Windows
Analysis Report
7F95320763FDCB0F731CE91FB8E178D4110E10A1D56836F442BA34C6F2A631F6.exe
Overview
General Information
Detection
Score: | 96 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- 7F95320763FDCB0F731CE91FB8E178D4110E10A1D56836F442BA34C6F2A631F6.exe (PID: 5352 cmdline:
"C:\Users\ user\Deskt op\7F95320 763FDCB0F7 31CE91FB8E 178D4110E1 0A1D56836F 442BA34C6F 2A631F6.ex e" MD5: 1A4AC0F78511C028B51E0B302B080946) - chrome.exe (PID: 4040 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t http://g o.microsof t.com/fwli nk/?prd=11 324&pver=4 .5&sbp=App Launch2&pl cid=0x409& o1=SHIM_NO VERSION_FO UND&versio n=(null)&p rocessName =7F9532076 3FDCB0F731 CE91FB8E17 8D4110E10A 1D56836F44 2BA34C6F2A 631F6.exe& platform=0 009&osver= 6&isServer =0&shimver =4.0.30319 .0 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 2820 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =1700 --fi eld-trial- handle=188 4,i,637461 8773973897 53,4389975 0864371051 04,262144 --disable- features=O ptimizatio nGuideMode lDownloadi ng,Optimiz ationHints ,Optimizat ionHintsFe tching,Opt imizationT argetPredi ction /pre fetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7760 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed --sing le-argumen t http://g o.microsof t.com/fwli nk/?prd=11 324&pver=4 .5&sbp=App Launch2&pl cid=0x409& o1=SHIM_NO VERSION_FO UND&versio n=(null)&p rocessName =7F9532076 3FDCB0F731 CE91FB8E17 8D4110E10A 1D56836F44 2BA34C6F2A 631F6.exe& platform=0 009&osver= 6&isServer =0&shimver =4.0.30319 .0 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7948 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2144 --fi eld-trial- handle=193 6,i,107137 2561633172 5220,83439 8240496403 0147,26214 4 --disabl e-features =Optimizat ionGuideMo delDownloa ding,Optim izationHin ts,Optimiz ationHints Fetching,O ptimizatio nTargetPre diction /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
NjRAT | RedPacket Security describes NJRat as "a remote access trojan (RAT) has capabilities to log keystrokes, access the victim's camera, steal credentials stored in browsers, open a reverse shell, upload/download files, view the victim's desktop, perform process, file, and registry manipulations, and capabilities to let the attacker update, uninstall, restart, close, disconnect the RAT and rename its campaign ID. Through the Command & Control (CnC) server software, the attacker has capabilities to create and configure the malware to spread through USB drives."It is supposedly popular with actors in the Middle East. Similar to other RATs, many leaked builders may be backdoored. |
{"Host": "8.tcp.ngrok.io", "Port": "10489", "Version": "im523", "Campaign ID": "HacKed", "Install Name": "Server.exe", "Install Dir": "AppData"}
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Njrat | Yara detected Njrat | Joe Security | ||
Windows_Trojan_Njrat_30f3c220 | unknown | unknown |
| |
njrat1 | Identify njRat | Brian Wallace @botnet_hunter |
| |
MALWARE_Win_NjRAT | Detects NjRAT / Bladabindi | ditekSHen |
|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Njrat | Yara detected Njrat | Joe Security | ||
Windows_Trojan_Njrat_30f3c220 | unknown | unknown |
| |
njrat1 | Identify njRat | Brian Wallace @botnet_hunter |
| |
JoeSecurity_Njrat | Yara detected Njrat | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Njrat | Yara detected Njrat | Joe Security | ||
Windows_Trojan_Njrat_30f3c220 | unknown | unknown |
| |
njrat1 | Identify njRat | Brian Wallace @botnet_hunter |
| |
MALWARE_Win_NjRAT | Detects NjRAT / Bladabindi | ditekSHen |
|
Click to jump to signature section
AV Detection |
---|
Source: | Avira: |
Source: | Malware Configuration Extractor: |
Source: | ReversingLabs: |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Joe Sandbox ML: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Static PE information: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | TCP traffic: |
Source: | IP Address: | ||
Source: | IP Address: | ||
Source: | IP Address: |
Source: | JA3 fingerprint: | ||
Source: | JA3 fingerprint: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Key, Mouse, Clipboard, Microphone and Screen Capturing |
---|
Source: | .Net Code: |
E-Banking Fraud |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Static PE information: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Static file information: |
Source: | Key opened: | Jump to behavior |
Source: | ReversingLabs: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | Static PE information: |
Source: | Static PE information: |
Data Obfuscation |
---|
Source: | .Net Code: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | Reference to suspicious API methods: | ||
Source: | Reference to suspicious API methods: | ||
Source: | Reference to suspicious API methods: |
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 1 Replication Through Removable Media | 1 Native API | 1 Registry Run Keys / Startup Folder | 11 Process Injection | 1 Masquerading | 1 Input Capture | 1 Security Software Discovery | Remote Services | 1 Input Capture | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 1 DLL Side-Loading | 1 Registry Run Keys / Startup Folder | 11 Process Injection | LSASS Memory | 1 Peripheral Device Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Ingress Tool Transfer | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 1 DLL Side-Loading | 1 Obfuscated Files or Information | Security Account Manager | 1 System Information Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 11 Software Packing | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 1 DLL Side-Loading | LSA Secrets | Internet Connection Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
97% | ReversingLabs | Win32.Virus.Jadtre | ||
100% | Avira | W32/Jadtre.B | ||
100% | Joe Sandbox ML |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
s-part-0014.t-0009.t-msedge.net | 13.107.246.42 | true | false | unknown | |
www.google.com | 142.250.185.132 | true | false | unknown | |
s-part-0032.t-0009.t-msedge.net | 13.107.246.60 | true | false | unknown | |
js.monitor.azure.com | unknown | unknown | true | unknown | |
mdec.nelreports.net | unknown | unknown | true | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
13.107.246.42 | s-part-0014.t-0009.t-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
142.250.185.132 | www.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.185.100 | unknown | United States | 15169 | GOOGLEUS | false | |
13.107.246.60 | s-part-0032.t-0009.t-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false |
IP |
---|
192.168.2.5 |
Joe Sandbox version: | 40.0.0 Tourmaline |
Analysis ID: | 1480419 |
Start date and time: | 2024-07-24 18:52:07 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 45s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 11 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | 7F95320763FDCB0F731CE91FB8E178D4110E10A1D56836F442BA34C6F2A631F6.exe |
Detection: | MAL |
Classification: | mal96.troj.spyw.evad.winEXE@30/67@12/6 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 184.28.89.167, 142.250.185.163, 74.125.133.84, 142.250.185.238, 95.101.150.2, 34.104.35.123, 199.232.214.172, 192.229.221.95, 142.250.185.170, 216.58.206.74, 216.58.212.138, 142.250.185.234, 142.250.184.202, 142.250.185.74, 142.250.186.138, 142.250.185.106, 216.58.206.42, 172.217.16.138, 142.250.186.74, 142.250.186.42, 142.250.185.202, 142.250.186.170, 172.217.18.106, 142.250.181.234, 2.19.126.137, 2.19.126.156, 20.189.173.18, 13.74.129.1, 204.79.197.237, 13.107.21.237, 52.182.141.63, 142.250.181.227, 216.58.206.46
- Excluded domains from analysis (whitelisted): aijscdn2.afd.azureedge.net, slscr.update.microsoft.com, c-msn-com-nsatc.trafficmanager.net, clientservices.googleapis.com, browser.events.data.trafficmanager.net, learn.microsoft.com, onedscolprdwus15.westus.cloudapp.azure.com, e11290.dspg.akamaiedge.net, mdec.nelreports.net.akamaized.net, go.microsoft.com, clients2.google.com, ocsp.digicert.com, a1883.dscd.akamai.net, learn.microsoft.com.edgekey.net, update.googleapis.com, clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, c-bing-com.dual-a-0034.a-msedge.net, ctldl.windowsupdate.com, learn.microsoft.com.edgekey.net.globalredir.akadns.net, firstparty-azurefd-prod.trafficmanager.net, fe3cr.delivery.mp.microsoft.com, aijscdn2.azureedge.net, browser.events.data.microsoft.com, edgedl.me.gvt1.com, e13636.dscb.akamaiedge.net, c.bing.com, learn-public.trafficmanager.net, go.microsoft.com.edgekey.net, dual-a-0034.a-msedge.net, clients.l.google.com, c1.microsoft.com, wcpstatic.micr
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtProtectVirtualMemory calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: 7F95320763FDCB0F731CE91FB8E178D4110E10A1D56836F442BA34C6F2A631F6.exe
Input | Output |
---|---|
URL: https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=7F95320763FDCB0F731CE91FB8E178D4110E10A1D56836F442BA34C6F2A631F6.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0 Model: Perplexity: mixtral-8x7b-instruct | {"loginform": false,"urgency": false,"captcha": false,"reasons": ["The webpage does not contain a login form, as there is no explicit request for sensitive information such as passwords, email addresses, usernames, phone numbers, or credit card numbers.","The text of the webpage does not create a sense of urgency, as there are no phrases that encourage immediate action such as 'Click here to view document' or 'To view secured document click here'.","The webpage does not contain a CAPTCHA or any other anti-robot detection mechanism."]} |
Title: Fix .NET Framework 'This application could not be started' - .NET Framework | Microsoft Learn OCR: Learn Q Sign in Discover v Product documentation Development languages v Topics v .NET Languages Features v Workloads Troubleshooting Resources v Download .NET APIs v Filter by title .NET / .NET Framework / Learn / .NET Framework documentation "This application could not be Overview of .NET Framework started" error when running a .NET Get started v Installation guide Framework application Overview For developers Article 02/16/2023 6 contributors Feedback > By OS version Repair .NET framework In this article v TroubleshcHJt How to fix the error Troubleshoot install end uninstall See also Troubleshoot 'This application could not started' When you attempt to run a .NET Framework application, you may receive the "This .NET Framework 3.5 on Windows 8 application could not be started" error message. When this error is caused by an installed through Windows 11 version of .NET Framework not being detected, or by .NET Framework being corrupted, use this article to try to solve that problem. .NET Framework 1.1 on Windows 8 through Windows 11 mt.exe - This application could not be started. > Migration guide Development guide This application could not be started, > Tools Do you want to view information about this issue? > Additional APIs > What's new and obsolete Code analysis Yes No Download PDF |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
13.107.246.42 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
239.255.255.250 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Outlook Phishing, HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher, Tycoon2FA | Browse | |||
13.107.246.60 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
s-part-0014.t-0009.t-msedge.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Outlook Phishing, HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Gh0stCringe, GhostRat, Mimikatz, RunningRAT | Browse |
| ||
Get hash | malicious | GhostRat, Nitol | Browse |
| ||
s-part-0032.t-0009.t-msedge.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Outlook Phishing, HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
MICROSOFT-CORP-MSN-AS-BLOCKUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Outlook Phishing, HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Gh0stCringe, GhostRat, Mimikatz, RunningRAT | Browse |
| ||
MICROSOFT-CORP-MSN-AS-BLOCKUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Outlook Phishing, HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Gh0stCringe, GhostRat, Mimikatz, RunningRAT | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
1138de370e523e824bbca92d049a3777 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Babadeda, Bdaejec | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Nanocore, Remcos | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Outlook Phishing, HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher, Tycoon2FA | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9906343788664382 |
Encrypted: | false |
SSDEEP: | 48:8TkdXcT3AwrHvidAKZdA19ehwiZUklqehNy+3:87/dqy |
MD5: | C75E546CF28C5965862FB4EEE66FB4C9 |
SHA1: | 687D4587F33F14AD29231D3548BD0C3D79963FD1 |
SHA-256: | 69ED82B5B529E82DE43836D296F01A3ACF2340DB2052E606DD141AAE7EE66190 |
SHA-512: | A984B458E123495825D21BF6CCF88E4EA6362F0C758CAB3484CE715D12CA1E9C269529C00872B9451DB5E861E8A5D6F49E68825869D9DECB9F4FF117751B11AA |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 4.002771462719263 |
Encrypted: | false |
SSDEEP: | 48:8rdXcT3AwrHvidAKZdA1weh/iZUkAQkqehay+2:8S/X9Q3y |
MD5: | 9E643BBBE0D188DBFA5ADF0A08D13324 |
SHA1: | 2A3512F8761848853F7DD10AE6B198C0CA072F5E |
SHA-256: | B63FA94ABE6E4FF9B328A0D923A011465887B5B1CD5CA91726F91F7BDDDF1B83 |
SHA-512: | 5259AC1D5180617482AA73C5DC6679CE589E0432621105044E6F0A935EDE2FF48B138A8545B4B5EA9313A3B781E6888F37011109406A5FC713DF3E77C52E7F0E |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.012432562210788 |
Encrypted: | false |
SSDEEP: | 48:8xBdXcT3AwsHvidAKZdA14tseh7sFiZUkmgqeh7sUy+BX:8xo/inWy |
MD5: | EFE3C11132EDD0CFE2FF02B7C3D59F1B |
SHA1: | 160029E6344CEB7EB2751C3486DAA597B780268A |
SHA-256: | 50961B06DC0A8612B9614F778FC6D9FD22E483848FB3FA425D10D3A48AFE9CE8 |
SHA-512: | 81CC4F9EE130103AD3AFF27E0D756E86EC9C64F1FED55BD0DA8E544645E221F5518624CC7B181AE45F16F491630B7756AC66FB67440BE64017103D9D7BD3BB44 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 4.002585926688041 |
Encrypted: | false |
SSDEEP: | 48:8RdXcT3AwrHvidAKZdA1vehDiZUkwqehOy+R:84/UMy |
MD5: | B5E3F02640EB88468114BCE721D253C9 |
SHA1: | FFB3A85ED70D16416F94F6A5DC7EB2596F14CA2F |
SHA-256: | C7CC38EE4FA16034A7275A2AE278C1391C0A9D59AEA31578EB04A6E5A66A597B |
SHA-512: | CBB21E75D98E75EEC210C276E251CF350961C4D361EFB41A6B0E82BA709D89AE87861249520E3F7FD08EA42FFC7D61F4DFBBCCA3DDBBF7487D2A809BB9DB92D9 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9929293933309764 |
Encrypted: | false |
SSDEEP: | 48:8OdXcT3AwrHvidAKZdA1hehBiZUk1W1qehQy+C:8J/09wy |
MD5: | 0AE573A7ED06611E1EFFCB89711B0FD9 |
SHA1: | A1316A9442E063DB2FE7C1F2C91BD0229CD9F2CC |
SHA-256: | 0E44C0AEA123EFF6994496AFF24D89A8DC5D6D2A81CAE44E2FFF07ED68F123A2 |
SHA-512: | CDAF60C4F7E6C00052A725FF6D992CDF70039B40D5A36066B7CFF9CF1D53A88B8EB0C9C1EF8ACA63CCCC824EFE01058E93ED73EBB760B00393E518912875350F |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 4.000354585510586 |
Encrypted: | false |
SSDEEP: | 48:8TdXcT3AwrHvidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbWy+yT+:8q/aT/TbxWOvTbWy7T |
MD5: | CAF7D757CC1FA81121878DB06025202A |
SHA1: | 18F127533B756CB87774A2E23C5B63DFD6664446 |
SHA-256: | 8885C4F5C55F9C0E0C054E214DE5088B293198725F3F301D3E4F58169B95266D |
SHA-512: | 8CBC270DE0E6580B25AF845AC90B2B165DE443B8FFD248CE53F6C164486600BA93AE813D1B935B8D0CC4C38BADF87BB420079A4883858F341343CD3C874F36E6 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 13339 |
Entropy (8bit): | 7.683569563478597 |
Encrypted: | false |
SSDEEP: | 192:zjSKAj04ndWb6OuzZjk6TsEaJS0/bJur2Gz4Imm3MhE4NfM:zutfW69XTspsG3G0TfhEQM |
MD5: | 512625CF8F40021445D74253DC7C28C0 |
SHA1: | F6B27CE0F7D4E48E34FDDCA8A96337F07CFFE730 |
SHA-256: | 1D4DCEE8511D5371FEC911660D6049782E12901C662B409A5C675772E9B87369 |
SHA-512: | AE02319D03884D758A86C286B6F593BDFFD067885D56D82EEB8215FDCB41637C7BB9109039E7FBC93AD246D030C368FB285B3161976ED485ABC5A8DF6DF9A38C |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 18367 |
Entropy (8bit): | 7.7772261735974215 |
Encrypted: | false |
SSDEEP: | 384:4qqZYz7CAda2Qmd6VWWNg9h8XvdkRbdi2nki:1qZYz7Cma2hYNMh8XvdObdi2nX |
MD5: | 240C4CC15D9FD65405BB642AB81BE615 |
SHA1: | 5A66783FE5DD932082F40811AE0769526874BFD3 |
SHA-256: | 030272CE6BA1BECA700EC83FDED9DBDC89296FBDE0633A7F5943EF5831876C07 |
SHA-512: | 267FE31BC25944DD7B6071C2C2C271CCC188AE1F6A0D7E587DCF9198B81598DA6B058D1B413F228DF0CB37C8304329E808089388359651E81B5F3DEC566D0EE0 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/repair-tool-no-resolution.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1154 |
Entropy (8bit): | 4.59126408969148 |
Encrypted: | false |
SSDEEP: | 24:txFRuJpzYeGK+VS6ckNL2091JP/UcHc8oQJ1sUWMLc/jH6GbKqjHJIOHA:JsfcU6ckNL2091Z/U/YsUDM+GhS |
MD5: | 37258A983459AE1C2E4F1E551665F388 |
SHA1: | 603A4E9115E613CC827206CF792C62AEB606C941 |
SHA-256: | 8E34F3807B4BF495D8954E7229681DA8D0DD101DD6DDC2AD7F90CD2983802B44 |
SHA-512: | 184CB63EF510143B0AF013F506411C917D68BB63F2CFA47EA2A42688FD4F55F3B820AF94F87083C24F48AACEE6A692199E185FC5C5CFBED5D70790454EED7F5C |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 443348 |
Entropy (8bit): | 5.079350267097991 |
Encrypted: | false |
SSDEEP: | 6144:Fe43jzKCey05dPjZkYh6BFPDxZYX04GK7MI:NKCeyQPjj |
MD5: | DBAAB65D35238246BEAF5AA34B9736CF |
SHA1: | DFA25539F60B3A4F60B933515309E97DA379C2C5 |
SHA-256: | 564E1C96899DDBC5692257CC9F2EEB8F615220E23466BF333FD26FE28BEACF78 |
SHA-512: | 16EEA9018AD102EEEE67CE940A992EF610EF99BE36F803957B47FD0EF4F65B15FF23A39AF5D931E23A39D89BC68DB1026E904F5B172A7374B69A8AC76E466225 |
Malicious: | false |
URL: | https://learn.microsoft.com/static/assets/0.4.027605576/styles/site-ltr.css |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 3130 |
Entropy (8bit): | 4.790069981348324 |
Encrypted: | false |
SSDEEP: | 48:YWuGl640ynAqgDJ9OJWuO6Z3Db8VgK/ni47ttbtlSlA37ERw7II77Aj5M1:Nv0ynAhD3CO5t5lNEYIOEjc |
MD5: | EBA6E81304F2F555E1D2EA3126A18A41 |
SHA1: | 61429C3FE837FD4DD68E7B26678F131F2E00070D |
SHA-256: | F309CCCE17B2B4706E7110F6C76F81761F0A44168D12C358AC4D120776907F81 |
SHA-512: | 3BE0466794E7BDDC8565758DBF5553E89ED0003271F07695F09283F242BB65C1978ED79A38D5E589A99F68C0130E1E4B52576D7CD655EE272EE104BE0378E72E |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15427 |
Entropy (8bit): | 7.784472070227724 |
Encrypted: | false |
SSDEEP: | 384:CKKdvwj3SJMpKKKKKKKKikCyKwqHILyPGQV4ykihKKKKKKKCm:CKKdvMMgKKKKKKKKiqB3yPVXkihKKKKI |
MD5: | 3062488F9D119C0D79448BE06ED140D8 |
SHA1: | 8A148951C894FC9E968D3E46589A2E978267650E |
SHA-256: | C47A383DE6DD60149B37DD24825D42D83CB48BE0ED094E3FC3B228D0A7BB9332 |
SHA-512: | 00BBA6BCBFBF44B977129594A47F732809DCE7D4E2D22D050338E4EEA91FCC02A9B333C45EEB4C9024DF076CBDA0B46B621BF48309C0D037D19BBEAE0367F5ED |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 16 |
Entropy (8bit): | 3.875 |
Encrypted: | false |
SSDEEP: | 3:HMB:k |
MD5: | 0B04EA412F8FC88B51398B1CBF38110E |
SHA1: | E073BCC5A03E7BBA2A16CF201A3CED1BE7533FBF |
SHA-256: | 7562254FF78FD854F0A8808E75A406F5C6058B57B71514481DAE490FC7B8F4C3 |
SHA-512: | 6D516068C3F3CBFC1500032E600BFF5542EE30C0EAC11A929EE002C707810BBF614A5586C2673EE959AFDF19C08F6EAEFA18193AD6CEDC839BDF249CF95E8079 |
Malicious: | false |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISEAkEurwx6c-nJBIFDb_mJfI=?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 206998 |
Entropy (8bit): | 5.418793847287795 |
Encrypted: | false |
SSDEEP: | 3072:X/9cGgmjXCGzE0ploS6MeaUpyd57vUDgg4+RT7:XlcGxxsfMe3pyPvkB4cT7 |
MD5: | DEAA16321132C38272BDA251563F48A1 |
SHA1: | 0209A287D78181B0A8FC3644E8E99BE2105F46F0 |
SHA-256: | 80934D21B5493C94EE3AA1F35745543326CF6C9D695C85C635BAD9C19CE0D84F |
SHA-512: | 0473BF532047268B569B54B23C1B0117FB25A21058C2E985E9D245E695A523ABC983DF4D64A2420D635A02FFF6A83E5393A75608FB8EC10DB2834D54456DDA91 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 18768 |
Entropy (8bit): | 7.987865266610692 |
Encrypted: | false |
SSDEEP: | 384:Jg8I5VXe4fT0sr9WHEzMrMk7OF+IkXpFlhwOFKepi9L6hOz:JRyVnpr8MeOFwpFbgZx6ha |
MD5: | 870B357C3BAE1178740236D64790E444 |
SHA1: | 5FA06435D0ECF28CBD005773F8C335C44D7DF522 |
SHA-256: | 0227BD6A0408946E9B4DF6F1A340E3713759A42A7677BDB8CB34698E4EDF541E |
SHA-512: | 7FC902E787B1F51B86D967354C0F2987EA9FD582FEF2959831EA6DBC5E7BF998A8F24BA906F0EE99AE8493AEB0C53AF06BEE106D60B448AC50B827C63B1ED169 |
Malicious: | false |
URL: | https://learn.microsoft.com/static/assets/0.4.027605576/styles/docons.aa8255ca.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2945 |
Entropy (8bit): | 5.11559629166894 |
Encrypted: | false |
SSDEEP: | 48:YJckl90I99HHJ3PSC/HCcTxdB4H0CrsfSMrxMZuv15C/h1/8iHd0MBToe1xrvAKB:gjlJFSCVxd7wsfSMrxguv+/h1P0MBToE |
MD5: | 16A9A2CEBAEBD81D7E24D9D73988CFDB |
SHA1: | C28CD7B14A019A7A800EC5CC4315BCD27DB00A16 |
SHA-256: | 115DAC6DD805A8F85C48218C1292D9633E63131FE8907DA7ED4730197C4E6AAF |
SHA-512: | 468BEB586F938ED8A2F22D26D20A43ED3C1F77C014EAC5EE9BD16965AF2AE1723FCDD2D42D37BE8AF1911B2F44382BF16B7FE0C71AE856537C444DDABFDCA466 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 206998 |
Entropy (8bit): | 5.418793847287795 |
Encrypted: | false |
SSDEEP: | 3072:X/9cGgmjXCGzE0ploS6MeaUpyd57vUDgg4+RT7:XlcGxxsfMe3pyPvkB4cT7 |
MD5: | DEAA16321132C38272BDA251563F48A1 |
SHA1: | 0209A287D78181B0A8FC3644E8E99BE2105F46F0 |
SHA-256: | 80934D21B5493C94EE3AA1F35745543326CF6C9D695C85C635BAD9C19CE0D84F |
SHA-512: | 0473BF532047268B569B54B23C1B0117FB25A21058C2E985E9D245E695A523ABC983DF4D64A2420D635A02FFF6A83E5393A75608FB8EC10DB2834D54456DDA91 |
Malicious: | false |
URL: | https://js.monitor.azure.com/scripts/c/ms.jsll-4.min.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 2945 |
Entropy (8bit): | 5.11559629166894 |
Encrypted: | false |
SSDEEP: | 48:YJckl90I99HHJ3PSC/HCcTxdB4H0CrsfSMrxMZuv15C/h1/8iHd0MBToe1xrvAKB:gjlJFSCVxd7wsfSMrxguv+/h1P0MBToE |
MD5: | 16A9A2CEBAEBD81D7E24D9D73988CFDB |
SHA1: | C28CD7B14A019A7A800EC5CC4315BCD27DB00A16 |
SHA-256: | 115DAC6DD805A8F85C48218C1292D9633E63131FE8907DA7ED4730197C4E6AAF |
SHA-512: | 468BEB586F938ED8A2F22D26D20A43ED3C1F77C014EAC5EE9BD16965AF2AE1723FCDD2D42D37BE8AF1911B2F44382BF16B7FE0C71AE856537C444DDABFDCA466 |
Malicious: | false |
URL: | https://learn.microsoft.com/en-us/banners/index.json |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 15427 |
Entropy (8bit): | 7.784472070227724 |
Encrypted: | false |
SSDEEP: | 384:CKKdvwj3SJMpKKKKKKKKikCyKwqHILyPGQV4ykihKKKKKKKCm:CKKdvMMgKKKKKKKKiqB3yPVXkihKKKKI |
MD5: | 3062488F9D119C0D79448BE06ED140D8 |
SHA1: | 8A148951C894FC9E968D3E46589A2E978267650E |
SHA-256: | C47A383DE6DD60149B37DD24825D42D83CB48BE0ED094E3FC3B228D0A7BB9332 |
SHA-512: | 00BBA6BCBFBF44B977129594A47F732809DCE7D4E2D22D050338E4EEA91FCC02A9B333C45EEB4C9024DF076CBDA0B46B621BF48309C0D037D19BBEAE0367F5ED |
Malicious: | false |
URL: | https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/repair-tool-recommended-changes.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 52717 |
Entropy (8bit): | 5.462668685745912 |
Encrypted: | false |
SSDEEP: | 1536:tjspYRrxlhd0fq3agV3IcgPPPI3r7DAQHCloIB3Tj7xHw:tjZLCtxQ |
MD5: | 413FCC759CC19821B61B6941808B29B5 |
SHA1: | 1AD23B8A202043539C20681B1B3E9F3BC5D55133 |
SHA-256: | DAF7759FEDD9AF6C4D7E374B0D056547AE7CB245EC24A1C4ACF02932F30DC536 |
SHA-512: | E9BF8A74FEF494990AAFD15A0F21E0398DC28B4939C8F9F8AA1F3FFBD18056C8D1AB282B081F5C56F0928C48E30E768F7E347929304B55547F9CA8C1AABD80B8 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52717 |
Entropy (8bit): | 5.462668685745912 |
Encrypted: | false |
SSDEEP: | 1536:tjspYRrxlhd0fq3agV3IcgPPPI3r7DAQHCloIB3Tj7xHw:tjZLCtxQ |
MD5: | 413FCC759CC19821B61B6941808B29B5 |
SHA1: | 1AD23B8A202043539C20681B1B3E9F3BC5D55133 |
SHA-256: | DAF7759FEDD9AF6C4D7E374B0D056547AE7CB245EC24A1C4ACF02932F30DC536 |
SHA-512: | E9BF8A74FEF494990AAFD15A0F21E0398DC28B4939C8F9F8AA1F3FFBD18056C8D1AB282B081F5C56F0928C48E30E768F7E347929304B55547F9CA8C1AABD80B8 |
Malicious: | false |
URL: | https://wcpstatic.microsoft.com/mscc/lib/v2/wcp-consent.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1173007 |
Entropy (8bit): | 5.503893944397598 |
Encrypted: | false |
SSDEEP: | 24576:VMga+4IVzOjS1Jho1WXQFjTEr39/jHXzT:VMcVzOjS1Jho1WXQar39/bXzT |
MD5: | 2E00D51C98DBB338E81054F240E1DEB2 |
SHA1: | D33BAC6B041064AE4330DCC2D958EBE4C28EBE58 |
SHA-256: | 300480069078B5892D2363A2B65E2DFBBF30FE5C80F83EDBFECF4610FD093862 |
SHA-512: | B6268D980CE9CB729C82DBA22F04FD592952B2A1AAB43079CA5330C68A86E72B0D232CE4070DB893A5054EE5C68325C92C9F1A33F868D61EBB35129E74FC7EF9 |
Malicious: | false |
URL: | https://learn.microsoft.com/static/third-party/MathJax/3.2.2/tex-mml-chtml.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13339 |
Entropy (8bit): | 7.683569563478597 |
Encrypted: | false |
SSDEEP: | 192:zjSKAj04ndWb6OuzZjk6TsEaJS0/bJur2Gz4Imm3MhE4NfM:zutfW69XTspsG3G0TfhEQM |
MD5: | 512625CF8F40021445D74253DC7C28C0 |
SHA1: | F6B27CE0F7D4E48E34FDDCA8A96337F07CFFE730 |
SHA-256: | 1D4DCEE8511D5371FEC911660D6049782E12901C662B409A5C675772E9B87369 |
SHA-512: | AE02319D03884D758A86C286B6F593BDFFD067885D56D82EEB8215FDCB41637C7BB9109039E7FBC93AD246D030C368FB285B3161976ED485ABC5A8DF6DF9A38C |
Malicious: | false |
URL: | https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/repair-tool-changes-complete.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 17174 |
Entropy (8bit): | 2.9129715116732746 |
Encrypted: | false |
SSDEEP: | 24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO |
MD5: | 12E3DAC858061D088023B2BD48E2FA96 |
SHA1: | E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5 |
SHA-256: | 90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21 |
SHA-512: | C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01 |
Malicious: | false |
URL: | https://learn.microsoft.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 5655 |
Entropy (8bit): | 4.790648170893192 |
Encrypted: | false |
SSDEEP: | 96:ogVOjPWccI3aDNjExAjfWQpL0dpwmWMv7BRevy8RJNjvZPyJ2tlh7RewZUZSeZV1:og2cUaDNjESLWQN0dpwm99qllVR7pUZF |
MD5: | D3383426D3B6D3B34CFE726209647339 |
SHA1: | E656FAA1B2A5235C9E745C534BC7FB10396484D7 |
SHA-256: | 6B7B929D611665A1F5EC015EB590FC70BA1F2C6D0D131F5796A53874C0ADFDE2 |
SHA-512: | F39A67F02165DB08D31B50FDB21667A286C15B774D3E31FA0ED727DA29BFE7C5C50F691367AC19511660BB38EA9B9F3395C27865AF9A1FB3EA8DD90C15004669 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 17174 |
Entropy (8bit): | 2.9129715116732746 |
Encrypted: | false |
SSDEEP: | 24:QSNTmTFxg4lyyyyyyyyyyyyyio7eeeeeeeeekzgsLsLsLsLsLsQZp:nfgyyyyyyyyyyyyynzQQQQQO |
MD5: | 12E3DAC858061D088023B2BD48E2FA96 |
SHA1: | E08CE1A144ECEAE0C3C2EA7A9D6FBC5658F24CE5 |
SHA-256: | 90CDAF487716184E4034000935C605D1633926D348116D198F355A98B8C6CD21 |
SHA-512: | C5030C55A855E7A9E20E22F4C70BF1E0F3C558A9B7D501CFAB6992AC2656AE5E41B050CCAC541EFA55F9603E0D349B247EB4912EE169D44044271789C719CD01 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 13842 |
Entropy (8bit): | 7.802399161550213 |
Encrypted: | false |
SSDEEP: | 192:NLNf+jBQsDHg7av3EEondO8PuRu2mIYXEIiDm42NpsHFMHfgnJ4K2DVwv:NLt+1jDmY+ndXwjLUpiDwpzfwoDVk |
MD5: | F6EC97C43480D41695065AD55A97B382 |
SHA1: | D9C3D0895A5ED1A3951B8774B519B8217F0A54C5 |
SHA-256: | 07A599FAB1E66BABC430E5FED3029F25FF3F4EA2DD0EC8968FFBA71EF1872F68 |
SHA-512: | 22462763178409D60609761A2AF734F97B35B9A818EC1FD9046AFAB489AAD83CE34896EE8586EFE402EA7739ECF088BC2DB5C1C8E4FB39E6A0FC5B3ADC6B4A9B |
Malicious: | false |
URL: | https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/install-3-5.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 32029 |
Entropy (8bit): | 4.903574747591743 |
Encrypted: | false |
SSDEEP: | 384:FnvJOb4OLIch+KCnMet7NPXlJl+HjZjBTRdE0zIwHdZjV8din4ELi:5hOEO8chkMet7pCjBfnWOLi |
MD5: | 178A496645B67ABCE799D62DB8095CAB |
SHA1: | 0C264AFE3DB13E5B00A0E497FB6AB8556EB97939 |
SHA-256: | 70A34968E8715CF14074EA089B66896A9BC10AF79352DB8A40DA83467891F92D |
SHA-512: | EF7CDA8F433A47BABCBB74A57C3B4A20251A6D52E5C9CBEC33B5889A110760719180776BD9C7D7964CF140F950CAB8BC2AD08EAB5FA650FE7744FD9242C67E23 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5655 |
Entropy (8bit): | 4.790648170893192 |
Encrypted: | false |
SSDEEP: | 96:ogVOjPWccI3aDNjExAjfWQpL0dpwmWMv7BRevy8RJNjvZPyJ2tlh7RewZUZSeZV1:og2cUaDNjESLWQN0dpwm99qllVR7pUZF |
MD5: | D3383426D3B6D3B34CFE726209647339 |
SHA1: | E656FAA1B2A5235C9E745C534BC7FB10396484D7 |
SHA-256: | 6B7B929D611665A1F5EC015EB590FC70BA1F2C6D0D131F5796A53874C0ADFDE2 |
SHA-512: | F39A67F02165DB08D31B50FDB21667A286C15B774D3E31FA0ED727DA29BFE7C5C50F691367AC19511660BB38EA9B9F3395C27865AF9A1FB3EA8DD90C15004669 |
Malicious: | false |
URL: | https://learn.microsoft.com/en-us/content-nav/site-header/site-header.json? |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 35005 |
Entropy (8bit): | 7.980061050467981 |
Encrypted: | false |
SSDEEP: | 768:aHBEr/QXnbCgWotMq4AZZivq2/Qu0cEv1FjHBep6U0Z/68R:ahWqbTWiM7ACvdIdldhep4rR |
MD5: | 522037F008E03C9448AE0AAAF09E93CB |
SHA1: | 8A32997EAB79246BEED5A37DB0C92FBFB006BEF2 |
SHA-256: | 983C35607C4FB0B529CA732BE42115D3FCAAC947CEE9C9632F7CACDBDECAF5A7 |
SHA-512: | 643EC613B2E7BDBB2F61E1799C189B0E3392EA5AE10845EB0B1F1542A03569E886F4B54D5B38AF10E78DB49C71357108C94589474B181F6A4573B86CF2D6F0D8 |
Malicious: | false |
URL: | https://learn.microsoft.com/en-us/dotnet/framework/install/media/application-not-started/app-could-not-be-started.png |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1478 |
Entropy (8bit): | 5.030941252322257 |
Encrypted: | false |
SSDEEP: | 24:TGAg3Efef6tfTf/fffCfxfdffW4N5f0f8fK8zyRWmmkYRWDKslbzP3LTPv4NUhqI:TK0W6bXnq512ysUbkfKCvUjeGxbu |
MD5: | 020629EBA820F2E09D8CDA1A753C032B |
SHA1: | D91A65036E4C36B07AE3641E32F23F8DD616BD17 |
SHA-256: | F8AE8A1DC7CE7877B9FB9299183D2EBB3BEFAD0B6489AE785D99047EC2EB92D1 |
SHA-512: | EF5A5C7A301DE55D103B1BE375D988970D9C4ECD62CE464F730C49E622128F431761D641E1DFAA32CA03F8280B435AE909486806DF62A538B48337725EB63CE1 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4897 |
Entropy (8bit): | 4.794639101874543 |
Encrypted: | false |
SSDEEP: | 96:A0AIvEQ+KfZcbhaW9dp45qtAdflfDOFnymoLByzVqrpCvJ4QG63JjJ+do88HxbqP:dgQ+KfZcbhaWjp45qtAdflfDOFnNgBy4 |
MD5: | 84E6C95F0E5378BDA94FA965C4692FAF |
SHA1: | 7C1D6572906509B08F8CD7B7A33EB9F9697EE6D1 |
SHA-256: | 88A4A7B4F1160F8CAD3EB835116C29AC39659D586D4DADC54D9E40AC7E1BC610 |
SHA-512: | D34BFF37F8402B4A1FEE3C26F247A86D72666647A10E83D711A1BED1D24C6FC13674D65DCC037C22811B227FEC34B5DE20442191A42F9D78FC79D55FD5792761 |
Malicious: | false |
URL: | https://learn.microsoft.com/en-us/content-nav/MSDocsHeader-DotNet.json? |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 72 |
Entropy (8bit): | 4.241202481433726 |
Encrypted: | false |
SSDEEP: | 3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY |
MD5: | 9E576E34B18E986347909C29AE6A82C6 |
SHA1: | 532C767978DC2B55854B3CA2D2DF5B4DB221C934 |
SHA-256: | 88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D |
SHA-512: | 5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 72 |
Entropy (8bit): | 4.241202481433726 |
Encrypted: | false |
SSDEEP: | 3:YozDD/RNgQJzRWWlKFiFD3e4xCzY:YovtNgmzR/wYFDxkY |
MD5: | 9E576E34B18E986347909C29AE6A82C6 |
SHA1: | 532C767978DC2B55854B3CA2D2DF5B4DB221C934 |
SHA-256: | 88BDF5AF090328963973990DE427779F9C4DF3B8E1F5BADC3D972BAC3087006D |
SHA-512: | 5EF6DCFFD93434D45760888BF4B95FF134D53F34DA9DC904AD3C5EBEDC58409073483F531FEA4233869ED3EC75F38B022A70B2E179A5D3A13BDB10AB5C46B124 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1173007 |
Entropy (8bit): | 5.503893944397598 |
Encrypted: | false |
SSDEEP: | 24576:VMga+4IVzOjS1Jho1WXQFjTEr39/jHXzT:VMcVzOjS1Jho1WXQar39/bXzT |
MD5: | 2E00D51C98DBB338E81054F240E1DEB2 |
SHA1: | D33BAC6B041064AE4330DCC2D958EBE4C28EBE58 |
SHA-256: | 300480069078B5892D2363A2B65E2DFBBF30FE5C80F83EDBFECF4610FD093862 |
SHA-512: | B6268D980CE9CB729C82DBA22F04FD592952B2A1AAB43079CA5330C68A86E72B0D232CE4070DB893A5054EE5C68325C92C9F1A33F868D61EBB35129E74FC7EF9 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 49783 |
Entropy (8bit): | 5.052270079620471 |
Encrypted: | false |
SSDEEP: | 768:6DcycfvwcwOffIYswsuKJmQT1Yn4/1ggM6F5F30leYUS99AG:6Y/ovOff9swsu+mQTO4/1BzRUhUe95 |
MD5: | E77FFFD507B64085DDC6B99DE2B03710 |
SHA1: | 5FE0D5E7BBD6E36A8215629E09D0F57BDAE2E32A |
SHA-256: | 3AA4ED6C1B3CC8940116D35D0AFF1B519675236ABFD1D7720D68E1833AF6BDD1 |
SHA-512: | D4FBE712574D558FD2238B5FA0F5D9F2D9495B1DF65B81FACEB53ED8E9C2D4770F98CF870E67425D752A6726477E2E9B855D148FFB6E1169A1D4121451F615BA |
Malicious: | false |
URL: | https://learn.microsoft.com/en-us/dotnet/framework/install/application-not-started?version=(null)&processName=7F95320763FDCB0F731CE91FB8E178D4110E10A1D56836F442BA34C6F2A631F6.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1729946 |
Entropy (8bit): | 5.506784610641439 |
Encrypted: | false |
SSDEEP: | 24576:BBweqomwDtVnoZlsG3QO/GFGVgTvjC10wCTOWIzE+0RlMVSB1DkCXWEea87ZGxnJ:BiwDbotVSB1DkCXWEe57ZGxnS+Vh2xDg |
MD5: | 95DE4EB9C18E800B4E68761D99845561 |
SHA1: | 8CD61A75D8E9D5A1EB894284850AAB6C1E547D6D |
SHA-256: | 15163779156DA543DEFAAFC12F7C1A850C91411FE7495F03C3BFE0231D5057E3 |
SHA-512: | 86BDE4F52A505FAC4BC49A30C0BDB145D88F568917E8EC89C26CFAA7E7DF85E9744291470E3587312196D93FB6BAA6F75B29D88CB722B7969C284C9A31886DBE |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1154 |
Entropy (8bit): | 4.59126408969148 |
Encrypted: | false |
SSDEEP: | 24:txFRuJpzYeGK+VS6ckNL2091JP/UcHc8oQJ1sUWMLc/jH6GbKqjHJIOHA:JsfcU6ckNL2091Z/U/YsUDM+GhS |
MD5: | 37258A983459AE1C2E4F1E551665F388 |
SHA1: | 603A4E9115E613CC827206CF792C62AEB606C941 |
SHA-256: | 8E34F3807B4BF495D8954E7229681DA8D0DD101DD6DDC2AD7F90CD2983802B44 |
SHA-512: | 184CB63EF510143B0AF013F506411C917D68BB63F2CFA47EA2A42688FD4F55F3B820AF94F87083C24F48AACEE6A692199E185FC5C5CFBED5D70790454EED7F5C |
Malicious: | false |
URL: | https://learn.microsoft.com/en-us/media/logos/logo_net.svg |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 32029 |
Entropy (8bit): | 4.903574747591743 |
Encrypted: | false |
SSDEEP: | 384:FnvJOb4OLIch+KCnMet7NPXlJl+HjZjBTRdE0zIwHdZjV8din4ELi:5hOEO8chkMet7pCjBfnWOLi |
MD5: | 178A496645B67ABCE799D62DB8095CAB |
SHA1: | 0C264AFE3DB13E5B00A0E497FB6AB8556EB97939 |
SHA-256: | 70A34968E8715CF14074EA089B66896A9BC10AF79352DB8A40DA83467891F92D |
SHA-512: | EF7CDA8F433A47BABCBB74A57C3B4A20251A6D52E5C9CBEC33B5889A110760719180776BD9C7D7964CF140F950CAB8BC2AD08EAB5FA650FE7744FD9242C67E23 |
Malicious: | false |
URL: | https://learn.microsoft.com/en-us/dotnet/framework/toc.json |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1478 |
Entropy (8bit): | 5.030941252322257 |
Encrypted: | false |
SSDEEP: | 24:TGAg3Efef6tfTf/fffCfxfdffW4N5f0f8fK8zyRWmmkYRWDKslbzP3LTPv4NUhqI:TK0W6bXnq512ysUbkfKCvUjeGxbu |
MD5: | 020629EBA820F2E09D8CDA1A753C032B |
SHA1: | D91A65036E4C36B07AE3641E32F23F8DD616BD17 |
SHA-256: | F8AE8A1DC7CE7877B9FB9299183D2EBB3BEFAD0B6489AE785D99047EC2EB92D1 |
SHA-512: | EF5A5C7A301DE55D103B1BE375D988970D9C4ECD62CE464F730C49E622128F431761D641E1DFAA32CA03F8280B435AE909486806DF62A538B48337725EB63CE1 |
Malicious: | false |
URL: | https://learn.microsoft.com/static/assets/0.4.027605576/global/deprecation.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 35005 |
Entropy (8bit): | 7.980061050467981 |
Encrypted: | false |
SSDEEP: | 768:aHBEr/QXnbCgWotMq4AZZivq2/Qu0cEv1FjHBep6U0Z/68R:ahWqbTWiM7ACvdIdldhep4rR |
MD5: | 522037F008E03C9448AE0AAAF09E93CB |
SHA1: | 8A32997EAB79246BEED5A37DB0C92FBFB006BEF2 |
SHA-256: | 983C35607C4FB0B529CA732BE42115D3FCAAC947CEE9C9632F7CACDBDECAF5A7 |
SHA-512: | 643EC613B2E7BDBB2F61E1799C189B0E3392EA5AE10845EB0B1F1542A03569E886F4B54D5B38AF10E78DB49C71357108C94589474B181F6A4573B86CF2D6F0D8 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 13842 |
Entropy (8bit): | 7.802399161550213 |
Encrypted: | false |
SSDEEP: | 192:NLNf+jBQsDHg7av3EEondO8PuRu2mIYXEIiDm42NpsHFMHfgnJ4K2DVwv:NLt+1jDmY+ndXwjLUpiDwpzfwoDVk |
MD5: | F6EC97C43480D41695065AD55A97B382 |
SHA1: | D9C3D0895A5ED1A3951B8774B519B8217F0A54C5 |
SHA-256: | 07A599FAB1E66BABC430E5FED3029F25FF3F4EA2DD0EC8968FFBA71EF1872F68 |
SHA-512: | 22462763178409D60609761A2AF734F97B35B9A818EC1FD9046AFAB489AAD83CE34896EE8586EFE402EA7739ECF088BC2DB5C1C8E4FB39E6A0FC5B3ADC6B4A9B |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4897 |
Entropy (8bit): | 4.794639101874543 |
Encrypted: | false |
SSDEEP: | 96:A0AIvEQ+KfZcbhaW9dp45qtAdflfDOFnymoLByzVqrpCvJ4QG63JjJ+do88HxbqP:dgQ+KfZcbhaWjp45qtAdflfDOFnNgBy4 |
MD5: | 84E6C95F0E5378BDA94FA965C4692FAF |
SHA1: | 7C1D6572906509B08F8CD7B7A33EB9F9697EE6D1 |
SHA-256: | 88A4A7B4F1160F8CAD3EB835116C29AC39659D586D4DADC54D9E40AC7E1BC610 |
SHA-512: | D34BFF37F8402B4A1FEE3C26F247A86D72666647A10E83D711A1BED1D24C6FC13674D65DCC037C22811B227FEC34B5DE20442191A42F9D78FC79D55FD5792761 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1729946 |
Entropy (8bit): | 5.506784610641439 |
Encrypted: | false |
SSDEEP: | 24576:BBweqomwDtVnoZlsG3QO/GFGVgTvjC10wCTOWIzE+0RlMVSB1DkCXWEea87ZGxnJ:BiwDbotVSB1DkCXWEe57ZGxnS+Vh2xDg |
MD5: | 95DE4EB9C18E800B4E68761D99845561 |
SHA1: | 8CD61A75D8E9D5A1EB894284850AAB6C1E547D6D |
SHA-256: | 15163779156DA543DEFAAFC12F7C1A850C91411FE7495F03C3BFE0231D5057E3 |
SHA-512: | 86BDE4F52A505FAC4BC49A30C0BDB145D88F568917E8EC89C26CFAA7E7DF85E9744291470E3587312196D93FB6BAA6F75B29D88CB722B7969C284C9A31886DBE |
Malicious: | false |
URL: | https://learn.microsoft.com/static/assets/0.4.027605576/scripts/en-us/index-docs.js |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3130 |
Entropy (8bit): | 4.790069981348324 |
Encrypted: | false |
SSDEEP: | 48:YWuGl640ynAqgDJ9OJWuO6Z3Db8VgK/ni47ttbtlSlA37ERw7II77Aj5M1:Nv0ynAhD3CO5t5lNEYIOEjc |
MD5: | EBA6E81304F2F555E1D2EA3126A18A41 |
SHA1: | 61429C3FE837FD4DD68E7B26678F131F2E00070D |
SHA-256: | F309CCCE17B2B4706E7110F6C76F81761F0A44168D12C358AC4D120776907F81 |
SHA-512: | 3BE0466794E7BDDC8565758DBF5553E89ED0003271F07695F09283F242BB65C1978ED79A38D5E589A99F68C0130E1E4B52576D7CD655EE272EE104BE0378E72E |
Malicious: | false |
URL: | https://learn.microsoft.com/en-us/dotnet/breadcrumb/toc.json |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 18367 |
Entropy (8bit): | 7.7772261735974215 |
Encrypted: | false |
SSDEEP: | 384:4qqZYz7CAda2Qmd6VWWNg9h8XvdkRbdi2nki:1qZYz7Cma2hYNMh8XvdObdi2nX |
MD5: | 240C4CC15D9FD65405BB642AB81BE615 |
SHA1: | 5A66783FE5DD932082F40811AE0769526874BFD3 |
SHA-256: | 030272CE6BA1BECA700EC83FDED9DBDC89296FBDE0633A7F5943EF5831876C07 |
SHA-512: | 267FE31BC25944DD7B6071C2C2C271CCC188AE1F6A0D7E587DCF9198B81598DA6B058D1B413F228DF0CB37C8304329E808089388359651E81B5F3DEC566D0EE0 |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 6.149551414799612 |
TrID: |
|
File name: | 7F95320763FDCB0F731CE91FB8E178D4110E10A1D56836F442BA34C6F2A631F6.exe |
File size: | 53'760 bytes |
MD5: | 1a4ac0f78511c028b51e0b302b080946 |
SHA1: | cf5d9e076aabb18759dfeabf59f4328f3fe30088 |
SHA256: | d59c7ccf805724c5a8704e0ed9e457bfe33b61e150d646c1da2703e30c22da9e |
SHA512: | c38e8742bdfc93aa4b6ffc4789e4e1b844c276bc61eff07729df70781d30ad9f2aab2b2d0290235d828bc556be996f53ded0441440c93b1249abc6e03c855bbf |
SSDEEP: | 768:PKXTZ38f7CTv8FwKrM+rMRa8NujBtUmQGPL4vzZq2o9W7GsxBbPr:PiTZsTCTv8u1+gRJNA49GCq2iW7z |
TLSH: | F6336D8D7FE084ACC4FD157B05B2E4130777E05B5E23D91E8EF294AA36636818F54AE1 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L.....:b................................. ........@.. .......................@............@................................ |
Icon Hash: | 00928e8e8686b000 |
Entrypoint: | 0x40e000 |
Entrypoint Section: | u |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x623ADEC4 [Wed Mar 23 08:48:04 2022 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | f34d5f2d4577ed6d9ceec516c1f5a744 |
Instruction |
---|
push ebp |
mov ebp, esp |
sub esp, 0000016Ch |
xor eax, eax |
push ebx |
push esi |
push edi |
mov dword ptr [ebp-24h], eax |
mov dword ptr [ebp-10h], eax |
mov dword ptr [ebp-14h], eax |
mov dword ptr [ebp-08h], eax |
mov dword ptr [ebp-0Ch], eax |
mov dword ptr [ebp-20h], eax |
mov dword ptr [ebp-18h], eax |
mov dword ptr [ebp-48h], 4F445374h |
mov dword ptr [ebp-44h], 6578652Eh |
mov dword ptr [ebp-40h], 00000000h |
mov dword ptr [ebp-3Ch], 00000000h |
call 00007FF850938A65h |
pop eax |
add eax, 00000225h |
mov dword ptr [ebp-04h], eax |
mov eax, dword ptr fs:[00000030h] |
mov dword ptr [ebp-28h], eax |
mov eax, dword ptr [ebp-04h] |
mov dword ptr [eax], E904C483h |
mov eax, dword ptr [ebp-04h] |
mov dword ptr [eax+04h], FFFFC94Dh |
mov eax, dword ptr [ebp-28h] |
mov eax, dword ptr [eax+0Ch] |
mov eax, dword ptr [eax+1Ch] |
mov eax, dword ptr [eax] |
mov eax, dword ptr [eax+08h] |
mov ecx, dword ptr [eax+3Ch] |
mov ecx, dword ptr [ecx+eax+78h] |
add ecx, eax |
mov edi, dword ptr [ecx+1Ch] |
mov ebx, dword ptr [ecx+20h] |
mov esi, dword ptr [ecx+24h] |
mov ecx, dword ptr [ecx+18h] |
add esi, eax |
add edi, eax |
add ebx, eax |
xor edx, edx |
mov dword ptr [ebp-30h], esi |
mov dword ptr [ebp-1Ch], edx |
mov dword ptr [ebp-34h], ecx |
cmp edx, dword ptr [ebp-34h] |
jnc 00007FF850938BAEh |
movzx ecx, word ptr [esi+edx*2] |
mov edx, dword ptr [ebx+edx*4] |
mov esi, dword ptr [edi+ecx*4] |
add edx, eax |
mov ecx, dword ptr [edx] |
add esi, eax |
cmp ecx, 4D746547h |
jne 00007FF850938AB4h |
cmp dword ptr [edx+04h], 6C75646Fh |
jne 00007FF850938AABh |
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xab6c | 0x4f | .text |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xc000 | 0xc | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x2000 | 0x8 | .text |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x2008 | 0x48 | .text |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x2000 | 0x8bc4 | 0x8c00 | 0d11b688183f010f66c54d2fe3761477 | False | 0.463671875 | data | 5.6066747364381095 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.reloc | 0xc000 | 0xc | 0x200 | 163d66697186c0743c0da6f82247a39a | False | 0.044921875 | data | 0.08153941234324169 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
u | 0xe000 | 0x6000 | 0x4200 | 564045a36507f78af300dae49ffbca5a | False | 0.77734375 | data | 6.933656811505602 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
DLL | Import |
---|---|
mscoree.dll | _CorExeMain |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 24, 2024 18:52:58.523701906 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:52:58.523690939 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:52:58.679857016 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:53:08.126465082 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:53:08.133759022 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:53:08.288155079 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:53:10.031723976 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.031761885 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.032032013 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.032150984 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.032159090 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.032221079 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.032639980 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.032656908 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.032970905 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.032988071 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.420368910 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Jul 24, 2024 18:53:10.420485973 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:53:10.422282934 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Jul 24, 2024 18:53:10.422334909 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:53:10.694550037 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.694906950 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.694932938 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.695858002 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.695935965 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.697036982 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.697092056 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.697302103 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.697309017 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.753691912 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.754487038 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.754503965 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.755552053 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.755616903 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.757770061 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.757889032 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.757983923 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.757992029 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.769747019 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.820749044 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.820772886 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.820784092 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.820801020 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.820808887 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.820816040 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.820832968 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.820863962 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.820883036 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.820915937 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.883415937 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.883471012 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.883518934 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.883537054 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.883562088 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.883568048 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.883589983 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.887698889 CEST | 49719 | 443 | 192.168.2.5 | 142.250.185.132 |
Jul 24, 2024 18:53:10.887738943 CEST | 443 | 49719 | 142.250.185.132 | 192.168.2.5 |
Jul 24, 2024 18:53:10.887809038 CEST | 49719 | 443 | 192.168.2.5 | 142.250.185.132 |
Jul 24, 2024 18:53:10.888087988 CEST | 49719 | 443 | 192.168.2.5 | 142.250.185.132 |
Jul 24, 2024 18:53:10.888098001 CEST | 443 | 49719 | 142.250.185.132 | 192.168.2.5 |
Jul 24, 2024 18:53:10.897825956 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.897893906 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.897898912 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.897906065 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.897964001 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.899844885 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.908315897 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.908338070 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.908371925 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.908381939 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.908412933 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.937200069 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.937252045 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.937262058 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.937308073 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.937418938 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.937465906 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.937489033 CEST | 49718 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.937505960 CEST | 443 | 49718 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.974349976 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.974386930 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.974428892 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.974448919 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.974472046 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.974478960 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.974508047 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.974510908 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.974525928 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.979643106 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:10.979692936 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:10.979767084 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:10.980071068 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:10.980086088 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:10.982553005 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.982575893 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.982616901 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.982619047 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.982636929 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.982661963 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:10.982669115 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:10.982685089 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.066543102 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.066610098 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.066629887 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.066649914 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.066651106 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.066684961 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.066685915 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.066715002 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.072711945 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.072732925 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.072772026 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.072777987 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.072791100 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.072813988 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.072823048 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.072835922 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.078295946 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.078334093 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.078360081 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.078363895 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.078392982 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.078397036 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.078404903 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.078416109 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.078447104 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.159635067 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.159682035 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.159709930 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.159723043 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.159754038 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.165004969 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.165054083 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.165071964 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.165081978 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.165117979 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.169362068 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.169401884 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.169430971 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.169440985 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.169471979 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.173224926 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.173270941 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.173286915 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.173295975 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.173343897 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.177273989 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.177314043 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.177347898 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.177356005 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.177386999 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.180730104 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.180775881 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.180797100 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.180804968 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.180840015 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.183026075 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.183079004 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.183094978 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.183103085 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.183134079 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.183208942 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.183262110 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.183465004 CEST | 49717 | 443 | 192.168.2.5 | 13.107.246.42 |
Jul 24, 2024 18:53:11.183480978 CEST | 443 | 49717 | 13.107.246.42 | 192.168.2.5 |
Jul 24, 2024 18:53:11.372353077 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:11.372400999 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.372644901 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:11.372920990 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:11.372941017 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.576864004 CEST | 443 | 49719 | 142.250.185.132 | 192.168.2.5 |
Jul 24, 2024 18:53:11.577115059 CEST | 49719 | 443 | 192.168.2.5 | 142.250.185.132 |
Jul 24, 2024 18:53:11.577155113 CEST | 443 | 49719 | 142.250.185.132 | 192.168.2.5 |
Jul 24, 2024 18:53:11.578597069 CEST | 443 | 49719 | 142.250.185.132 | 192.168.2.5 |
Jul 24, 2024 18:53:11.578659058 CEST | 49719 | 443 | 192.168.2.5 | 142.250.185.132 |
Jul 24, 2024 18:53:11.625484943 CEST | 49719 | 443 | 192.168.2.5 | 142.250.185.132 |
Jul 24, 2024 18:53:11.625727892 CEST | 443 | 49719 | 142.250.185.132 | 192.168.2.5 |
Jul 24, 2024 18:53:11.666373014 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.770498991 CEST | 49719 | 443 | 192.168.2.5 | 142.250.185.132 |
Jul 24, 2024 18:53:11.770509958 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:11.770534039 CEST | 443 | 49719 | 142.250.185.132 | 192.168.2.5 |
Jul 24, 2024 18:53:11.805725098 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:11.805757046 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.809039116 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.809056044 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.809102058 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:11.814985037 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:11.815083027 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.815541029 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:11.815560102 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.931448936 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.931479931 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.931499004 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.931538105 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.931560040 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.931576014 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:11.931632996 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.931674957 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:11.931674957 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:11.931674957 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:11.931704044 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:11.959450006 CEST | 49719 | 443 | 192.168.2.5 | 142.250.185.132 |
Jul 24, 2024 18:53:12.020756960 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.020792961 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.020814896 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.020869970 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.020875931 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.020904064 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.020930052 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.020967007 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.020967007 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.020971060 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.021001101 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.021001101 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.023262978 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.023283958 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.023304939 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.023336887 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.023345947 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.023377895 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.023379087 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.023394108 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.023423910 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.023425102 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.023459911 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.024152994 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.024220943 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.024235964 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.024291039 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.024312019 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.024379015 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.024524927 CEST | 49721 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.024554014 CEST | 443 | 49721 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.082865953 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.083255053 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.083331108 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.085436106 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:12.085470915 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:12.085602999 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:12.086895943 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.086973906 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.087304115 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.087374926 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.087435007 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.087461948 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.088026047 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:12.088037968 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:12.205929995 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.205985069 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.206028938 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.206070900 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.206088066 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.206095934 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.206119061 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.294306040 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.294342041 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.294399023 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.294416904 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.294431925 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.294522047 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.294569969 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.294569969 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.297326088 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.297348976 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.297390938 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.297395945 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.297415972 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.297422886 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.297435045 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.297451973 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.297451973 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.297472954 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.297478914 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.297491074 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.297512054 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.389373064 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.389473915 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.389476061 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.389537096 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.389555931 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.389566898 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.389586926 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.389616013 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.389619112 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.389642954 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.389646053 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.389662027 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.391547918 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.391582012 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.391628027 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.391640902 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.391659021 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.391659021 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.391686916 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.391700029 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.391719103 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.394448996 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.394495010 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.394507885 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.394511938 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.394532919 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.394540071 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.394578934 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.394579887 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.396296024 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.396336079 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.396357059 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.396372080 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.396388054 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.396400928 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.396416903 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.491396904 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.491425037 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.491471052 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.491509914 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.491532087 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.493504047 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.493514061 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.493529081 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.493568897 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.493573904 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.493612051 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.493624926 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.493644953 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.496325016 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.496383905 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.496392965 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.496428967 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.496459007 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.496474981 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.496509075 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.496509075 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.496510029 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.498207092 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.498229027 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.498269081 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.498285055 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.498301983 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.500058889 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.500082970 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.500127077 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.500144005 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.500159025 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.501090050 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.501133919 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.501152039 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.501163006 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.501188040 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.501190901 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.501312971 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.501322985 CEST | 443 | 49725 | 13.107.246.60 | 192.168.2.5 |
Jul 24, 2024 18:53:12.501338005 CEST | 49725 | 443 | 192.168.2.5 | 13.107.246.60 |
Jul 24, 2024 18:53:12.773364067 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:12.773443937 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:12.777299881 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:12.777309895 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:12.777678013 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:12.829602003 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:12.876501083 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:13.062930107 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:13.063107967 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:13.063121080 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:13.063154936 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:13.063170910 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:13.063178062 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:13.063186884 CEST | 49726 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:13.063190937 CEST | 443 | 49726 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:13.106828928 CEST | 49727 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:13.106874943 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:13.106954098 CEST | 49727 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:13.107276917 CEST | 49727 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:13.107291937 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:14.255088091 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:14.255184889 CEST | 49727 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:14.258939981 CEST | 49727 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:14.258951902 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:14.259294987 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:14.260787964 CEST | 49727 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:14.304513931 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:14.531763077 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:14.531939030 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:14.532001972 CEST | 49727 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:14.533118963 CEST | 49727 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:14.533137083 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:14.533150911 CEST | 49727 | 443 | 192.168.2.5 | 184.28.90.27 |
Jul 24, 2024 18:53:14.533157110 CEST | 443 | 49727 | 184.28.90.27 | 192.168.2.5 |
Jul 24, 2024 18:53:18.526707888 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:18.526797056 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:18.526906013 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:18.527932882 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:18.527964115 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:19.264420986 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:19.264523029 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:19.267142057 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:19.267177105 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:19.267570019 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:19.320291996 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:20.007304907 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:20.048507929 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:20.245163918 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:20.245230913 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:20.245258093 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:20.245281935 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:20.245301008 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:20.245321989 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:20.245342016 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:20.245343924 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:20.245368958 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:20.245399952 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:20.245418072 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:20.245498896 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:20.245562077 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:20.245574951 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:20.245774984 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:20.245835066 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:20.834806919 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:53:20.834845066 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:53:20.835129976 CEST | 49756 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:53:20.835213900 CEST | 443 | 49756 | 23.1.237.91 | 192.168.2.5 |
Jul 24, 2024 18:53:20.835369110 CEST | 49756 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:53:20.840020895 CEST | 49756 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:53:20.840058088 CEST | 443 | 49756 | 23.1.237.91 | 192.168.2.5 |
Jul 24, 2024 18:53:21.160258055 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Jul 24, 2024 18:53:21.160296917 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Jul 24, 2024 18:53:21.189361095 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:21.189430952 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:21.189466000 CEST | 49742 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:21.189501047 CEST | 443 | 49742 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:21.477754116 CEST | 443 | 49719 | 142.250.185.132 | 192.168.2.5 |
Jul 24, 2024 18:53:21.477828979 CEST | 443 | 49719 | 142.250.185.132 | 192.168.2.5 |
Jul 24, 2024 18:53:21.477930069 CEST | 49719 | 443 | 192.168.2.5 | 142.250.185.132 |
Jul 24, 2024 18:53:21.811711073 CEST | 443 | 49756 | 23.1.237.91 | 192.168.2.5 |
Jul 24, 2024 18:53:21.811815023 CEST | 49756 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:53:22.709281921 CEST | 49719 | 443 | 192.168.2.5 | 142.250.185.132 |
Jul 24, 2024 18:53:22.709290981 CEST | 443 | 49719 | 142.250.185.132 | 192.168.2.5 |
Jul 24, 2024 18:53:40.961194992 CEST | 443 | 49756 | 23.1.237.91 | 192.168.2.5 |
Jul 24, 2024 18:53:40.961299896 CEST | 49756 | 443 | 192.168.2.5 | 23.1.237.91 |
Jul 24, 2024 18:53:49.122293949 CEST | 63957 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:53:49.127379894 CEST | 53 | 63957 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:53:49.127499104 CEST | 63957 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:53:49.128370047 CEST | 63957 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:53:49.134016991 CEST | 53 | 63957 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:53:49.593832016 CEST | 53 | 63957 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:53:49.594662905 CEST | 63957 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:53:49.600158930 CEST | 53 | 63957 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:53:49.600241899 CEST | 63957 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:53:57.622677088 CEST | 63959 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:57.622762918 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:57.622853994 CEST | 63959 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:57.623191118 CEST | 63959 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:57.623213053 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.410725117 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.410928965 CEST | 63959 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:59.416260958 CEST | 63959 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:59.416269064 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.416709900 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.424328089 CEST | 63959 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:59.468544006 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.696724892 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.696805000 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.696890116 CEST | 63959 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:59.696903944 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.697031021 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.697098017 CEST | 63959 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:59.697105885 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.699424028 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.699467897 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.699496984 CEST | 63959 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:59.699501991 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.699548960 CEST | 63959 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:59.700509071 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.700575113 CEST | 63959 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:59.700803995 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.700895071 CEST | 63959 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:59.702775002 CEST | 63959 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:59.702790022 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:53:59.702820063 CEST | 63959 | 443 | 192.168.2.5 | 13.85.23.86 |
Jul 24, 2024 18:53:59.702825069 CEST | 443 | 63959 | 13.85.23.86 | 192.168.2.5 |
Jul 24, 2024 18:54:11.508202076 CEST | 63961 | 443 | 192.168.2.5 | 142.250.185.100 |
Jul 24, 2024 18:54:11.508291960 CEST | 443 | 63961 | 142.250.185.100 | 192.168.2.5 |
Jul 24, 2024 18:54:11.508416891 CEST | 63961 | 443 | 192.168.2.5 | 142.250.185.100 |
Jul 24, 2024 18:54:11.508611917 CEST | 63961 | 443 | 192.168.2.5 | 142.250.185.100 |
Jul 24, 2024 18:54:11.508642912 CEST | 443 | 63961 | 142.250.185.100 | 192.168.2.5 |
Jul 24, 2024 18:54:12.166414976 CEST | 443 | 63961 | 142.250.185.100 | 192.168.2.5 |
Jul 24, 2024 18:54:12.166840076 CEST | 63961 | 443 | 192.168.2.5 | 142.250.185.100 |
Jul 24, 2024 18:54:12.166906118 CEST | 443 | 63961 | 142.250.185.100 | 192.168.2.5 |
Jul 24, 2024 18:54:12.167608976 CEST | 443 | 63961 | 142.250.185.100 | 192.168.2.5 |
Jul 24, 2024 18:54:12.168039083 CEST | 63961 | 443 | 192.168.2.5 | 142.250.185.100 |
Jul 24, 2024 18:54:12.168158054 CEST | 443 | 63961 | 142.250.185.100 | 192.168.2.5 |
Jul 24, 2024 18:54:12.221734047 CEST | 63961 | 443 | 192.168.2.5 | 142.250.185.100 |
Jul 24, 2024 18:54:22.067733049 CEST | 443 | 63961 | 142.250.185.100 | 192.168.2.5 |
Jul 24, 2024 18:54:22.067838907 CEST | 443 | 63961 | 142.250.185.100 | 192.168.2.5 |
Jul 24, 2024 18:54:22.067897081 CEST | 63961 | 443 | 192.168.2.5 | 142.250.185.100 |
Jul 24, 2024 18:54:23.182384968 CEST | 63961 | 443 | 192.168.2.5 | 142.250.185.100 |
Jul 24, 2024 18:54:23.182463884 CEST | 443 | 63961 | 142.250.185.100 | 192.168.2.5 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 24, 2024 18:53:06.810446024 CEST | 53 | 49396 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:53:06.817857981 CEST | 53 | 57916 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:53:07.951709986 CEST | 53 | 52837 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:53:10.018311977 CEST | 52902 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:53:10.018377066 CEST | 53773 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:53:10.878650904 CEST | 56196 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:53:10.879023075 CEST | 53678 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:53:10.886687994 CEST | 53 | 56196 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:53:10.886912107 CEST | 53 | 53678 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:53:11.362303019 CEST | 63224 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:53:11.362581015 CEST | 64580 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:53:23.178606033 CEST | 56614 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:53:23.179074049 CEST | 50943 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:53:23.180684090 CEST | 53 | 59031 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:53:25.248794079 CEST | 53 | 49271 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:53:44.060405016 CEST | 53 | 54798 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:53:49.121751070 CEST | 53 | 53976 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:54:06.640260935 CEST | 53 | 55704 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:54:10.932185888 CEST | 65131 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:54:10.932307005 CEST | 54309 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:54:11.505426884 CEST | 53 | 65131 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:54:11.505471945 CEST | 53 | 54309 | 1.1.1.1 | 192.168.2.5 |
Jul 24, 2024 18:54:24.750617981 CEST | 62803 | 53 | 192.168.2.5 | 1.1.1.1 |
Jul 24, 2024 18:54:24.750793934 CEST | 65306 | 53 | 192.168.2.5 | 1.1.1.1 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jul 24, 2024 18:53:10.018311977 CEST | 192.168.2.5 | 1.1.1.1 | 0x79f3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 24, 2024 18:53:10.018377066 CEST | 192.168.2.5 | 1.1.1.1 | 0xac0f | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 24, 2024 18:53:10.878650904 CEST | 192.168.2.5 | 1.1.1.1 | 0xdfa1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 24, 2024 18:53:10.879023075 CEST | 192.168.2.5 | 1.1.1.1 | 0x66c9 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 24, 2024 18:53:11.362303019 CEST | 192.168.2.5 | 1.1.1.1 | 0xc1cf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 24, 2024 18:53:11.362581015 CEST | 192.168.2.5 | 1.1.1.1 | 0x4606 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 24, 2024 18:53:23.178606033 CEST | 192.168.2.5 | 1.1.1.1 | 0xa14f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 24, 2024 18:53:23.179074049 CEST | 192.168.2.5 | 1.1.1.1 | 0xeb75 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 24, 2024 18:54:10.932185888 CEST | 192.168.2.5 | 1.1.1.1 | 0x354e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 24, 2024 18:54:10.932307005 CEST | 192.168.2.5 | 1.1.1.1 | 0xd616 | Standard query (0) | 65 | IN (0x0001) | false | |
Jul 24, 2024 18:54:24.750617981 CEST | 192.168.2.5 | 1.1.1.1 | 0xda4e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jul 24, 2024 18:54:24.750793934 CEST | 192.168.2.5 | 1.1.1.1 | 0x896c | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jul 24, 2024 18:53:10.026599884 CEST | 1.1.1.1 | 192.168.2.5 | 0xb16a | No error (0) | firstparty-azurefd-prod.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:10.030579090 CEST | 1.1.1.1 | 192.168.2.5 | 0xa6ee | No error (0) | firstparty-azurefd-prod.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:10.030579090 CEST | 1.1.1.1 | 192.168.2.5 | 0xa6ee | No error (0) | s-part-0014.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:10.030579090 CEST | 1.1.1.1 | 192.168.2.5 | 0xa6ee | No error (0) | 13.107.246.42 | A (IP address) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:10.030608892 CEST | 1.1.1.1 | 192.168.2.5 | 0x79f3 | No error (0) | aijscdn2.azureedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:10.030608892 CEST | 1.1.1.1 | 192.168.2.5 | 0x79f3 | No error (0) | s-part-0014.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:10.030608892 CEST | 1.1.1.1 | 192.168.2.5 | 0x79f3 | No error (0) | 13.107.246.42 | A (IP address) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:10.030637980 CEST | 1.1.1.1 | 192.168.2.5 | 0xac0f | No error (0) | aijscdn2.azureedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:10.886687994 CEST | 1.1.1.1 | 192.168.2.5 | 0xdfa1 | No error (0) | 142.250.185.132 | A (IP address) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:10.886912107 CEST | 1.1.1.1 | 192.168.2.5 | 0x66c9 | No error (0) | 65 | IN (0x0001) | false | |||
Jul 24, 2024 18:53:10.978986025 CEST | 1.1.1.1 | 192.168.2.5 | 0x6d22 | No error (0) | firstparty-azurefd-prod.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:10.978986025 CEST | 1.1.1.1 | 192.168.2.5 | 0x6d22 | No error (0) | s-part-0032.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:10.978986025 CEST | 1.1.1.1 | 192.168.2.5 | 0x6d22 | No error (0) | 13.107.246.60 | A (IP address) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:10.979023933 CEST | 1.1.1.1 | 192.168.2.5 | 0xb0cf | No error (0) | firstparty-azurefd-prod.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:11.370462894 CEST | 1.1.1.1 | 192.168.2.5 | 0xc1cf | No error (0) | aijscdn2.azureedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:11.370462894 CEST | 1.1.1.1 | 192.168.2.5 | 0xc1cf | No error (0) | s-part-0032.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:11.370462894 CEST | 1.1.1.1 | 192.168.2.5 | 0xc1cf | No error (0) | 13.107.246.60 | A (IP address) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:11.371921062 CEST | 1.1.1.1 | 192.168.2.5 | 0x4606 | No error (0) | aijscdn2.azureedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:23.187575102 CEST | 1.1.1.1 | 192.168.2.5 | 0xa14f | No error (0) | mdec.nelreports.net.akamaized.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:23.192919016 CEST | 1.1.1.1 | 192.168.2.5 | 0xeb75 | No error (0) | mdec.nelreports.net.akamaized.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:24.336957932 CEST | 1.1.1.1 | 192.168.2.5 | 0x7eb8 | No error (0) | c-msn-com-nsatc.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:24.340919971 CEST | 1.1.1.1 | 192.168.2.5 | 0x21d4 | No error (0) | c-msn-com-nsatc.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:27.927747965 CEST | 1.1.1.1 | 192.168.2.5 | 0x5292 | No error (0) | c-msn-com-nsatc.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:53:27.930493116 CEST | 1.1.1.1 | 192.168.2.5 | 0xe545 | No error (0) | c-msn-com-nsatc.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:54:11.505426884 CEST | 1.1.1.1 | 192.168.2.5 | 0x354e | No error (0) | 142.250.185.100 | A (IP address) | IN (0x0001) | false | ||
Jul 24, 2024 18:54:11.505471945 CEST | 1.1.1.1 | 192.168.2.5 | 0xd616 | No error (0) | 65 | IN (0x0001) | false | |||
Jul 24, 2024 18:54:24.759488106 CEST | 1.1.1.1 | 192.168.2.5 | 0x896c | No error (0) | mdec.nelreports.net.akamaized.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jul 24, 2024 18:54:24.760451078 CEST | 1.1.1.1 | 192.168.2.5 | 0xda4e | No error (0) | mdec.nelreports.net.akamaized.net | CNAME (Canonical name) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49718 | 13.107.246.42 | 443 | 2820 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-24 16:53:10 UTC | 551 | OUT | |
2024-07-24 16:53:10 UTC | 713 | IN | |
2024-07-24 16:53:10 UTC | 15671 | IN | |
2024-07-24 16:53:10 UTC | 16384 | IN | |
2024-07-24 16:53:10 UTC | 711 | IN | |
2024-07-24 16:53:10 UTC | 16384 | IN | |
2024-07-24 16:53:10 UTC | 3567 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49717 | 13.107.246.42 | 443 | 2820 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-24 16:53:10 UTC | 549 | OUT | |
2024-07-24 16:53:10 UTC | 958 | IN | |
2024-07-24 16:53:10 UTC | 15426 | IN | |
2024-07-24 16:53:10 UTC | 16384 | IN | |
2024-07-24 16:53:10 UTC | 16384 | IN | |
2024-07-24 16:53:11 UTC | 16384 | IN | |
2024-07-24 16:53:11 UTC | 16384 | IN | |
2024-07-24 16:53:11 UTC | 16384 | IN | |
2024-07-24 16:53:11 UTC | 16384 | IN | |
2024-07-24 16:53:11 UTC | 16384 | IN | |
2024-07-24 16:53:11 UTC | 16384 | IN | |
2024-07-24 16:53:11 UTC | 16384 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49721 | 13.107.246.60 | 443 | 2820 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-24 16:53:11 UTC | 373 | OUT | |
2024-07-24 16:53:11 UTC | 713 | IN | |
2024-07-24 16:53:11 UTC | 15671 | IN | |
2024-07-24 16:53:12 UTC | 16384 | IN | |
2024-07-24 16:53:12 UTC | 82 | IN | |
2024-07-24 16:53:12 UTC | 16384 | IN | |
2024-07-24 16:53:12 UTC | 4196 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.5 | 49725 | 13.107.246.60 | 443 | 2820 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-24 16:53:12 UTC | 370 | OUT | |
2024-07-24 16:53:12 UTC | 958 | IN | |
2024-07-24 16:53:12 UTC | 15426 | IN | |
2024-07-24 16:53:12 UTC | 16384 | IN | |
2024-07-24 16:53:12 UTC | 16384 | IN | |
2024-07-24 16:53:12 UTC | 16384 | IN | |
2024-07-24 16:53:12 UTC | 16384 | IN | |
2024-07-24 16:53:12 UTC | 16384 | IN | |
2024-07-24 16:53:12 UTC | 16384 | IN | |
2024-07-24 16:53:12 UTC | 16384 | IN | |
2024-07-24 16:53:12 UTC | 16384 | IN | |
2024-07-24 16:53:12 UTC | 16384 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.5 | 49726 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-24 16:53:12 UTC | 161 | OUT | |
2024-07-24 16:53:13 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.5 | 49727 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-24 16:53:14 UTC | 239 | OUT | |
2024-07-24 16:53:14 UTC | 514 | IN | |
2024-07-24 16:53:14 UTC | 55 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.5 | 49742 | 13.85.23.86 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-24 16:53:20 UTC | 306 | OUT | |
2024-07-24 16:53:20 UTC | 560 | IN | |
2024-07-24 16:53:20 UTC | 15824 | IN | |
2024-07-24 16:53:20 UTC | 8666 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.5 | 63959 | 13.85.23.86 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-07-24 16:53:59 UTC | 306 | OUT | |
2024-07-24 16:53:59 UTC | 560 | IN | |
2024-07-24 16:53:59 UTC | 15824 | IN | |
2024-07-24 16:53:59 UTC | 14181 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 12:52:59 |
Start date: | 24/07/2024 |
Path: | C:\Users\user\Desktop\7F95320763FDCB0F731CE91FB8E178D4110E10A1D56836F442BA34C6F2A631F6.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x680000 |
File size: | 53'760 bytes |
MD5 hash: | 1A4AC0F78511C028B51E0B302B080946 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | low |
Has exited: | true |
Target ID: | 2 |
Start time: | 12:53:04 |
Start date: | 24/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |
Target ID: | 4 |
Start time: | 12:53:04 |
Start date: | 24/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |
Target ID: | 5 |
Start time: | 12:53:07 |
Start date: | 24/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 6 |
Start time: | 12:53:08 |
Start date: | 24/07/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff715980000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |