118 CEST | 49165 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:15.535418034 CEST | 443 | 49165 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:15.535469055 CEST | 49165 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:15.542301893 CEST | 49165 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:15.542318106 CEST | 443 | 49165 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:16.055082083 CEST | 443 | 49165 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:16.055145979 CEST | 49165 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:16.061781883 CEST | 49165 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:16.061803102 CEST | 443 | 49165 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:16.062031984 CEST | 443 | 49165 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:16.154687881 CEST | 49165 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:16.196506977 CEST | 443 | 49165 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:16.269197941 CEST | 443 | 49165 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:16.269282103 CEST | 443 | 49165 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:16.269325018 CEST | 49165 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:16.273058891 CEST | 49165 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:16.297147036 CEST | 49164 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:16.302172899 CEST | 80 | 49164 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:16.461544037 CEST | 80 | 49164 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:16.466016054 CEST | 49166 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:16.466063976 CEST | 443 | 49166 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:16.466114998 CEST | 49166 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:16.466583014 CEST | 49166 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:16.466600895 CEST | 443 | 49166 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:16.671710968 CEST | 49164 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:16.942408085 CEST | 443 | 49166 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:16.945674896 CEST | 49166 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:16.945694923 CEST | 443 | 49166 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:17.082071066 CEST | 443 | 49166 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:17.082164049 CEST | 443 | 49166 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:17.082331896 CEST | 49166 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:17.082876921 CEST | 49166 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:17.110625029 CEST | 49164 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:17.119811058 CEST | 80 | 49164 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:17.121220112 CEST | 49164 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:17.259850025 CEST | 49167 | 80 | 192.168.2.22 | 193.122.6.168 |
Jul 1, 2024 20:06:17.266534090 CEST | 80 | 49167 | 193.122.6.168 | 192.168.2.22 |
Jul 1, 2024 20:06:17.267429113 CEST | 49167 | 80 | 192.168.2.22 | 193.122.6.168 |
Jul 1, 2024 20:06:17.267494917 CEST | 49167 | 80 | 192.168.2.22 | 193.122.6.168 |
Jul 1, 2024 20:06:17.275788069 CEST | 80 | 49167 | 193.122.6.168 | 192.168.2.22 |
Jul 1, 2024 20:06:17.935688019 CEST | 80 | 49167 | 193.122.6.168 | 192.168.2.22 |
Jul 1, 2024 20:06:18.008891106 CEST | 49168 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:18.008941889 CEST | 443 | 49168 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:18.009006977 CEST | 49168 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:18.019491911 CEST | 49168 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:18.019506931 CEST | 443 | 49168 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:18.147530079 CEST | 80 | 49167 | 193.122.6.168 | 192.168.2.22 |
Jul 1, 2024 20:06:18.147592068 CEST | 49167 | 80 | 192.168.2.22 | 193.122.6.168 |
Jul 1, 2024 20:06:18.496911049 CEST | 443 | 49168 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:18.499934912 CEST | 49168 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:18.499963045 CEST | 443 | 49168 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:18.647788048 CEST | 443 | 49168 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:18.647866011 CEST | 443 | 49168 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:18.647916079 CEST | 49168 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:18.648660898 CEST | 49168 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:18.663167000 CEST | 49167 | 80 | 192.168.2.22 | 193.122.6.168 |
Jul 1, 2024 20:06:18.669704914 CEST | 80 | 49167 | 193.122.6.168 | 192.168.2.22 |
Jul 1, 2024 20:06:18.669768095 CEST | 49167 | 80 | 192.168.2.22 | 193.122.6.168 |
Jul 1, 2024 20:06:18.692095995 CEST | 49169 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:18.697799921 CEST | 80 | 49169 | 193.122.130.0 | 192.168.2.22 |
Jul 1, 2024 20:06:18.697880983 CEST | 49169 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:18.697963953 CEST | 49169 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:18.704257965 CEST | 80 | 49169 | 193.122.130.0 | 192.168.2.22 |
Jul 1, 2024 20:06:19.171230078 CEST | 80 | 49169 | 193.122.130.0 | 192.168.2.22 |
Jul 1, 2024 20:06:19.200259924 CEST | 49170 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:19.200311899 CEST | 443 | 49170 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:19.200362921 CEST | 49170 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:19.200817108 CEST | 49170 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:19.200833082 CEST | 443 | 49170 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:19.370568991 CEST | 49169 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:19.669378042 CEST | 443 | 49170 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:19.672338009 CEST | 49170 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:19.672362089 CEST | 443 | 49170 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:19.815336943 CEST | 443 | 49170 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:19.815418959 CEST | 443 | 49170 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:19.815762997 CEST | 49170 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:19.816167116 CEST | 49170 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:19.852691889 CEST | 49171 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:19.857667923 CEST | 80 | 49171 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:19.857837915 CEST | 49171 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:19.857837915 CEST | 49171 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:19.863063097 CEST | 80 | 49171 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:21.475548983 CEST | 80 | 49171 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:21.494718075 CEST | 49172 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:21.494752884 CEST | 443 | 49172 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:21.494820118 CEST | 49172 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:21.495157957 CEST | 49172 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:21.495171070 CEST | 443 | 49172 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:21.679397106 CEST | 49171 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:21.962382078 CEST | 443 | 49172 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:21.966178894 CEST | 49172 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:21.966198921 CEST | 443 | 49172 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:22.097337961 CEST | 443 | 49172 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:22.097443104 CEST | 443 | 49172 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:22.097599030 CEST | 49172 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:22.098500967 CEST | 49172 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:22.117233992 CEST | 49171 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:22.124691963 CEST | 80 | 49171 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:22.124756098 CEST | 49171 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:22.141630888 CEST | 49173 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:22.146589994 CEST | 80 | 49173 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:22.146671057 CEST | 49173 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:22.146749020 CEST | 49173 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:22.152816057 CEST | 80 | 49173 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:22.730767965 CEST | 80 | 49173 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:22.757034063 CEST | 49174 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:22.757071018 CEST | 443 | 49174 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:22.757139921 CEST | 49174 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:22.757574081 CEST | 49174 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:22.757586956 CEST | 443 | 49174 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:22.942930937 CEST | 49173 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:22.948739052 CEST | 80 | 49173 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:22.948790073 CEST | 49173 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:23.252070904 CEST | 443 | 49174 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:23.279973030 CEST | 49174 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:23.279999971 CEST | 443 | 49174 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:23.405853033 CEST | 443 | 49174 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:23.405946970 CEST | 443 | 49174 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:23.405996084 CEST | 49174 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:23.406924963 CEST | 49174 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:23.433624029 CEST | 49173 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:23.444365025 CEST | 80 | 49173 | 158.101.44.242 | 192.168.2.22 |
Jul 1, 2024 20:06:23.444420099 CEST | 49173 | 80 | 192.168.2.22 | 158.101.44.242 |
Jul 1, 2024 20:06:23.462347984 CEST | 49175 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:23.467181921 CEST | 80 | 49175 | 193.122.130.0 | 192.168.2.22 |
Jul 1, 2024 20:06:23.467235088 CEST | 49175 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:23.467356920 CEST | 49175 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:23.475538969 CEST | 80 | 49175 | 193.122.130.0 | 192.168.2.22 |
Jul 1, 2024 20:06:23.963009119 CEST | 80 | 49175 | 193.122.130.0 | 192.168.2.22 |
Jul 1, 2024 20:06:23.990829945 CEST | 49176 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:23.990875959 CEST | 443 | 49176 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:23.991050959 CEST | 49176 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:23.991795063 CEST | 49176 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:23.991808891 CEST | 443 | 49176 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:24.175354004 CEST | 49175 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:24.175595045 CEST | 80 | 49175 | 193.122.130.0 | 192.168.2.22 |
Jul 1, 2024 20:06:24.175776005 CEST | 49175 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:24.465935946 CEST | 443 | 49176 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:24.470196009 CEST | 49176 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:24.470205069 CEST | 443 | 49176 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:24.621733904 CEST | 443 | 49176 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:24.621850967 CEST | 443 | 49176 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:24.621937990 CEST | 49176 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:24.622740984 CEST | 49176 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:24.647885084 CEST | 49175 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:24.658638000 CEST | 80 | 49175 | 193.122.130.0 | 192.168.2.22 |
Jul 1, 2024 20:06:24.661089897 CEST | 49175 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:24.673594952 CEST | 49177 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:24.678556919 CEST | 80 | 49177 | 193.122.130.0 | 192.168.2.22 |
Jul 1, 2024 20:06:24.681226969 CEST | 49177 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:24.681402922 CEST | 49177 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:24.686417103 CEST | 80 | 49177 | 193.122.130.0 | 192.168.2.22 |
Jul 1, 2024 20:06:25.161417961 CEST | 80 | 49177 | 193.122.130.0 | 192.168.2.22 |
Jul 1, 2024 20:06:25.180502892 CEST | 49178 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:25.180551052 CEST | 443 | 49178 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:25.180607080 CEST | 49178 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:25.181060076 CEST | 49178 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:25.181072950 CEST | 443 | 49178 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:25.375566006 CEST | 80 | 49177 | 193.122.130.0 | 192.168.2.22 |
Jul 1, 2024 20:06:25.375813961 CEST | 49177 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:06:25.664083004 CEST | 443 | 49178 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:25.667366982 CEST | 49178 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:25.667407036 CEST | 443 | 49178 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:25.818545103 CEST | 443 | 49178 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:25.818624973 CEST | 443 | 49178 | 188.114.96.3 | 192.168.2.22 |
Jul 1, 2024 20:06:25.818906069 CEST | 49178 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:06:25.820630074 CEST | 49178 | 443 | 192.168.2.22 | 188.114.96.3 |
Jul 1, 2024 20:07:24.182925940 CEST | 80 | 49169 | 193.122.130.0 | 192.168.2.22 |
Jul 1, 2024 20:07:24.183049917 CEST | 49169 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:07:30.159924984 CEST | 80 | 49177 | 193.122.130.0 | 192.168.2.22 |
Jul 1, 2024 20:07:30.159982920 CEST | 49177 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:08:05.185764074 CEST | 49177 | 80 | 192.168.2.22 | 193.122.130.0 |
Jul 1, 2024 20:08:05.190711021 CEST | 80 | 49177 | 193.122.130.0 | 192.168.2.22 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 1, 2024 20:06:07.536602974 CEST | 54562 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:07.550009966 CEST | 53 | 54562 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:13.596666098 CEST | 52917 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:13.605909109 CEST | 53 | 52917 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:13.833112001 CEST | 62751 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:13.839656115 CEST | 53 | 62751 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:15.521397114 CEST | 57893 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:15.534264088 CEST | 53 | 57893 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:17.129812956 CEST | 54821 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:17.151537895 CEST | 53 | 54821 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:17.232973099 CEST | 54719 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:17.241972923 CEST | 53 | 54719 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:17.243422031 CEST | 54719 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:17.259255886 CEST | 53 | 54719 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:17.977180004 CEST | 49881 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:17.984749079 CEST | 53 | 49881 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:18.669584990 CEST | 54998 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:18.675920010 CEST | 53 | 54998 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:18.678231001 CEST | 52781 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:18.684806108 CEST | 53 | 52781 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:18.684961081 CEST | 52781 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:18.691688061 CEST | 53 | 52781 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:19.179575920 CEST | 63926 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:19.187002897 CEST | 53 | 63926 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:19.187179089 CEST | 63926 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:19.199649096 CEST | 53 | 63926 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:19.836941957 CEST | 65510 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:19.843449116 CEST | 53 | 65510 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:19.845614910 CEST | 62672 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:19.852303028 CEST | 53 | 62672 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:21.482923985 CEST | 56475 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:21.494229078 CEST | 53 | 56475 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:22.124891043 CEST | 49384 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:22.132004976 CEST | 53 | 49384 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:22.134511948 CEST | 54842 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:22.141232967 CEST | 53 | 54842 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:22.744748116 CEST | 58105 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:22.756479979 CEST | 53 | 58105 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:23.445455074 CEST | 64928 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:23.451953888 CEST | 53 | 64928 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:23.455499887 CEST | 57390 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:23.461724043 CEST | 53 | 57390 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:23.973303080 CEST | 58095 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:23.990027905 CEST | 53 | 58095 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:24.649343014 CEST | 54261 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:24.661016941 CEST | 53 | 54261 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:24.663788080 CEST | 60507 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:24.670028925 CEST | 53 | 60507 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2024 20:06:25.171133995 CEST | 50446 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2024 20:06:25.179678917 CEST | 53 | 50446 | 8.8.8.8 | 192.168.2.22 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jul 1, 2024 20:06:07.536602974 CEST | 192.168.2.22 | 8.8.8.8 | 0xa2c2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:13.596666098 CEST | 192.168.2.22 | 8.8.8.8 | 0xae9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:13.833112001 CEST | 192.168.2.22 | 8.8.8.8 | 0xc115 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:15.521397114 CEST | 192.168.2.22 | 8.8.8.8 | 0x31c9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:17.129812956 CEST | 192.168.2.22 | 8.8.8.8 | 0x23ee | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:17.232973099 CEST | 192.168.2.22 | 8.8.8.8 | 0xcf79 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:17.243422031 CEST | 192.168.2.22 | 8.8.8.8 | 0xcf79 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:17.977180004 CEST | 192.168.2.22 | 8.8.8.8 | 0x7ff8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:18.669584990 CEST | 192.168.2.22 | 8.8.8.8 | 0x87ad | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:18.678231001 CEST | 192.168.2.22 | 8.8.8.8 | 0xcdda | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:18.684961081 CEST | 192.168.2.22 | 8.8.8.8 | 0xcdda | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:19.179575920 CEST | 192.168.2.22 | 8.8.8.8 | 0x3812 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:19.187179089 CEST | 192.168.2.22 | 8.8.8.8 | 0x3812 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:19.836941957 CEST | 192.168.2.22 | 8.8.8.8 | 0xbae3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:19.845614910 CEST | 192.168.2.22 | 8.8.8.8 | 0x8a3b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:21.482923985 CEST | 192.168.2.22 | 8.8.8.8 | 0x1b9e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:22.124891043 CEST | 192.168.2.22 | 8.8.8.8 | 0xa772 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:22.134511948 CEST | 192.168.2.22 | 8.8.8.8 | 0x9f6f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:22.744748116 CEST | 192.168.2.22 | 8.8.8.8 | 0xaf1f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:23.445455074 CEST | 192.168.2.22 | 8.8.8.8 | 0x9e69 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:23.455499887 CEST | 192.168.2.22 | 8.8.8.8 | 0x2e18 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:23.973303080 CEST | 192.168.2.22 | 8.8.8.8 | 0x4f9e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:24.649343014 CEST | 192.168.2.22 | 8.8.8.8 | 0x41d8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:24.663788080 CEST | 192.168.2.22 | 8.8.8.8 | 0xb21a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 1, 2024 20:06:25.171133995 CEST | 192.168.2.22 | 8.8.8.8 | 0x7a55 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jul 1, 2024 20:06:07.550009966 CEST | 8.8.8.8 | 192.168.2.22 | 0xa2c2 | No error (0) | 104.21.53.203 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:07.550009966 CEST | 8.8.8.8 | 192.168.2.22 | 0xa2c2 | No error (0) | 172.67.218.176 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:13.605909109 CEST | 8.8.8.8 | 192.168.2.22 | 0xae9 | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:13.605909109 CEST | 8.8.8.8 | 192.168.2.22 | 0xae9 | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:13.605909109 CEST | 8.8.8.8 | 192.168.2.22 | 0xae9 | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:13.605909109 CEST | 8.8.8.8 | 192.168.2.22 | 0xae9 | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:13.605909109 CEST | 8.8.8.8 | 192.168.2.22 | 0xae9 | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:13.605909109 CEST | 8.8.8.8 | 192.168.2.22 | 0xae9 | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:13.839656115 CEST | 8.8.8.8 | 192.168.2.22 | 0xc115 | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:13.839656115 CEST | 8.8.8.8 | 192.168.2.22 | 0xc115 | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:13.839656115 CEST | 8.8.8.8 | 192.168.2.22 | 0xc115 | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:13.839656115 CEST | 8.8.8.8 | 192.168.2.22 | 0xc115 | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:13.839656115 CEST | 8.8.8.8 | 192.168.2.22 | 0xc115 | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:13.839656115 CEST | 8.8.8.8 | 192.168.2.22 | 0xc115 | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:15.534264088 CEST | 8.8.8.8 | 192.168.2.22 | 0x31c9 | No error (0) | 188.114.96.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:15.534264088 CEST | 8.8.8.8 | 192.168.2.22 | 0x31c9 | No error (0) | 188.114.97.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.151537895 CEST | 8.8.8.8 | 192.168.2.22 | 0x23ee | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.151537895 CEST | 8.8.8.8 | 192.168.2.22 | 0x23ee | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.151537895 CEST | 8.8.8.8 | 192.168.2.22 | 0x23ee | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.151537895 CEST | 8.8.8.8 | 192.168.2.22 | 0x23ee | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.151537895 CEST | 8.8.8.8 | 192.168.2.22 | 0x23ee | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.151537895 CEST | 8.8.8.8 | 192.168.2.22 | 0x23ee | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.241972923 CEST | 8.8.8.8 | 192.168.2.22 | 0xcf79 | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.241972923 CEST | 8.8.8.8 | 192.168.2.22 | 0xcf79 | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.241972923 CEST | 8.8.8.8 | 192.168.2.22 | 0xcf79 | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.241972923 CEST | 8.8.8.8 | 192.168.2.22 | 0xcf79 | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.241972923 CEST | 8.8.8.8 | 192.168.2.22 | 0xcf79 | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.241972923 CEST | 8.8.8.8 | 192.168.2.22 | 0xcf79 | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.259255886 CEST | 8.8.8.8 | 192.168.2.22 | 0xcf79 | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.259255886 CEST | 8.8.8.8 | 192.168.2.22 | 0xcf79 | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.259255886 CEST | 8.8.8.8 | 192.168.2.22 | 0xcf79 | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.259255886 CEST | 8.8.8.8 | 192.168.2.22 | 0xcf79 | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.259255886 CEST | 8.8.8.8 | 192.168.2.22 | 0xcf79 | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.259255886 CEST | 8.8.8.8 | 192.168.2.22 | 0xcf79 | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.984749079 CEST | 8.8.8.8 | 192.168.2.22 | 0x7ff8 | No error (0) | 188.114.96.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:17.984749079 CEST | 8.8.8.8 | 192.168.2.22 | 0x7ff8 | No error (0) | 188.114.97.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.675920010 CEST | 8.8.8.8 | 192.168.2.22 | 0x87ad | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.675920010 CEST | 8.8.8.8 | 192.168.2.22 | 0x87ad | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.675920010 CEST | 8.8.8.8 | 192.168.2.22 | 0x87ad | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.675920010 CEST | 8.8.8.8 | 192.168.2.22 | 0x87ad | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.675920010 CEST | 8.8.8.8 | 192.168.2.22 | 0x87ad | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.675920010 CEST | 8.8.8.8 | 192.168.2.22 | 0x87ad | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.684806108 CEST | 8.8.8.8 | 192.168.2.22 | 0xcdda | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.684806108 CEST | 8.8.8.8 | 192.168.2.22 | 0xcdda | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.684806108 CEST | 8.8.8.8 | 192.168.2.22 | 0xcdda | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.684806108 CEST | 8.8.8.8 | 192.168.2.22 | 0xcdda | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.684806108 CEST | 8.8.8.8 | 192.168.2.22 | 0xcdda | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.684806108 CEST | 8.8.8.8 | 192.168.2.22 | 0xcdda | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.691688061 CEST | 8.8.8.8 | 192.168.2.22 | 0xcdda | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.691688061 CEST | 8.8.8.8 | 192.168.2.22 | 0xcdda | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.691688061 CEST | 8.8.8.8 | 192.168.2.22 | 0xcdda | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.691688061 CEST | 8.8.8.8 | 192.168.2.22 | 0xcdda | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.691688061 CEST | 8.8.8.8 | 192.168.2.22 | 0xcdda | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:18.691688061 CEST | 8.8.8.8 | 192.168.2.22 | 0xcdda | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.187002897 CEST | 8.8.8.8 | 192.168.2.22 | 0x3812 | No error (0) | 188.114.96.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.187002897 CEST | 8.8.8.8 | 192.168.2.22 | 0x3812 | No error (0) | 188.114.97.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.199649096 CEST | 8.8.8.8 | 192.168.2.22 | 0x3812 | No error (0) | 188.114.96.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.199649096 CEST | 8.8.8.8 | 192.168.2.22 | 0x3812 | No error (0) | 188.114.97.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.843449116 CEST | 8.8.8.8 | 192.168.2.22 | 0xbae3 | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.843449116 CEST | 8.8.8.8 | 192.168.2.22 | 0xbae3 | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.843449116 CEST | 8.8.8.8 | 192.168.2.22 | 0xbae3 | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.843449116 CEST | 8.8.8.8 | 192.168.2.22 | 0xbae3 | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.843449116 CEST | 8.8.8.8 | 192.168.2.22 | 0xbae3 | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.843449116 CEST | 8.8.8.8 | 192.168.2.22 | 0xbae3 | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.852303028 CEST | 8.8.8.8 | 192.168.2.22 | 0x8a3b | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.852303028 CEST | 8.8.8.8 | 192.168.2.22 | 0x8a3b | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.852303028 CEST | 8.8.8.8 | 192.168.2.22 | 0x8a3b | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.852303028 CEST | 8.8.8.8 | 192.168.2.22 | 0x8a3b | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.852303028 CEST | 8.8.8.8 | 192.168.2.22 | 0x8a3b | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:19.852303028 CEST | 8.8.8.8 | 192.168.2.22 | 0x8a3b | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:21.494229078 CEST | 8.8.8.8 | 192.168.2.22 | 0x1b9e | No error (0) | 188.114.96.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:21.494229078 CEST | 8.8.8.8 | 192.168.2.22 | 0x1b9e | No error (0) | 188.114.97.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:22.132004976 CEST | 8.8.8.8 | 192.168.2.22 | 0xa772 | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:22.132004976 CEST | 8.8.8.8 | 192.168.2.22 | 0xa772 | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:22.132004976 CEST | 8.8.8.8 | 192.168.2.22 | 0xa772 | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:22.132004976 CEST | 8.8.8.8 | 192.168.2.22 | 0xa772 | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:22.132004976 CEST | 8.8.8.8 | 192.168.2.22 | 0xa772 | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:22.132004976 CEST | 8.8.8.8 | 192.168.2.22 | 0xa772 | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:22.141232967 CEST | 8.8.8.8 | 192.168.2.22 | 0x9f6f | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:22.141232967 CEST | 8.8.8.8 | 192.168.2.22 | 0x9f6f | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:22.141232967 CEST | 8.8.8.8 | 192.168.2.22 | 0x9f6f | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:22.141232967 CEST | 8.8.8.8 | 192.168.2.22 | 0x9f6f | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:22.141232967 CEST | 8.8.8.8 | 192.168.2.22 | 0x9f6f | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:22.141232967 CEST | 8.8.8.8 | 192.168.2.22 | 0x9f6f | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:22.756479979 CEST | 8.8.8.8 | 192.168.2.22 | 0xaf1f | No error (0) | 188.114.96.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:22.756479979 CEST | 8.8.8.8 | 192.168.2.22 | 0xaf1f | No error (0) | 188.114.97.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:23.451953888 CEST | 8.8.8.8 | 192.168.2.22 | 0x9e69 | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:23.451953888 CEST | 8.8.8.8 | 192.168.2.22 | 0x9e69 | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:23.451953888 CEST | 8.8.8.8 | 192.168.2.22 | 0x9e69 | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:23.451953888 CEST | 8.8.8.8 | 192.168.2.22 | 0x9e69 | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:23.451953888 CEST | 8.8.8.8 | 192.168.2.22 | 0x9e69 | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:23.451953888 CEST | 8.8.8.8 | 192.168.2.22 | 0x9e69 | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:23.461724043 CEST | 8.8.8.8 | 192.168.2.22 | 0x2e18 | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:23.461724043 CEST | 8.8.8.8 | 192.168.2.22 | 0x2e18 | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:23.461724043 CEST | 8.8.8.8 | 192.168.2.22 | 0x2e18 | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:23.461724043 CEST | 8.8.8.8 | 192.168.2.22 | 0x2e18 | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:23.461724043 CEST | 8.8.8.8 | 192.168.2.22 | 0x2e18 | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:23.461724043 CEST | 8.8.8.8 | 192.168.2.22 | 0x2e18 | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:23.990027905 CEST | 8.8.8.8 | 192.168.2.22 | 0x4f9e | No error (0) | 188.114.96.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:23.990027905 CEST | 8.8.8.8 | 192.168.2.22 | 0x4f9e | No error (0) | 188.114.97.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:24.661016941 CEST | 8.8.8.8 | 192.168.2.22 | 0x41d8 | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:24.661016941 CEST | 8.8.8.8 | 192.168.2.22 | 0x41d8 | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:24.661016941 CEST | 8.8.8.8 | 192.168.2.22 | 0x41d8 | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:24.661016941 CEST | 8.8.8.8 | 192.168.2.22 | 0x41d8 | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:24.661016941 CEST | 8.8.8.8 | 192.168.2.22 | 0x41d8 | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:24.661016941 CEST | 8.8.8.8 | 192.168.2.22 | 0x41d8 | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:24.670028925 CEST | 8.8.8.8 | 192.168.2.22 | 0xb21a | No error (0) | checkip.dyndns.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:24.670028925 CEST | 8.8.8.8 | 192.168.2.22 | 0xb21a | No error (0) | 132.226.8.169 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:24.670028925 CEST | 8.8.8.8 | 192.168.2.22 | 0xb21a | No error (0) | 193.122.130.0 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:24.670028925 CEST | 8.8.8.8 | 192.168.2.22 | 0xb21a | No error (0) | 158.101.44.242 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:24.670028925 CEST | 8.8.8.8 | 192.168.2.22 | 0xb21a | No error (0) | 132.226.247.73 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:24.670028925 CEST | 8.8.8.8 | 192.168.2.22 | 0xb21a | No error (0) | 193.122.6.168 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:25.179678917 CEST | 8.8.8.8 | 192.168.2.22 | 0x7a55 | No error (0) | 188.114.96.3 | A (IP address) | IN (0x0001) | false | ||
Jul 1, 2024 20:06:25.179678917 CEST | 8.8.8.8 | 192.168.2.22 | 0x7a55 | No error (0) | 188.114.97.3 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.22 | 49164 | 158.101.44.242 | 80 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 1, 2024 20:06:13.880681992 CEST | 151 | OUT | |
Jul 1, 2024 20:06:14.596788883 CEST | 320 | IN | |
Jul 1, 2024 20:06:14.681226969 CEST | 127 | OUT | |
Jul 1, 2024 20:06:14.855660915 CEST | 320 | IN | |
Jul 1, 2024 20:06:15.079313993 CEST | 320 | IN | |
Jul 1, 2024 20:06:16.297147036 CEST | 127 | OUT | |
Jul 1, 2024 20:06:16.461544037 CEST | 320 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.22 | 49167 | 193.122.6.168 | 80 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 1, 2024 20:06:17.267494917 CEST | 127 | OUT | |
Jul 1, 2024 20:06:17.935688019 CEST | 320 | IN | |
Jul 1, 2024 20:06:18.147530079 CEST | 320 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.22 | 49169 | 193.122.130.0 | 80 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 1, 2024 20:06:18.697963953 CEST | 127 | OUT | |
Jul 1, 2024 20:06:19.171230078 CEST | 320 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.22 | 49171 | 158.101.44.242 | 80 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 1, 2024 20:06:19.857837915 CEST | 151 | OUT | |
Jul 1, 2024 20:06:21.475548983 CEST | 320 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.22 | 49173 | 158.101.44.242 | 80 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 1, 2024 20:06:22.146749020 CEST | 151 | OUT | |
Jul 1, 2024 20:06:22.730767965 CEST | 320 | IN | |
Jul 1, 2024 20:06:22.948739052 CEST | 320 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.22 | 49175 | 193.122.130.0 | 80 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 1, 2024 20:06:23.467356920 CEST | 151 | OUT | |
Jul 1, 2024 20:06:23.963009119 CEST | 320 | IN | |
Jul 1, 2024 20:06:24.175595045 CEST | 320 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.22 | 49177 | 193.122.130.0 | 80 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Jul 1, 2024 20:06:24.681402922 CEST | 151 | OUT | |
Jul 1, 2024 20:06:25.161417961 CEST | 320 | IN | |
Jul 1, 2024 20:06:25.375566006 CEST | 320 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.22 | 49163 | 104.21.53.203 | 443 | 1804 | C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-01 18:06:08 UTC | 315 | OUT | |
2024-07-01 18:06:08 UTC | 739 | IN | |
2024-07-01 18:06:08 UTC | 630 | IN | |
2024-07-01 18:06:08 UTC | 1369 | IN | |
2024-07-01 18:06:08 UTC | 1369 | IN | |
2024-07-01 18:06:08 UTC | 1369 | IN | |
2024-07-01 18:06:08 UTC | 1369 | IN | |
2024-07-01 18:06:08 UTC | 1369 | IN | |
2024-07-01 18:06:08 UTC | 1369 | IN | |
2024-07-01 18:06:08 UTC | 1369 | IN | |
2024-07-01 18:06:08 UTC | 1369 | IN | |
2024-07-01 18:06:08 UTC | 1369 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.22 | 49165 | 188.114.96.3 | 443 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-01 18:06:16 UTC | 84 | OUT | |
2024-07-01 18:06:16 UTC | 710 | IN | |
2024-07-01 18:06:16 UTC | 340 | IN | |
2024-07-01 18:06:16 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.22 | 49166 | 188.114.96.3 | 443 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-01 18:06:16 UTC | 60 | OUT | |
2024-07-01 18:06:17 UTC | 714 | IN | |
2024-07-01 18:06:17 UTC | 340 | IN | |
2024-07-01 18:06:17 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.22 | 49168 | 188.114.96.3 | 443 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-01 18:06:18 UTC | 60 | OUT | |
2024-07-01 18:06:18 UTC | 704 | IN | |
2024-07-01 18:06:18 UTC | 340 | IN | |
2024-07-01 18:06:18 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.22 | 49170 | 188.114.96.3 | 443 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-01 18:06:19 UTC | 84 | OUT | |
2024-07-01 18:06:19 UTC | 708 | IN | |
2024-07-01 18:06:19 UTC | 340 | IN | |
2024-07-01 18:06:19 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.22 | 49172 | 188.114.96.3 | 443 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-01 18:06:21 UTC | 84 | OUT | |
2024-07-01 18:06:22 UTC | 714 | IN | |
2024-07-01 18:06:22 UTC | 340 | IN | |
2024-07-01 18:06:22 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.22 | 49174 | 188.114.96.3 | 443 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-01 18:06:23 UTC | 60 | OUT | |
2024-07-01 18:06:23 UTC | 712 | IN | |
2024-07-01 18:06:23 UTC | 340 | IN | |
2024-07-01 18:06:23 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.22 | 49176 | 188.114.96.3 | 443 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-01 18:06:24 UTC | 84 | OUT | |
2024-07-01 18:06:24 UTC | 706 | IN | |
2024-07-01 18:06:24 UTC | 340 | IN | |
2024-07-01 18:06:24 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.22 | 49178 | 188.114.96.3 | 443 | 3244 | C:\Users\user\AppData\Roaming\obie8920193.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-01 18:06:25 UTC | 60 | OUT | |
2024-07-01 18:06:25 UTC | 710 | IN | |
2024-07-01 18:06:25 UTC | 340 | IN | |
2024-07-01 18:06:25 UTC | 5 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 14:06:03 |
Start date: | 01/07/2024 |
Path: | C:\Program Files\Microsoft Office\Office14\WINWORD.EXE |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x13f7e0000 |
File size: | 1'423'704 bytes |
MD5 hash: | 9EE74859D22DAE61F1750B3A1BACB6F5 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |
Target ID: | 2 |
Start time: | 14:06:04 |
Start date: | 01/07/2024 |
Path: | C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 543'304 bytes |
MD5 hash: | A87236E214F6D42A65F5DEDAC816AEC8 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 5 |
Start time: | 14:06:08 |
Start date: | 01/07/2024 |
Path: | C:\Users\user\AppData\Roaming\obie8920193.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x290000 |
File size: | 554'504 bytes |
MD5 hash: | DBDACF479A9DD40133701E06E6DC401C |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Antivirus matches: |
|
Reputation: | low |
Has exited: | true |
Target ID: | 6 |
Start time: | 14:06:11 |
Start date: | 01/07/2024 |
Path: | C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x90000 |
File size: | 427'008 bytes |
MD5 hash: | EB32C070E658937AA9FA9F3AE629B2B8 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 7 |
Start time: | 14:06:11 |
Start date: | 01/07/2024 |
Path: | C:\Users\user\AppData\Roaming\obie8920193.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x290000 |
File size: | 554'504 bytes |
MD5 hash: | DBDACF479A9DD40133701E06E6DC401C |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | low |
Has exited: | false |
Target ID: | 9 |
Start time: | 14:06:26 |
Start date: | 01/07/2024 |
Path: | C:\Program Files\Common Files\Microsoft Shared\EQUATION\EQNEDT32.EXE |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 543'304 bytes |
MD5 hash: | A87236E214F6D42A65F5DEDAC816AEC8 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |
Execution Graph
Execution Coverage: | 16.9% |
Dynamic/Decrypted Code Coverage: | 100% |
Signature Coverage: | 4.8% |
Total number of Nodes: | 105 |
Total number of Limit Nodes: | 5 |
Graph
Function 002605E0 Relevance: 43.2, Strings: 33, Instructions: 1984COMMON
Control-flow Graph
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 002612C9 Relevance: 43.2, Strings: 33, Instructions: 1973COMMON
Control-flow Graph
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 001C1C58 Relevance: .2, Instructions: 198COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 001C02C8 Relevance: 1.6, APIs: 1, Instructions: 108COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 001C0040 Relevance: 1.6, APIs: 1, Instructions: 103memoryCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0026FEA0 Relevance: 1.6, APIs: 1, Instructions: 99threadCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0026FEA8 Relevance: 1.6, APIs: 1, Instructions: 96threadCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0026F978 Relevance: 1.6, APIs: 1, Instructions: 77threadCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0026F980 Relevance: 1.6, APIs: 1, Instructions: 75threadCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0012D1D4 Relevance: .1, Instructions: 72COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0012D01C Relevance: .1, Instructions: 72COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0012D006 Relevance: .1, Instructions: 63COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0012D1CF Relevance: .1, Instructions: 53COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0026E370 Relevance: 1.6, Strings: 1, Instructions: 312COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0026EC90 Relevance: 1.6, Strings: 1, Instructions: 312COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0026E798 Relevance: 1.4, Strings: 1, Instructions: 130COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0026F0C8 Relevance: .3, Instructions: 312COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0026E7A8 Relevance: .3, Instructions: 312COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0026FA70 Relevance: .3, Instructions: 312COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0026FA60 Relevance: .2, Instructions: 160COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 001C230D Relevance: .0, Instructions: 29COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Execution Graph
Execution Coverage: | 13% |
Dynamic/Decrypted Code Coverage: | 100% |
Signature Coverage: | 28.6% |
Total number of Nodes: | 14 |
Total number of Limit Nodes: | 0 |
Graph
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00575E58 Relevance: .7, Instructions: 745COMMON
Control-flow Graph
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0057F460 Relevance: .2, Instructions: 219COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0057EE10 Relevance: .2, Instructions: 219COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0057E7C0 Relevance: .2, Instructions: 219COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0057D4E0 Relevance: .2, Instructions: 219COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00690040 Relevance: .2, Instructions: 219COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00690CD8 Relevance: .2, Instructions: 219COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0057E178 Relevance: .2, Instructions: 218COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0057DB30 Relevance: .2, Instructions: 218COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00690690 Relevance: .2, Instructions: 218COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00690006 Relevance: .1, Instructions: 122COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 003CFE53 Relevance: 1.6, APIs: 1, Instructions: 122COMMON
Control-flow Graph
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0057CF30 Relevance: .1, Instructions: 111COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 001FD044 Relevance: .1, Instructions: 72COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 001FD03F Relevance: .1, Instructions: 53COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 001FD006 Relevance: .0, Instructions: 49COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00576CC8 Relevance: 11.7, Strings: 9, Instructions: 461COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00576CBC Relevance: 11.6, Strings: 9, Instructions: 366COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|