Windows
Analysis Report
file.exe
Overview
General Information
Detection
Score: | 76 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of debugger detection
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected non-DNS traffic on DNS port
Detected potential crypto function
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Installs a raw input device (often for capturing keystrokes)
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Sample file is different than original file name gathered from version info
Sleep loop found (likely to delay execution)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Classification
- System is w10x64
file.exe (PID: 4460 cmdline:
"C:\Users\ user\Deskt op\file.ex e" MD5: 86738DD73219B83320BA19AF11C97E11) chrome.exe (PID: 3320 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" http s://www.yo utube.com/ account MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) chrome.exe (PID: 7316 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2192 --fi eld-trial- handle=197 2,i,164227 3389004571 5603,89183 2110343625 0044,26214 4 /prefetc h:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) chrome.exe (PID: 7452 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= audio.mojo m.AudioSer vice --lan g=en-US -- service-sa ndbox-type =audio --m ojo-platfo rm-channel -handle=53 48 --field -trial-han dle=1972,i ,164227338 9004571560 3,89183211 0343625004 4,262144 / prefetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) chrome.exe (PID: 7500 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= video_capt ure.mojom. VideoCaptu reService --lang=en- US --servi ce-sandbox -type=none --mojo-pl atform-cha nnel-handl e=5336 --f ield-trial -handle=19 72,i,16422 7338900457 15603,8918 3211034362 50044,2621 44 /prefet ch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Snort rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Avira: |
Source: | ReversingLabs: |
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_0102698F | |
Source: | Code function: | 0_2_010268EE | |
Source: | Code function: | 0_2_0101D076 | |
Source: | Code function: | 0_2_0101D3A9 | |
Source: | Code function: | 0_2_0102979D | |
Source: | Code function: | 0_2_01029642 | |
Source: | Code function: | 0_2_01029B2B | |
Source: | Code function: | 0_2_0101DBBE | |
Source: | Code function: | 0_2_01025C97 |
Source: | TCP traffic: |
Source: | IP Address: |
Source: | JA3 fingerprint: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | Code function: | 0_2_0102CF1A |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_0102EAFF |
Source: | Code function: | 0_2_0102ED6A |
Source: | Code function: | 0_2_0102EAFF |
Source: | Code function: | 0_2_0101AB9C |
Source: | Binary or memory string: | memstr_72fc316d-d |
Source: | Code function: | 0_2_01049576 |
System Summary |
---|
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | memstr_4e0174f7-5 | |
Source: | String found in binary or memory: | memstr_f1a7683e-f | |
Source: | String found in binary or memory: | memstr_41f31c69-a | |
Source: | String found in binary or memory: | memstr_c2549626-d |
Source: | Code function: | 0_2_0101D5EB |
Source: | Code function: | 0_2_01011201 |
Source: | Code function: | 0_2_0101E8F6 |
Source: | Code function: | 0_2_00FB8060 | |
Source: | Code function: | 0_2_01022046 | |
Source: | Code function: | 0_2_01018298 | |
Source: | Code function: | 0_2_00FEE4FF | |
Source: | Code function: | 0_2_00FE676B | |
Source: | Code function: | 0_2_01044873 | |
Source: | Code function: | 0_2_00FBCAF0 | |
Source: | Code function: | 0_2_00FDCAA0 | |
Source: | Code function: | 0_2_00FCCC39 | |
Source: | Code function: | 0_2_00FE6DD9 | |
Source: | Code function: | 0_2_00FB91C0 | |
Source: | Code function: | 0_2_00FCB119 | |
Source: | Code function: | 0_2_00FD1394 | |
Source: | Code function: | 0_2_00FD1706 | |
Source: | Code function: | 0_2_00FD781B | |
Source: | Code function: | 0_2_00FD19B0 | |
Source: | Code function: | 0_2_00FC997D | |
Source: | Code function: | 0_2_00FB7920 | |
Source: | Code function: | 0_2_00FD7A4A | |
Source: | Code function: | 0_2_00FD7CA7 | |
Source: | Code function: | 0_2_00FD1C77 | |
Source: | Code function: | 0_2_00FE9EEE | |
Source: | Code function: | 0_2_0103BE44 | |
Source: | Code function: | 0_2_00FD1F32 |
Source: | Code function: | ||
Source: | Code function: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_010237B5 |
Source: | Code function: | 0_2_010110BF | |
Source: | Code function: | 0_2_010116C3 |
Source: | Code function: | 0_2_010251CD |
Source: | Code function: | 0_2_0103A67C |
Source: | Code function: | 0_2_0102648E |
Source: | Code function: | 0_2_00FB42A2 |
Source: | File created: | Jump to behavior |
Source: | Static PE information: |
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | ReversingLabs: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Window detected: |
Source: | Static file information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_00FB42DE |
Source: | Code function: | 0_2_00FD0A89 |
Source: | Code function: | 0_2_00FCF98E | |
Source: | Code function: | 0_2_01041C41 |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Sandbox detection routine: | graph_0-94856 |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | API coverage: |
Source: | Thread sleep count: | Jump to behavior |
Source: | Code function: | 0_2_0102698F | |
Source: | Code function: | 0_2_010268EE | |
Source: | Code function: | 0_2_0101D076 | |
Source: | Code function: | 0_2_0101D3A9 | |
Source: | Code function: | 0_2_0102979D | |
Source: | Code function: | 0_2_01029642 | |
Source: | Code function: | 0_2_01029B2B | |
Source: | Code function: | 0_2_0101DBBE | |
Source: | Code function: | 0_2_01025C97 |
Source: | Code function: | 0_2_00FB42DE |
Source: | Binary or memory string: |
Anti Debugging |
---|
Source: | Debugger detection routine: | graph_0-95354 |
Source: | Code function: | 0_2_0102EAA2 |
Source: | Code function: | 0_2_00FE2622 |
Source: | Code function: | 0_2_00FB42DE |
Source: | Code function: | 0_2_00FD4CE8 |
Source: | Code function: | 0_2_01010B62 |
Source: | Code function: | 0_2_00FE2622 | |
Source: | Code function: | 0_2_00FD083F | |
Source: | Code function: | 0_2_00FD09D5 | |
Source: | Code function: | 0_2_00FD0C21 |
Source: | Code function: | 0_2_01011201 |
Source: | Code function: | 0_2_00FF2BA5 |
Source: | Code function: | 0_2_0101B226 |
Source: | Code function: | 0_2_0101E355 |
Source: | Process created: | Jump to behavior |
Source: | Code function: | 0_2_01010B62 |
Source: | Code function: | 0_2_01011663 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00FD0698 |
Source: | Code function: | 0_2_01028195 |
Source: | Code function: | 0_2_0100D27A |
Source: | Code function: | 0_2_00FEBB6F |
Source: | Code function: | 0_2_00FB42DE |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_01031204 | |
Source: | Code function: | 0_2_01031806 |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 2 Valid Accounts | 1 Native API | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 1 Disable or Modify Tools | 31 Input Capture | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 2 Valid Accounts | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 31 Input Capture | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 2 Valid Accounts | 2 Obfuscated Files or Information | Security Account Manager | 2 File and Directory Discovery | SMB/Windows Admin Shares | 3 Clipboard Data | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 21 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 15 System Information Discovery | Distributed Component Object Model | Input Capture | 4 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 12 Process Injection | 1 Masquerading | LSA Secrets | 221 Security Software Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 2 Valid Accounts | Cached Domain Credentials | 21 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 21 Virtualization/Sandbox Evasion | DCSync | 2 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 21 Access Token Manipulation | Proc Filesystem | 11 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | 12 Process Injection | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
42% | ReversingLabs | Win32.Trojan.AutoitInject | ||
100% | Avira | TR/AutoIt.zstul | ||
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
youtube-ui.l.google.com | 172.217.16.142 | true | false | unknown | |
www3.l.google.com | 142.250.184.238 | true | false | unknown | |
play.google.com | 142.250.185.206 | true | false | unknown | |
www.google.com | 142.250.185.164 | true | false | unknown | |
accounts.youtube.com | unknown | unknown | false | unknown | |
www.youtube.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown | |
false |
| unknown | |
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.186.46 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.185.206 | play.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.185.164 | www.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.184.238 | www3.l.google.com | United States | 15169 | GOOGLEUS | false | |
172.217.16.142 | youtube-ui.l.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.4 |
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1467851 |
Start date and time: | 2024-07-04 22:19:04 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 58s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 10 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | file.exe |
Detection: | MAL |
Classification: | mal76.evad.winEXE@33/32@10/8 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.186.131, 64.233.166.84, 216.58.206.46, 34.104.35.123, 142.250.181.227, 142.250.186.67, 142.250.185.138, 142.250.186.106, 172.217.16.138, 216.58.206.42, 142.250.185.74, 142.250.181.234, 142.250.185.202, 142.250.186.138, 142.250.186.42, 142.250.184.234, 142.250.184.202, 142.250.185.234, 172.217.16.202, 142.250.186.170, 142.250.185.170, 172.217.18.10, 142.250.186.74, 216.58.212.170, 172.217.18.106, 142.250.185.106, 216.58.206.74, 199.232.214.172, 192.229.221.95, 172.217.18.99, 74.125.71.84, 142.250.185.110
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, optimizationguide-pa.googleapis.com
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: file.exe
⊘No simulations
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | HTMLPhisher | Browse | ||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Amadey, Mars Stealer, Stealc, Vidar | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse |
⊘No context
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Amadey, Mars Stealer, Stealc, Vidar | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Quasar | Browse |
| ||
Get hash | malicious | Quasar | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Download Service\Files\9a540d1b-7348-4c8a-95a6-63efbd690371 (copy)
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 5079 |
Entropy (8bit): | 7.883725314168873 |
Encrypted: | false |
SSDEEP: | 96:m3Rj1FQw9b3TTMDcQGkLWts3J6kS7EE9rwcDDaH9DRenBalWmpWTgINmJoQJtz7p:cfxTTMoALWt8J9crwcPaHp8nBalWvTgX |
MD5: | A5F386FD0946F745852138225CE67BF7 |
SHA1: | E338C9CFDD7DFF42BF0BB0D74562ED1ECA106F52 |
SHA-256: | B0802D8AD3ECE9FED12A5F09662A914030A68B960D789DDBA75C103534043E33 |
SHA-512: | 82BCEBF810237AA6011E0F3EBC6FE449CAB1BE699D542CEF60AA967E98433FEDB254DB64457CD76676A87766B652AFFE3B81B6D4C2DCDCDDEC832CD5693A17DA |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 5079 |
Entropy (8bit): | 7.883725314168873 |
Encrypted: | false |
SSDEEP: | 96:m3Rj1FQw9b3TTMDcQGkLWts3J6kS7EE9rwcDDaH9DRenBalWmpWTgINmJoQJtz7p:cfxTTMoALWt8J9crwcPaHp8nBalWvTgX |
MD5: | A5F386FD0946F745852138225CE67BF7 |
SHA1: | E338C9CFDD7DFF42BF0BB0D74562ED1ECA106F52 |
SHA-256: | B0802D8AD3ECE9FED12A5F09662A914030A68B960D789DDBA75C103534043E33 |
SHA-512: | 82BCEBF810237AA6011E0F3EBC6FE449CAB1BE699D542CEF60AA967E98433FEDB254DB64457CD76676A87766B652AFFE3B81B6D4C2DCDCDDEC832CD5693A17DA |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1600 |
Entropy (8bit): | 5.234706685474562 |
Encrypted: | false |
SSDEEP: | 48:o79bWW+d1xb0KeRV8YtQy0aqdHgxbaQ77DfTBpbrw:oAB6KOVddbqSnLzw |
MD5: | 777F1FD23230384A286E78C5ACD6AC33 |
SHA1: | CC33BAC75FDD7CE9AD535CBCEAD5C91D974DF975 |
SHA-256: | 277C957E852CD541B5D6D50B9A1CC3E6E6120DC704B529AADDA0171367557D98 |
SHA-512: | F785634C17C38826894B2D0D4363C26110418A9160AB36ACDFF2E6B76A2E07D32DD1BDA3D2D0F4D9BE3254DB834EB808FEA392A95B224AB5B94B429E69EBD1F0 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ZU1EFvXsC20.es5.O/ck=boq-identity.AccountsSignInUi.DDD9SPcAL2k.L.B1.O/am=HmAYCJ1zFADxnHPgA5QCIQMAAAAAAAAAgJYBMgM/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,F6sNGb,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,bm51tf,byfTOb,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,lRrMHd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,r1n9ec,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEfiLuEnjxYrdf-rk4qPrRacOxopQ/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:F6sNGb;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;UpnZUd:nnwwYc;XdiAjb:NLiXbe;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=w9hDv,VwDzFe,A7fCU" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1481 |
Entropy (8bit): | 5.316577802144649 |
Encrypted: | false |
SSDEEP: | 24:kMYD7xmEu0IvxqcNzoYcurO/qb99nyobhzWuNA+CkadpUGbX7MNa4VGbwCSF57M8:o7xmR0I5kc7b91xbf0dpUGbYNa4VGbwl |
MD5: | FC2DC9D5B7292B603D399F3E3046665B |
SHA1: | 92D25D672FDDD209D97ED306541CE686B6FD51CE |
SHA-256: | 614049A345B7E332826D74B79163DF74EDDE93CA1A661EE468352D4E5F94574C |
SHA-512: | 7348DBAF2A5A1FC87E3017B9E504EF22A3EBA65EC6FD255DD127DB78384B56B80A101BE9101F5BADBA4717FBE460C6A8DBE07DBA5F918413BE36EF0D88716C50 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ZU1EFvXsC20.es5.O/ck=boq-identity.AccountsSignInUi.DDD9SPcAL2k.L.B1.O/am=HmAYCJ1zFADxnHPgA5QCIQMAAAAAAAAAgJYBMgM/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,F6sNGb,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,lRrMHd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,r1n9ec,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEfiLuEnjxYrdf-rk4qPrRacOxopQ/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:F6sNGb;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;UpnZUd:nnwwYc;XdiAjb:NLiXbe;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=bm51tf" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5430 |
Entropy (8bit): | 3.6534652184263736 |
Encrypted: | false |
SSDEEP: | 48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B |
MD5: | F3418A443E7D841097C714D69EC4BCB8 |
SHA1: | 49263695F6B0CDD72F45CF1B775E660FDC36C606 |
SHA-256: | 6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770 |
SHA-512: | 82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563 |
Malicious: | false |
Reputation: | high, very likely benign file |
URL: | https://www.google.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3477 |
Entropy (8bit): | 5.499342889552936 |
Encrypted: | false |
SSDEEP: | 96:oIByrBKfKVHcikUJFtlPMETAKv78pUCCjIw:INKS/vP3hv7mUbZ |
MD5: | E18219F32F2747C14548BCFEE58B13CD |
SHA1: | 85307A7D3376A623245EB21D245B8BC4FA481908 |
SHA-256: | 6479CFCD0C8840DD31DA0C55F596BDA37C28074517B5F063F5A5830EC27D0280 |
SHA-512: | EFE83897B3C1EE154EA3C14B3FFB4C242C065303F3F5A3DFA3E6E26C154B44509FE8E580D2402553CCDFABACEDD3F000FAC9171E861BBF22E6D56C5A6355CF47 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ZU1EFvXsC20.es5.O/ck=boq-identity.AccountsSignInUi.DDD9SPcAL2k.L.B1.O/am=HmAYCJ1zFADxnHPgA5QCIQMAAAAAAAAAgJYBMgM/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,F6sNGb,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,VwDzFe,YHI3We,YTxL4,YgOFye,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,bm51tf,byfTOb,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,lRrMHd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,r1n9ec,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vvMGie,w9hDv,wg1P6b,ws9Tlc,xBaz7b,xQtZb,xiZRqc,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEfiLuEnjxYrdf-rk4qPrRacOxopQ/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:F6sNGb;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;UpnZUd:nnwwYc;XdiAjb:NLiXbe;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 30637 |
Entropy (8bit): | 5.379716376439597 |
Encrypted: | false |
SSDEEP: | 768:ciVQqn5YPB1v2C82vd9BvjT4spXo6PVS+B3BWvJB6VSiV:cYYn2CzBvjT4GHPD00V |
MD5: | 1522EC1FD2855DE971E2341EA0A137BB |
SHA1: | 2E7564BBD084594968A105D2EBA5053A69F51F48 |
SHA-256: | B942FFA89D4E8337AE16D76A6D571DC0652D28D179D5B1BE9456D6967431FAEA |
SHA-512: | 5D35B151BE7A2D0D46E326A058622DF12FAE12687F0BC78C3E89CC1F65BC9043FEBE513FFAEF812BCEAB340F27EB16642545AE7AED4FAB1C820F9A76E2CC8619 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ZU1EFvXsC20.es5.O/ck=boq-identity.AccountsSignInUi.DDD9SPcAL2k.L.B1.O/am=HmAYCJ1zFADxnHPgA5QCIQMAAAAAAAAAgJYBMgM/d=1/exm=_b,_tp/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEfiLuEnjxYrdf-rk4qPrRacOxopQ/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:F6sNGb;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;UpnZUd:nnwwYc;XdiAjb:NLiXbe;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52280 |
Entropy (8bit): | 7.995413196679271 |
Encrypted: | true |
SSDEEP: | 1536:1rvqtK8DZilXxwJ8mMwAZy7phqsFLdG3B4d:xytBZits8bw4wzbFxG3B4d |
MD5: | F61F0D4D0F968D5BBA39A84C76277E1A |
SHA1: | AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2 |
SHA-256: | 57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC |
SHA-512: | 6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487 |
Malicious: | false |
URL: | https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 233234 |
Entropy (8bit): | 5.461099651008011 |
Encrypted: | false |
SSDEEP: | 3072:WSX0CBd2Buj8T4HvzoHfKxTadov0roCsu29d4XB:WA0CBd2BhT4EHS8rYEXB |
MD5: | E7BF0144402B0EEFC94CCABCC21AA844 |
SHA1: | A2F60F7DBEC6AD86213569F6378416F9D30BFDD2 |
SHA-256: | 0E5B31C3E9572181BA1E2636C6F00D35C8B4CD175926AD98290A3C7DD326CD9B |
SHA-512: | 1BA90D5B5CB8573FA7A9FC77C1FBC3E48F7D20F47C5839226E2432B1B054A25C00F5549245DFC5C5666EA0456E5DFE25D0D5829D9B84B61E0FD1164DFC60A026 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ZU1EFvXsC20.es5.O/am=HmAYCJ1zFADxnHPgA5QCIQMAAAAAAAAAgJYBMgM/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlH54BG8v8nODFaRpPlVprlo7CMoqA/m=_b,_tp" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4140 |
Entropy (8bit): | 5.371702264924607 |
Encrypted: | false |
SSDEEP: | 96:GPWUbFMvF/ygbQgs8qUoaCyPj8LvUe8tOFw:SWIF1R8qUVCywzzgt |
MD5: | 7DD911B1022E2F37811F8AAEEB74862E |
SHA1: | 36F79706B7E839CFF0DE16EE9CC7B026EE5019A2 |
SHA-256: | DD48C9475C9D2B02ED29382E9DD32791D671004BB217DB0B0F6750DA3011CD66 |
SHA-512: | 03996AD04C65D47A9C364C63AEBCB3F58F41CCCE4DAD70840316853BEF2967A38797744FE62BFFF418B799EC71476DC6B49CFE3053F2B9BEBE62CF5A30EA7847 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ZU1EFvXsC20.es5.O/ck=boq-identity.AccountsSignInUi.DDD9SPcAL2k.L.B1.O/am=HmAYCJ1zFADxnHPgA5QCIQMAAAAAAAAAgJYBMgM/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,F6sNGb,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,VwDzFe,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,bm51tf,byfTOb,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,lRrMHd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,r1n9ec,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEfiLuEnjxYrdf-rk4qPrRacOxopQ/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:F6sNGb;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;UpnZUd:nnwwYc;XdiAjb:NLiXbe;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=sOXFj,q0xTif,ZZ4WUe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 7624 |
Entropy (8bit): | 5.356859202879639 |
Encrypted: | false |
SSDEEP: | 192:mnwTgK8AwrKbbW8UFBlkU+/IrlQFsq1o98fYlp2PDYGym4nV9U:9ZwrKbaV/38xW8jn |
MD5: | 23ED78C00699D0EF97404A3901525DD3 |
SHA1: | 09125039F07B8B3DE33761BFEBB4E0754AEA6738 |
SHA-256: | B21A2E0BD7B733D42DB2FBC676E0710D00CF95491967ED46C8A204605DBFDA29 |
SHA-512: | 22AE4F4142F19399EE8C5ACF4EED70F9D91C41E3BB138522F340684CBA2C4E1FFF5233950DC9328861F79970ACABE2F5A28B396392AA72AD1A92429D61425D67 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ZU1EFvXsC20.es5.O/ck=boq-identity.AccountsSignInUi.DDD9SPcAL2k.L.B1.O/am=HmAYCJ1zFADxnHPgA5QCIQMAAAAAAAAAgJYBMgM/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,F6sNGb,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,VwDzFe,YHI3We,YTxL4,YgOFye,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,bm51tf,byfTOb,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,lRrMHd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,r1n9ec,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEfiLuEnjxYrdf-rk4qPrRacOxopQ/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:F6sNGb;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;UpnZUd:nnwwYc;XdiAjb:NLiXbe;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=wg1P6b" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1884 |
Entropy (8bit): | 5.280363294341128 |
Encrypted: | false |
SSDEEP: | 48:o74b7AJ0qbL3AUFQp9/j7kOXTf43Z/rm7ZbZrw:oKFSLrFw/3FXjaeZbVw |
MD5: | 6759666E5C2624986C2FBE9208D39C80 |
SHA1: | 4732C0CE332CEED1414CD2A6D4BEBEFD06A59115 |
SHA-256: | C0F98E792B9160E018D61998788E81396C68FB14E058C168E538A9AD6167533F |
SHA-512: | BCF00B74425A487A6F378FDEBAE1591E1FF6EF50B065850182ADDF239FFDBBA1882E96EF54775AB490CC4F4342337AA9E01286F85424856836082B33866FA26D |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ZU1EFvXsC20.es5.O/ck=boq-identity.AccountsSignInUi.DDD9SPcAL2k.L.B1.O/am=HmAYCJ1zFADxnHPgA5QCIQMAAAAAAAAAgJYBMgM/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,F6sNGb,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,VwDzFe,YHI3We,YTxL4,YgOFye,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,bm51tf,byfTOb,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,lRrMHd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,r1n9ec,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEfiLuEnjxYrdf-rk4qPrRacOxopQ/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:F6sNGb;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;UpnZUd:nnwwYc;XdiAjb:NLiXbe;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=iAskyc,ziXSP" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 19418 |
Entropy (8bit): | 5.379195390856238 |
Encrypted: | false |
SSDEEP: | 384:gJEePjmMfOH3Qm45RAGSeIMPW2NYZvnXYv3HAEfqwuhU3p9uj9QtJg:oROXQm456AYZvoPhfVIUSj9QtJg |
MD5: | 9CE9445F24BFC74018956880D606553C |
SHA1: | ECF89E11E2091ACB1AF6735C9AF94AB19984F602 |
SHA-256: | 797EF136123058C1D54A0AE365896D4E56FB3D84E83D60EF840D16BBAD8AC6BB |
SHA-512: | 7B25B6EB9B03A2118AE112AE00E774CBD9928DF69F49DA762D88255F30533CD3E6F576C82F0220FC393FA5E08544188ED210135CE17FB03B76505BF03F48A9BE |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ZU1EFvXsC20.es5.O/ck=boq-identity.AccountsSignInUi.DDD9SPcAL2k.L.B1.O/am=HmAYCJ1zFADxnHPgA5QCIQMAAAAAAAAAgJYBMgM/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,F6sNGb,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,lRrMHd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,r1n9ec,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEfiLuEnjxYrdf-rk4qPrRacOxopQ/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:F6sNGb;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;UpnZUd:nnwwYc;XdiAjb:NLiXbe;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 96558 |
Entropy (8bit): | 5.542959034430961 |
Encrypted: | false |
SSDEEP: | 1536:h5K9QgDoJZFMZZMR3Du4JnSyg/FyO7D4yQFPA0tEFHvnAwDyHK:K9rYFjDu4Jnzg/AO7hWPA0tE9vGHK |
MD5: | E020446EC64C78D8127C8E4D0C8D08DB |
SHA1: | 6447A74183CD590FAB25C008E60F838D09BF12E1 |
SHA-256: | 32779135C0EC086DA69B2DC597A8620CAEE8E104E079B5A02D98A8676712577E |
SHA-512: | 08348FAF64E033574D45446D75B8DFA01EE111C0FEE508ECE2E685C7C4986B833594279BD681E5DA2A02C5FB27DF039DF7E9751BB63A115AF4D3BB0688EA7659 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ZU1EFvXsC20.es5.O/ck=boq-identity.AccountsSignInUi.DDD9SPcAL2k.L.B1.O/am=HmAYCJ1zFADxnHPgA5QCIQMAAAAAAAAAgJYBMgM/d=1/exm=AvtSve,CMcBD,EFQ78c,EN3i8d,F6sNGb,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PrPYRd,Rkm0ef,SCuOPb,STuCOe,SpsfSb,UUJqVe,Uas9Hd,YHI3We,YTxL4,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,byfTOb,eVCnO,gJzDyc,hc6Ubd,inNHtf,lRrMHd,lsjVmc,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,qmdT9,r1n9ec,rCcCxc,siKnQd,t2srLd,tUnxGc,vHEMJe,vfuNJf,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEfiLuEnjxYrdf-rk4qPrRacOxopQ/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:F6sNGb;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;UpnZUd:nnwwYc;XdiAjb:NLiXbe;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,qPfo0c,yRXbo,bTi8wc,ywOR5c,PHUIyb" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3143 |
Entropy (8bit): | 5.37079395351489 |
Encrypted: | false |
SSDEEP: | 48:o7gbuQLkZHPLbrzOw3KP757NQ8jsKyYqb6f4np/EkGuf/x06IZ2rw:orQGXJaT57OMNwp/kufJRgqw |
MD5: | DB38B407EAF251C03254DA070DF97E29 |
SHA1: | 440A9FE061A55A3C2E20FC8D5421CB89B691C4D5 |
SHA-256: | 7071B6E12C5D15142A9D5EF16103678A3038B6D8FFDCDCE248C9E26B9D4D0E81 |
SHA-512: | B99B5DDA32BACF2C79CB23FFD9EC624AD678243C6DBEC19409C298C09486E8F38F31AD658A23BC9D5E249E7D906BA66C303EA3B84F63FD6B053CF588B718F377 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ZU1EFvXsC20.es5.O/ck=boq-identity.AccountsSignInUi.DDD9SPcAL2k.L.B1.O/am=HmAYCJ1zFADxnHPgA5QCIQMAAAAAAAAAgJYBMgM/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EN3i8d,F6sNGb,Fndnac,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,lRrMHd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,r1n9ec,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEfiLuEnjxYrdf-rk4qPrRacOxopQ/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:F6sNGb;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;UpnZUd:nnwwYc;XdiAjb:NLiXbe;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZwDk9d,RMhBfe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 44 |
Entropy (8bit): | 4.453416561671607 |
Encrypted: | false |
SSDEEP: | 3:8VKJmQcwVbF7KnZ:BJmjwVbF7KZ |
MD5: | 491DC96011445194971CFAE6A7A0B191 |
SHA1: | 74BD675A8CBC8AF507C0EB5509727EA3F9B85060 |
SHA-256: | C3BA6FCBB38A83C87009DEE4BAB93A9B3274553128D77E5B2C04077ECD35C1D3 |
SHA-512: | 38356EF67B6B704F2129828299E516B04B29EA1EEB25CF356E22E3AFEC7A875E2187F70E9E7CF0467DEFA14F11D802ACF00D69B2B13EFEA025942E21383AC35E |
Malicious: | false |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioBw==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 836241 |
Entropy (8bit): | 5.751370782507753 |
Encrypted: | false |
SSDEEP: | 6144:PLTYSPd+lWTqKZF8hmDrIMmqu3+jgX0BWj4+X+bW1wp8S+lo:PLTYSF+lWTASNjGXLC9 |
MD5: | 775F8A77AAE74DB7478D5EDADF67460A |
SHA1: | 740A72415AC75C2F1E08654386BC7B1B5E21BC5C |
SHA-256: | 01917BB57EA57B80D14AD3FACD6560106AA6935A26077C0AD13BF460751D8A65 |
SHA-512: | E8FFE4E59CC021EB2DC32B7050922BA61EC75A17C40245F399AE4064BBCD2029DA014E5D33D44F8447120DA2727ACC55DB6838A75563F6E7C276462907F92679 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.ZU1EFvXsC20.es5.O/ck=boq-identity.AccountsSignInUi.DDD9SPcAL2k.L.B1.O/am=HmAYCJ1zFADxnHPgA5QCIQMAAAAAAAAAgJYBMgM/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlEfiLuEnjxYrdf-rk4qPrRacOxopQ/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:F6sNGb;EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;UpnZUd:nnwwYc;XdiAjb:NLiXbe;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,STuCOe,njlZCf,m9oV,NTMZac,mzzZzc,rCcCxc,vvMGie,K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc,NOeYWe,O6y8ed,L9OGUe,PrPYRd,MpJwZc,hc6Ubd,Rkm0ef,KUM7Z,oLggrd,inNHtf,L1AAkb,lwddkf,gJzDyc,SpsfSb,aC1iue,tUnxGc,aW3pY,ZakeSe,EFQ78c,xQtZb,I6YDgd,zbML3c,zr1jrb,vHEMJe,YHI3We,YTxL4,bSspM,Uas9Hd,zy0vNb,K0PMbc,AvtSve,qmdT9,lRrMHd,xBaz7b,F6sNGb,eVCnO,r1n9ec,LDQI" |
Preview: |
File type: | |
Entropy (8bit): | 7.035566206169367 |
TrID: |
|
File name: | file.exe |
File size: | 1'166'336 bytes |
MD5: | 86738dd73219b83320ba19af11c97e11 |
SHA1: | a18ae0b3abf1aabece29993b227eef15f8e055e1 |
SHA256: | 6e517782e2e25b874ddf2861144e814309235517cf517890efff1a183c014b21 |
SHA512: | 45150d8ddc155c52fde993b308d79bd5fb57c835339de9bee7e98a7a035a79ac947d8ecab8bbd2873b4ba75b3a6a5956769a234c929c183b7fdf1284ce08e3ae |
SSDEEP: | 24576:1qDEvCTbMWu7rQYlBQcBiT6rprG8auA2+b+HdiJUX:1TvC/MTQYxsWR7auA2+b+HoJU |
TLSH: | DC45BF027391C062FF9B92734F5AF6115BBC69260123E61F13981DBABE701B1563E7A3 |
File Content Preview: | MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z.... |
Icon Hash: | aaf3e3e3938382a0 |
Entrypoint: | 0x420577 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x6686FFF0 [Thu Jul 4 20:02:56 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | 948cc502fe9226992dce9417f952fce3 |
Instruction |
---|
call 00007F14C8DE69B3h |
jmp 00007F14C8DE62BFh |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007F14C8DE649Dh |
mov dword ptr [esi], 0049FDF0h |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FDF8h |
mov dword ptr [ecx], 0049FDF0h |
ret |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007F14C8DE646Ah |
mov dword ptr [esi], 0049FE0Ch |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FE14h |
mov dword ptr [ecx], 0049FE0Ch |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
and dword ptr [eax], 00000000h |
and dword ptr [eax+04h], 00000000h |
push eax |
mov eax, dword ptr [ebp+08h] |
add eax, 04h |
push eax |
call 00007F14C8DE905Dh |
pop ecx |
pop ecx |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
lea eax, dword ptr [ecx+04h] |
mov dword ptr [ecx], 0049FDD0h |
push eax |
call 00007F14C8DE90A8h |
pop ecx |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
push eax |
call 00007F14C8DE9091h |
test byte ptr [ebp+08h], 00000001h |
pop ecx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xc8e64 | 0x17c | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd4000 | 0x4617c | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x11b000 | 0x7594 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xb0ff0 | 0x1c | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0xc3400 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xb1010 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x9c000 | 0x894 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x9ab1d | 0x9ac00 | 0a1473f3064dcbc32ef93c5c8a90f3a6 | False | 0.565500681542811 | data | 6.668273581389308 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x9c000 | 0x2fb82 | 0x2fc00 | c9cf2468b60bf4f80f136ed54b3989fb | False | 0.35289185209424084 | data | 5.691811547483722 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xcc000 | 0x706c | 0x4800 | 53b9025d545d65e23295e30afdbd16d9 | False | 0.04356553819444445 | DOS executable (block device driver @\273\) | 0.5846666986982398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0xd4000 | 0x4617c | 0x46200 | 910b017b132d2151dab95bc6165504b0 | False | 0.9065877061051694 | data | 7.844101244228603 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0x11b000 | 0x7594 | 0x7600 | c68ee8931a32d45eb82dc450ee40efc3 | False | 0.7628111758474576 | data | 6.7972128181359786 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0xd45a8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
RT_ICON | 0xd46d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
RT_ICON | 0xd47f8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.3885135135135135 |
RT_ICON | 0xd4920 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 0 | English | Great Britain | 0.3333333333333333 |
RT_ICON | 0xd4c08 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 0 | English | Great Britain | 0.5 |
RT_ICON | 0xd4d30 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | English | Great Britain | 0.2835820895522388 |
RT_ICON | 0xd5bd8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | Great Britain | 0.37906137184115524 |
RT_ICON | 0xd6480 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | English | Great Britain | 0.23699421965317918 |
RT_ICON | 0xd69e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | English | Great Britain | 0.13858921161825727 |
RT_ICON | 0xd8f90 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | English | Great Britain | 0.25070356472795496 |
RT_ICON | 0xda038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | Great Britain | 0.3173758865248227 |
RT_MENU | 0xda4a0 | 0x50 | data | English | Great Britain | 0.9 |
RT_STRING | 0xda4f0 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
RT_STRING | 0xdaa84 | 0x68a | data | English | Great Britain | 0.2735961768219833 |
RT_STRING | 0xdb110 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
RT_STRING | 0xdb5a0 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
RT_STRING | 0xdbb9c | 0x65c | data | English | Great Britain | 0.34336609336609336 |
RT_STRING | 0xdc1f8 | 0x466 | data | English | Great Britain | 0.3605683836589698 |
RT_STRING | 0xdc660 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
RT_RCDATA | 0xdc7b8 | 0x3d444 | data | 1.0003427004797807 | ||
RT_GROUP_ICON | 0x119bfc | 0x76 | data | English | Great Britain | 0.6610169491525424 |
RT_GROUP_ICON | 0x119c74 | 0x14 | data | English | Great Britain | 1.25 |
RT_GROUP_ICON | 0x119c88 | 0x14 | data | English | Great Britain | 1.15 |
RT_GROUP_ICON | 0x119c9c | 0x14 | data | English | Great Britain | 1.25 |
RT_VERSION | 0x119cb0 | 0xdc | data | English | Great Britain | 0.6181818181818182 |
RT_MANIFEST | 0x119d8c | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
DLL | Import |
---|---|
WSOCK32.dll | gethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect |
VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
MPR.dll | WNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W |
WININET.dll | HttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable |
PSAPI.DLL | GetProcessMemoryInfo |
IPHLPAPI.DLL | IcmpSendEcho, IcmpCloseHandle, IcmpCreateFile |
USERENV.dll | DestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile |
UxTheme.dll | IsThemeActive |
KERNEL32.dll | DuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW |
USER32.dll | GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient |
GDI32.dll | EndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath |
COMDLG32.dll | GetSaveFileNameW, GetOpenFileNameW |
ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW |
SHELL32.dll | DragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW |
ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket |
OLEAUT32.dll | CreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | Great Britain |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 4, 2024 22:19:50.393897057 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 4, 2024 22:19:54.986323118 CEST | 49732 | 443 | 192.168.2.4 | 172.217.16.142 |
Jul 4, 2024 22:19:54.986329079 CEST | 443 | 49732 | 172.217.16.142 | 192.168.2.4 |
Jul 4, 2024 22:19:54.986390114 CEST | 49732 | 443 | 192.168.2.4 | 172.217.16.142 |
Jul 4, 2024 22:19:54.991180897 CEST | 49732 | 443 | 192.168.2.4 | 172.217.16.142 |
Jul 4, 2024 22:19:54.991190910 CEST | 443 | 49732 | 172.217.16.142 | 192.168.2.4 |
Jul 4, 2024 22:19:55.649049997 CEST | 443 | 49732 | 172.217.16.142 | 192.168.2.4 |
Jul 4, 2024 22:19:55.649252892 CEST | 49732 | 443 | 192.168.2.4 | 172.217.16.142 |
Jul 4, 2024 22:19:55.649281979 CEST | 443 | 49732 | 172.217.16.142 | 192.168.2.4 |
Jul 4, 2024 22:19:55.649691105 CEST | 443 | 49732 | 172.217.16.142 | 192.168.2.4 |
Jul 4, 2024 22:19:55.649746895 CEST | 49732 | 443 | 192.168.2.4 | 172.217.16.142 |
Jul 4, 2024 22:19:55.650414944 CEST | 443 | 49732 | 172.217.16.142 | 192.168.2.4 |
Jul 4, 2024 22:19:55.650463104 CEST | 49732 | 443 | 192.168.2.4 | 172.217.16.142 |
Jul 4, 2024 22:19:55.651895046 CEST | 49732 | 443 | 192.168.2.4 | 172.217.16.142 |
Jul 4, 2024 22:19:55.651962996 CEST | 443 | 49732 | 172.217.16.142 | 192.168.2.4 |
Jul 4, 2024 22:19:55.652025938 CEST | 49732 | 443 | 192.168.2.4 | 172.217.16.142 |
Jul 4, 2024 22:19:55.652034998 CEST | 443 | 49732 | 172.217.16.142 | 192.168.2.4 |
Jul 4, 2024 22:19:55.692559004 CEST | 49732 | 443 | 192.168.2.4 | 172.217.16.142 |
Jul 4, 2024 22:19:55.969230890 CEST | 443 | 49732 | 172.217.16.142 | 192.168.2.4 |
Jul 4, 2024 22:19:55.969249010 CEST | 443 | 49732 | 172.217.16.142 | 192.168.2.4 |
Jul 4, 2024 22:19:55.969295979 CEST | 49732 | 443 | 192.168.2.4 | 172.217.16.142 |
Jul 4, 2024 22:19:55.969309092 CEST | 443 | 49732 | 172.217.16.142 | 192.168.2.4 |
Jul 4, 2024 22:19:55.969351053 CEST | 443 | 49732 | 172.217.16.142 | 192.168.2.4 |
Jul 4, 2024 22:19:55.969392061 CEST | 49732 | 443 | 192.168.2.4 | 172.217.16.142 |
Jul 4, 2024 22:19:55.972660065 CEST | 49732 | 443 | 192.168.2.4 | 172.217.16.142 |
Jul 4, 2024 22:19:55.972665071 CEST | 443 | 49732 | 172.217.16.142 | 192.168.2.4 |
Jul 4, 2024 22:19:59.391885996 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:19:59.391935110 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:19:59.392004013 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:19:59.392290115 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:19:59.392306089 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:19:59.996157885 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Jul 4, 2024 22:20:00.064505100 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:00.065212011 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:00.065223932 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:00.066239119 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:00.066306114 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:00.067249060 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:00.067306042 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:00.110758066 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:00.110789061 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:00.110994101 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:00.112955093 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:00.112967968 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:00.120867014 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:00.120874882 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:00.173435926 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:00.768338919 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:00.768425941 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:00.771887064 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:00.771897078 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:00.772139072 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:00.807058096 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:00.852514029 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:01.042798996 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:01.042859077 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:01.042903900 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:01.042927980 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:01.042934895 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:01.042946100 CEST | 49747 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:01.042951107 CEST | 443 | 49747 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:01.098205090 CEST | 49748 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:01.098247051 CEST | 443 | 49748 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:01.098326921 CEST | 49748 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:01.098704100 CEST | 49748 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:01.098722935 CEST | 443 | 49748 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:01.755397081 CEST | 443 | 49748 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:01.755501032 CEST | 49748 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:01.761673927 CEST | 49748 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:01.761683941 CEST | 443 | 49748 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:01.761934996 CEST | 443 | 49748 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:01.763036966 CEST | 49748 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:01.804500103 CEST | 443 | 49748 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:02.035481930 CEST | 443 | 49748 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:02.035563946 CEST | 443 | 49748 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:02.036076069 CEST | 49748 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:02.041318893 CEST | 49748 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:02.041332006 CEST | 443 | 49748 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:02.041348934 CEST | 49748 | 443 | 192.168.2.4 | 184.28.90.27 |
Jul 4, 2024 22:20:02.041356087 CEST | 443 | 49748 | 184.28.90.27 | 192.168.2.4 |
Jul 4, 2024 22:20:02.866408110 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:02.866441011 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:02.866503000 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:02.866739988 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:02.866753101 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.542907000 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.543133974 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.543147087 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.543571949 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.543625116 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.544295073 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.544354916 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.549899101 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.549979925 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.550079107 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.550093889 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.595163107 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.875410080 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.875482082 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.875536919 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.875658989 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.875658989 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.875678062 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.882083893 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.882143974 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.882152081 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.888617039 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.888665915 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.888669014 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.888683081 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.888717890 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.894083977 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.894157887 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.897089958 CEST | 49759 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:03.897114992 CEST | 443 | 49759 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:03.897185087 CEST | 49759 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:03.897393942 CEST | 49759 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:03.897408009 CEST | 443 | 49759 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:03.901657104 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.901699066 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.901727915 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.901736021 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.901776075 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.951622009 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:03.951668024 CEST | 443 | 49761 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:03.951723099 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:03.952178955 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:03.952192068 CEST | 443 | 49761 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:03.968771935 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.968825102 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.968859911 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.968950987 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.968950987 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.968965054 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.970520973 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.970558882 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.970582008 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.970591068 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.970632076 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.977461100 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.977525949 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.983969927 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.984038115 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.984069109 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.990413904 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:03.990478992 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:03.990490913 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:04.008049965 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:04.008101940 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:04.008116961 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:04.008229017 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:04.008264065 CEST | 443 | 49756 | 142.250.184.238 | 192.168.2.4 |
Jul 4, 2024 22:20:04.008312941 CEST | 49756 | 443 | 192.168.2.4 | 142.250.184.238 |
Jul 4, 2024 22:20:04.570384979 CEST | 443 | 49759 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.570810080 CEST | 49759 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.570826054 CEST | 443 | 49759 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.571212053 CEST | 443 | 49759 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.571278095 CEST | 49759 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.571938038 CEST | 443 | 49759 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.571990967 CEST | 49759 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.572875977 CEST | 49759 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.572941065 CEST | 443 | 49759 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.573153019 CEST | 49759 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.573162079 CEST | 443 | 49759 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.605710030 CEST | 443 | 49761 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.605879068 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.605900049 CEST | 443 | 49761 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.606250048 CEST | 443 | 49761 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.606307030 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.606946945 CEST | 443 | 49761 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.607002020 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.607114077 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.607167006 CEST | 443 | 49761 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.607326984 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.607333899 CEST | 443 | 49761 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.614178896 CEST | 49759 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.660314083 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.854171038 CEST | 443 | 49759 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.854235888 CEST | 443 | 49759 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.854288101 CEST | 49759 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.854656935 CEST | 49759 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.854674101 CEST | 443 | 49759 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.854685068 CEST | 49759 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.854716063 CEST | 49759 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.855498075 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.855525970 CEST | 443 | 49763 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.855581045 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.855897903 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.855910063 CEST | 443 | 49763 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.892966986 CEST | 443 | 49761 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.893273115 CEST | 443 | 49761 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.893326044 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.893537998 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.893537998 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.893548012 CEST | 443 | 49761 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.893594027 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.894151926 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.894164085 CEST | 443 | 49766 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:04.894223928 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.894501925 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:04.894512892 CEST | 443 | 49766 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.531024933 CEST | 443 | 49763 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.531385899 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.531404018 CEST | 443 | 49763 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.531748056 CEST | 443 | 49763 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.531819105 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.532438993 CEST | 443 | 49763 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.532490015 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.532638073 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.532699108 CEST | 443 | 49763 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.532815933 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.532824039 CEST | 443 | 49763 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.532840014 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.576502085 CEST | 443 | 49763 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.576670885 CEST | 443 | 49766 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.576845884 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.576859951 CEST | 443 | 49766 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.577197075 CEST | 443 | 49766 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.577260971 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.577863932 CEST | 443 | 49766 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.577913046 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.578015089 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.578088045 CEST | 443 | 49766 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.578109026 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.578139067 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.578146935 CEST | 443 | 49766 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.580848932 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.627774000 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.734129906 CEST | 443 | 49763 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.734253883 CEST | 443 | 49763 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.734308004 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.734765053 CEST | 49763 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.734791040 CEST | 443 | 49763 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.788521051 CEST | 443 | 49766 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.788642883 CEST | 443 | 49766 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.788696051 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.789244890 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:05.789273977 CEST | 443 | 49766 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:05.825962067 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:05.868501902 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:06.100179911 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:06.100219011 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:06.100248098 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:06.100261927 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:06.100274086 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:06.100302935 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:06.100310087 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:06.100316048 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:06.100363016 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:06.100661039 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:06.100696087 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:06.100738049 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:06.101591110 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:06.101603031 CEST | 443 | 49742 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:06.101610899 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:06.101650000 CEST | 49742 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:11.848891973 CEST | 49772 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:11.848936081 CEST | 443 | 49772 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:11.849092960 CEST | 49772 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:11.849400997 CEST | 49772 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:11.849415064 CEST | 443 | 49772 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:13.229490042 CEST | 443 | 49772 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:13.229777098 CEST | 49772 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:13.229789019 CEST | 443 | 49772 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:13.230144024 CEST | 443 | 49772 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:13.230504990 CEST | 49772 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:13.230581999 CEST | 443 | 49772 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:13.230834961 CEST | 49772 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:13.230906963 CEST | 49772 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:13.230912924 CEST | 443 | 49772 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:13.258526087 CEST | 49773 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:13.258552074 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:13.258624077 CEST | 49773 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:13.364394903 CEST | 49773 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:13.364422083 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:13.528228045 CEST | 443 | 49772 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:13.528383017 CEST | 443 | 49772 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:13.528433084 CEST | 49772 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:13.530939102 CEST | 49772 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:13.530960083 CEST | 443 | 49772 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:14.079432964 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:14.079528093 CEST | 49773 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:14.083117008 CEST | 49773 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:14.083131075 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:14.083338976 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:14.135381937 CEST | 49773 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:14.226357937 CEST | 56319 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 22:20:14.233231068 CEST | 53 | 56319 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:20:14.233336926 CEST | 56319 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 22:20:14.239993095 CEST | 53 | 56319 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:20:14.705776930 CEST | 56319 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 22:20:14.711319923 CEST | 53 | 56319 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:20:14.711385012 CEST | 56319 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 22:20:15.227412939 CEST | 49773 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:15.272501945 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:15.462306976 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:15.462328911 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:15.462337017 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:15.462354898 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:15.462366104 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:15.462378979 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:15.462385893 CEST | 49773 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:15.462393999 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:15.462419033 CEST | 49773 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:15.462444067 CEST | 49773 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:15.463192940 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:15.463251114 CEST | 49773 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:15.463260889 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:15.463366985 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:15.464754105 CEST | 49773 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:15.970909119 CEST | 49773 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:15.970935106 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:15.970946074 CEST | 49773 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:15.970952034 CEST | 443 | 49773 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:17.202742100 CEST | 49723 | 80 | 192.168.2.4 | 93.184.221.240 |
Jul 4, 2024 22:20:17.220805883 CEST | 80 | 49723 | 93.184.221.240 | 192.168.2.4 |
Jul 4, 2024 22:20:17.220865011 CEST | 49723 | 80 | 192.168.2.4 | 93.184.221.240 |
Jul 4, 2024 22:20:33.954714060 CEST | 56326 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:33.954760075 CEST | 443 | 56326 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:33.954854965 CEST | 56326 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:33.955502987 CEST | 56326 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:33.955514908 CEST | 443 | 56326 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.336666107 CEST | 56327 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.336699009 CEST | 443 | 56327 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.336798906 CEST | 56327 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.337136984 CEST | 56327 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.337156057 CEST | 443 | 56327 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.630686998 CEST | 443 | 56326 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.631151915 CEST | 56326 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.631184101 CEST | 443 | 56326 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.631490946 CEST | 443 | 56326 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.631788969 CEST | 56326 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.631843090 CEST | 443 | 56326 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.631963015 CEST | 56326 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.631997108 CEST | 56326 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.632003069 CEST | 443 | 56326 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.896037102 CEST | 56328 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.896066904 CEST | 443 | 56328 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.896147013 CEST | 56328 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.896498919 CEST | 56328 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.896516085 CEST | 443 | 56328 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.932666063 CEST | 443 | 56326 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.932806969 CEST | 443 | 56326 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.932873964 CEST | 56326 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.933161974 CEST | 56326 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.933182001 CEST | 443 | 56326 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.983957052 CEST | 443 | 56327 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.984249115 CEST | 56327 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.984266996 CEST | 443 | 56327 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.984651089 CEST | 443 | 56327 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.984941006 CEST | 56327 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.985004902 CEST | 443 | 56327 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:34.985078096 CEST | 56327 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.985095978 CEST | 56327 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:34.985107899 CEST | 443 | 56327 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:35.182408094 CEST | 443 | 56327 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:35.182549953 CEST | 443 | 56327 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:35.182612896 CEST | 56327 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:35.183182955 CEST | 56327 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:35.183197975 CEST | 443 | 56327 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:35.593846083 CEST | 443 | 56328 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:35.594202995 CEST | 56328 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:35.594213009 CEST | 443 | 56328 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:35.594532967 CEST | 443 | 56328 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:35.594856024 CEST | 56328 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:35.594912052 CEST | 443 | 56328 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:35.595026970 CEST | 56328 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:35.595052004 CEST | 56328 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:35.595056057 CEST | 443 | 56328 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:35.793302059 CEST | 443 | 56328 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:35.793426991 CEST | 443 | 56328 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:35.793484926 CEST | 56328 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:35.794157028 CEST | 56328 | 443 | 192.168.2.4 | 142.250.185.206 |
Jul 4, 2024 22:20:35.794168949 CEST | 443 | 56328 | 142.250.185.206 | 192.168.2.4 |
Jul 4, 2024 22:20:52.337444067 CEST | 56329 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:52.337485075 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:52.337562084 CEST | 56329 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:52.337987900 CEST | 56329 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:52.338005066 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:53.181030989 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:53.181097984 CEST | 56329 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:53.184885979 CEST | 56329 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:53.184892893 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:53.185115099 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:53.193624973 CEST | 56329 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:53.236509085 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:53.447845936 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:53.447873116 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:53.447889090 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:53.447978973 CEST | 56329 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:53.448000908 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:53.448052883 CEST | 56329 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:53.448875904 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:53.448925972 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:53.448945045 CEST | 56329 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:53.448951006 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:53.448978901 CEST | 56329 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:53.449178934 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:53.449229002 CEST | 56329 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:53.452322006 CEST | 56329 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:53.452337980 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:53.452388048 CEST | 56329 | 443 | 192.168.2.4 | 13.85.23.86 |
Jul 4, 2024 22:20:53.452394009 CEST | 443 | 56329 | 13.85.23.86 | 192.168.2.4 |
Jul 4, 2024 22:20:59.441406965 CEST | 56331 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:59.441432953 CEST | 443 | 56331 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:20:59.441502094 CEST | 56331 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:59.441829920 CEST | 56331 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:20:59.441844940 CEST | 443 | 56331 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:21:00.110282898 CEST | 443 | 56331 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:21:00.110704899 CEST | 56331 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:21:00.110718012 CEST | 443 | 56331 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:21:00.111038923 CEST | 443 | 56331 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:21:00.111376047 CEST | 56331 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:21:00.111430883 CEST | 443 | 56331 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:21:00.158513069 CEST | 56331 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:21:04.390198946 CEST | 56332 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:04.390235901 CEST | 443 | 56332 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:04.390320063 CEST | 56332 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:04.390640020 CEST | 56332 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:04.390652895 CEST | 443 | 56332 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:05.070302963 CEST | 443 | 56332 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:05.070765018 CEST | 56332 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:05.070781946 CEST | 443 | 56332 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:05.072057962 CEST | 443 | 56332 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:05.072377920 CEST | 56332 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:05.072546005 CEST | 56332 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:05.072552919 CEST | 443 | 56332 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:05.072563887 CEST | 56332 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:05.072623968 CEST | 443 | 56332 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:05.113039017 CEST | 56332 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:05.355844021 CEST | 443 | 56332 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:05.356262922 CEST | 443 | 56332 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:05.356324911 CEST | 56332 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:05.356455088 CEST | 56332 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:05.356477976 CEST | 443 | 56332 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:05.596159935 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Jul 4, 2024 22:21:05.601546049 CEST | 80 | 49724 | 93.184.221.240 | 192.168.2.4 |
Jul 4, 2024 22:21:05.601711035 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Jul 4, 2024 22:21:05.959490061 CEST | 56334 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:05.959522009 CEST | 443 | 56334 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:05.959594011 CEST | 56334 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:05.959948063 CEST | 56334 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:05.959961891 CEST | 443 | 56334 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:06.634548903 CEST | 443 | 56334 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:06.634947062 CEST | 56334 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:06.634967089 CEST | 443 | 56334 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:06.635462046 CEST | 443 | 56334 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:06.635847092 CEST | 56334 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:06.635924101 CEST | 443 | 56334 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:06.636061907 CEST | 56334 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:06.636095047 CEST | 56334 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:06.636101961 CEST | 443 | 56334 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:06.835460901 CEST | 443 | 56334 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:06.835607052 CEST | 443 | 56334 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:06.835658073 CEST | 56334 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:06.836431980 CEST | 56334 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:06.836447001 CEST | 443 | 56334 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:10.019328117 CEST | 443 | 56331 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:21:10.019397974 CEST | 443 | 56331 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:21:10.019452095 CEST | 56331 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:21:23.612723112 CEST | 56331 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:21:23.612732887 CEST | 443 | 56331 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:21:38.025376081 CEST | 56336 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.025425911 CEST | 443 | 56336 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.025510073 CEST | 56336 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.025968075 CEST | 56336 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.025981903 CEST | 443 | 56336 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.192751884 CEST | 56337 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.192780018 CEST | 443 | 56337 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.192878008 CEST | 56337 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.193198919 CEST | 56337 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.193212032 CEST | 443 | 56337 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.691574097 CEST | 443 | 56336 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.691955090 CEST | 56336 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.691977978 CEST | 443 | 56336 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.692333937 CEST | 443 | 56336 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.692646980 CEST | 56336 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.692706108 CEST | 443 | 56336 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.692811966 CEST | 56336 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.692854881 CEST | 56336 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.692861080 CEST | 443 | 56336 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.841521025 CEST | 443 | 56337 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.841914892 CEST | 56337 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.841929913 CEST | 443 | 56337 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.842437029 CEST | 443 | 56337 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.842735052 CEST | 56337 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.842813969 CEST | 443 | 56337 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.842890024 CEST | 56337 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.842927933 CEST | 56337 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.842933893 CEST | 443 | 56337 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.890358925 CEST | 443 | 56336 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.890803099 CEST | 443 | 56336 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:38.890876055 CEST | 56336 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.891026974 CEST | 56336 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:38.891042948 CEST | 443 | 56336 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:39.121712923 CEST | 443 | 56337 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:39.121862888 CEST | 443 | 56337 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:39.121915102 CEST | 56337 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:39.122421980 CEST | 56337 | 443 | 192.168.2.4 | 142.250.186.46 |
Jul 4, 2024 22:21:39.122433901 CEST | 443 | 56337 | 142.250.186.46 | 192.168.2.4 |
Jul 4, 2024 22:21:59.500854015 CEST | 56338 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:21:59.500893116 CEST | 443 | 56338 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:21:59.500948906 CEST | 56338 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:21:59.501405001 CEST | 56338 | 443 | 192.168.2.4 | 142.250.185.164 |
Jul 4, 2024 22:21:59.501419067 CEST | 443 | 56338 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:22:00.148906946 CEST | 443 | 56338 | 142.250.185.164 | 192.168.2.4 |
Jul 4, 2024 22:22:00.189745903 CEST | 56338 | 443 | 192.168.2.4 | 142.250.185.164 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 4, 2024 22:19:54.845520020 CEST | 53 | 53263 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:19:54.848104954 CEST | 59837 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 22:19:54.848248005 CEST | 57641 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 22:19:54.855293989 CEST | 53 | 59837 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:19:54.855458021 CEST | 53 | 57641 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:19:54.864583015 CEST | 53 | 51200 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:19:56.006247044 CEST | 53 | 51975 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:19:58.644516945 CEST | 53 | 61974 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:19:59.254301071 CEST | 53 | 64734 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:19:59.380610943 CEST | 54344 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 22:19:59.380740881 CEST | 49589 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 22:19:59.388406038 CEST | 53 | 49589 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:19:59.389076948 CEST | 53 | 54344 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:19:59.982676029 CEST | 53 | 61410 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:20:02.857777119 CEST | 62029 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 22:20:02.857913017 CEST | 53467 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 22:20:02.865154982 CEST | 53 | 62029 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:20:02.865802050 CEST | 53 | 53467 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:20:03.887939930 CEST | 52660 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 22:20:03.888117075 CEST | 54297 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 22:20:03.895317078 CEST | 53 | 54297 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:20:03.896656036 CEST | 53 | 52660 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:20:07.916924953 CEST | 53 | 52674 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:20:13.232631922 CEST | 53 | 59446 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:20:14.223006964 CEST | 53 | 58465 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:20:17.055160046 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Jul 4, 2024 22:20:32.061463118 CEST | 53 | 65385 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:20:54.732649088 CEST | 53 | 53604 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:20:54.759886980 CEST | 53 | 52930 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:21:04.382771015 CEST | 59819 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 22:21:04.382919073 CEST | 51857 | 53 | 192.168.2.4 | 1.1.1.1 |
Jul 4, 2024 22:21:04.389561892 CEST | 53 | 59819 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:21:04.389813900 CEST | 53 | 51857 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:21:04.874022007 CEST | 53 | 56146 | 1.1.1.1 | 192.168.2.4 |
Jul 4, 2024 22:21:23.621480942 CEST | 53 | 59598 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jul 4, 2024 22:19:54.848104954 CEST | 192.168.2.4 | 1.1.1.1 | 0x4c4b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 4, 2024 22:19:54.848248005 CEST | 192.168.2.4 | 1.1.1.1 | 0x3961 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 4, 2024 22:19:59.380610943 CEST | 192.168.2.4 | 1.1.1.1 | 0x2e15 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 4, 2024 22:19:59.380740881 CEST | 192.168.2.4 | 1.1.1.1 | 0xc59a | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 4, 2024 22:20:02.857777119 CEST | 192.168.2.4 | 1.1.1.1 | 0xd6e8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 4, 2024 22:20:02.857913017 CEST | 192.168.2.4 | 1.1.1.1 | 0x5506 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 4, 2024 22:20:03.887939930 CEST | 192.168.2.4 | 1.1.1.1 | 0xee43 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 4, 2024 22:20:03.888117075 CEST | 192.168.2.4 | 1.1.1.1 | 0x993d | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 4, 2024 22:21:04.382771015 CEST | 192.168.2.4 | 1.1.1.1 | 0x236e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 4, 2024 22:21:04.382919073 CEST | 192.168.2.4 | 1.1.1.1 | 0xb901 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 172.217.16.142 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 142.250.186.142 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 142.250.185.78 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 172.217.18.110 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 216.58.206.46 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 142.250.186.174 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 142.250.186.78 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 172.217.16.206 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 142.250.181.238 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 142.250.184.238 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 142.250.184.206 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 216.58.212.142 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 172.217.18.14 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 142.250.186.46 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855293989 CEST | 1.1.1.1 | 192.168.2.4 | 0x4c4b | No error (0) | 142.250.186.110 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855458021 CEST | 1.1.1.1 | 192.168.2.4 | 0x3961 | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 4, 2024 22:19:54.855458021 CEST | 1.1.1.1 | 192.168.2.4 | 0x3961 | No error (0) | 65 | IN (0x0001) | false | |||
Jul 4, 2024 22:19:59.388406038 CEST | 1.1.1.1 | 192.168.2.4 | 0xc59a | No error (0) | 65 | IN (0x0001) | false | |||
Jul 4, 2024 22:19:59.389076948 CEST | 1.1.1.1 | 192.168.2.4 | 0x2e15 | No error (0) | 142.250.185.164 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:20:02.865154982 CEST | 1.1.1.1 | 192.168.2.4 | 0xd6e8 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 4, 2024 22:20:02.865154982 CEST | 1.1.1.1 | 192.168.2.4 | 0xd6e8 | No error (0) | 142.250.184.238 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:20:02.865802050 CEST | 1.1.1.1 | 192.168.2.4 | 0x5506 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 4, 2024 22:20:03.896656036 CEST | 1.1.1.1 | 192.168.2.4 | 0xee43 | No error (0) | 142.250.185.206 | A (IP address) | IN (0x0001) | false | ||
Jul 4, 2024 22:21:04.389561892 CEST | 1.1.1.1 | 192.168.2.4 | 0x236e | No error (0) | 142.250.186.46 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49732 | 172.217.16.142 | 443 | 7316 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-04 20:19:55 UTC | 810 | OUT | |
2024-07-04 20:19:55 UTC | 2470 | IN |