Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
F4ged15cJ3.elf

Overview

General Information

Sample name:F4ged15cJ3.elf
renamed because original name is a hash value
Original sample name:f5388d6edb7b27755ddb3a481b5efdeb.elf
Analysis ID:1540787
MD5:f5388d6edb7b27755ddb3a481b5efdeb
SHA1:1059ef5dc720e111fec66b58a5c20a3f7842a9c5
SHA256:d7f066f073657267d0e6b9fc0f78f0a840e659f4a380daec91581416569693f9
Tags:32elfmiraimotorola
Infos:

Detection

Mirai
Score:76
Range:0 - 100
Whitelisted:false

Signatures

Antivirus / Scanner detection for submitted sample
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Yara detected Mirai
Sample tries to kill multiple processes (SIGKILL)
Creates hidden files and/or directories
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Sample has stripped symbol table
Sample tries to kill a process (SIGKILL)
Uses the "uname" system call to query kernel version information (possible evasion)
Yara signature match

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1540787
Start date and time:2024-10-24 06:57:08 +02:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 5m 29s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:F4ged15cJ3.elf
renamed because original name is a hash value
Original Sample Name:f5388d6edb7b27755ddb3a481b5efdeb.elf
Detection:MAL
Classification:mal76.spre.troj.linELF@0/51@2/0

Runtime Messages

Command:/tmp/F4ged15cJ3.elf
PID:5477
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
lzrd cock fest"/proc/"/exe
Standard Error:

Process Tree

  • system is lnxubuntu20
  • wrapper-2.0 (PID: 5492, Parent: 3147, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray "Notification Area" "Area where notification icons appear"
  • wrapper-2.0 (PID: 5493, Parent: 3147, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921 statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
  • wrapper-2.0 (PID: 5494, Parent: 3147, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8 12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
  • wrapper-2.0 (PID: 5495, Parent: 3147, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9 12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness of your display"
    • xfpm-power-backlight-helper (PID: 5514, Parent: 5495, MD5: 3d221ad23f28ca3259f599b1664e2427) Arguments: /usr/sbin/xfpm-power-backlight-helper --get-max-brightness
  • wrapper-2.0 (PID: 5496, Parent: 3147, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so 10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
  • wrapper-2.0 (PID: 5497, Parent: 3147, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925 actions "Action Buttons" "Log out, lock or other system actions"
  • xfconfd (PID: 5513, Parent: 5512, MD5: 4c7a0d6d258bb970905b19b84abcd8e9) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
  • systemd New Fork (PID: 5520, Parent: 2935)
  • xfce4-notifyd (PID: 5520, Parent: 2935, MD5: eee956f1b227c1d5031f9c61223255d1) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd
  • systemd New Fork (PID: 5606, Parent: 1)
  • logrotate (PID: 5606, Parent: 1, MD5: ff9f6831debb63e53a31ff8057143af6) Arguments: /usr/sbin/logrotate /etc/logrotate.conf
  • systemd New Fork (PID: 5607, Parent: 1)
  • install (PID: 5607, Parent: 1, MD5: 55e2520049dc6a62e8c94732e36cdd54) Arguments: /usr/bin/install -d -o man -g man -m 0755 /var/cache/man
  • systemd New Fork (PID: 5644, Parent: 1)
  • find (PID: 5644, Parent: 1, MD5: b68ef002f84cc54dd472238ba7df80ab) Arguments: /usr/bin/find /var/cache/man -type f -name *.gz -atime +6 -delete
  • systemd New Fork (PID: 5669, Parent: 1)
  • mandb (PID: 5669, Parent: 1, MD5: 1dda5ea0027ecf1c2db0f5a3de7e6941) Arguments: /usr/bin/mandb --quiet
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
MiraiMirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
F4ged15cJ3.elfJoeSecurity_Mirai_8Yara detected MiraiJoe Security
    F4ged15cJ3.elfLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
    • 0xc1e4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc1f8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc20c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc220:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc234:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc248:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc25c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc270:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc284:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc298:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc2ac:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc2c0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc2d4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc2e8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc2fc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc310:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc324:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc338:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc34c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc360:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc374:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    F4ged15cJ3.elfLinux_Trojan_Gafgyt_ea92cca8unknownunknown
    • 0xc735:$a: 53 65 6C 66 20 52 65 70 20 46 75 63 6B 69 6E 67 20 4E 65 54 69 53 20 61 6E 64

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    5482.1.00007f92f8001000.00007f92f800f000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
      5482.1.00007f92f8001000.00007f92f800f000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
      • 0xc1e4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc1f8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc20c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc220:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc234:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc248:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc25c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc270:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc284:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc298:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc2ac:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc2c0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc2d4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc2e8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc2fc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc310:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc324:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc338:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc34c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc360:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc374:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      5482.1.00007f92f8001000.00007f92f800f000.r-x.sdmpLinux_Trojan_Gafgyt_ea92cca8unknownunknown
      • 0xc735:$a: 53 65 6C 66 20 52 65 70 20 46 75 63 6B 69 6E 67 20 4E 65 54 69 53 20 61 6E 64
      5477.1.00007f92f8001000.00007f92f800f000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
        5477.1.00007f92f8001000.00007f92f800f000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
        • 0xc1e4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc1f8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc20c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc220:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc234:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc248:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc25c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc270:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc284:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc298:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc2ac:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc2c0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc2d4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc2e8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc2fc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc310:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc324:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc338:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc34c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc360:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc374:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        Click to see the 4 entries

        Suricata Signatures

        No Suricata rule has matched

        Joe Sandbox Signatures

        Click to jump to signature section

        Show All Signature Results

        AV Detection

        barindex
        Antivirus / Scanner detection for submitted sample
        Source: F4ged15cJ3.elfAvira: detected
        Multi AV Scanner detection for submitted file
        Source: F4ged15cJ3.elfReversingLabs: Detection: 65%
        Source: F4ged15cJ3.elfVirustotal: Detection: 63%Perma Link
        Source: global trafficTCP traffic: 192.168.2.13:41258 -> 79.133.46.243:3778
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: unknownTCP traffic detected without corresponding DNS query: 79.133.46.243
        Source: global trafficDNS traffic detected: DNS query: daisy.ubuntu.com

        System Summary

        barindex
        Malicious sample detected (through community Yara rule)
        Source: F4ged15cJ3.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
        Source: F4ged15cJ3.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
        Source: 5482.1.00007f92f8001000.00007f92f800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
        Source: 5482.1.00007f92f8001000.00007f92f800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
        Source: 5477.1.00007f92f8001000.00007f92f800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
        Source: 5477.1.00007f92f8001000.00007f92f800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
        Source: Process Memory Space: F4ged15cJ3.elf PID: 5482, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
        Source: Process Memory Space: F4ged15cJ3.elf PID: 5482, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
        Sample tries to kill multiple processes (SIGKILL)
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3104, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3161, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3162, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3163, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3164, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3165, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3170, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3182, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3208, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3212, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5492, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5493, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5494, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5495, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5496, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5497, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5513, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5520, result: successfulJump to behavior
        Source: ELF static info symbol of initial sample.symtab present: no
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3104, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3161, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3162, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3163, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3164, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3165, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3170, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3182, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3208, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 3212, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5492, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5493, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5494, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5495, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5496, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5497, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5513, result: successfulJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)SIGKILL sent: pid: 5520, result: successfulJump to behavior
        Source: F4ged15cJ3.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
        Source: F4ged15cJ3.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
        Source: 5482.1.00007f92f8001000.00007f92f800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
        Source: 5482.1.00007f92f8001000.00007f92f800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
        Source: 5477.1.00007f92f8001000.00007f92f800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
        Source: 5477.1.00007f92f8001000.00007f92f800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
        Source: Process Memory Space: F4ged15cJ3.elf PID: 5482, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
        Source: Process Memory Space: F4ged15cJ3.elf PID: 5482, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
        Source: classification engineClassification label: mal76.spre.troj.linELF@0/51@2/0
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5492)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5493)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5494)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /home/saturnino/.fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/X11/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /home/saturnino/.fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/X11/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /home/saturnino/.cacheJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /home/saturnino/.localJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Directory: /home/saturnino/.configJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /home/saturnino/.fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/X11/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5513)Directory: /home/saturnino/.cacheJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5513)Directory: /home/saturnino/.localJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5513)Directory: /home/saturnino/.configJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5513)Directory: /home/saturnino/.configJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 5520)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 5520)Directory: /home/saturnino/.cacheJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 5520)Directory: /home/saturnino/.localJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 5520)Directory: /home/saturnino/.configJump to behavior
        Source: /usr/sbin/logrotate (PID: 5606)Directory: //.Jump to behavior
        Source: /usr/bin/find (PID: 5644)Directory: //.Jump to behavior
        Source: /usr/bin/mandb (PID: 5669)Directory: /var/cache/man/.manpathJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3122/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3117/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3114/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3632/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/914/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/518/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/519/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/917/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3134/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3375/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3132/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3095/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1745/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1866/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1588/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/884/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1982/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/765/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3246/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/767/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/800/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1906/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/802/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/803/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/5426/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1748/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/5322/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3420/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1482/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/490/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1480/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1755/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1238/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1875/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/2964/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3413/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1751/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1872/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/2961/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1475/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/656/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/778/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/657/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/658/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/5677/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/659/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/418/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/936/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/419/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/816/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1879/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1891/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3310/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3153/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/780/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/660/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1921/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3826/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/5608/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/783/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1765/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/5609/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/2974/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1400/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1884/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3424/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/2972/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3709/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3147/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/2970/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1881/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3146/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3300/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1805/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1925/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1804/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1648/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1922/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3429/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/5461/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/5462/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/5620/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3442/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3165/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3164/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3163/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3162/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/790/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3161/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/792/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/5618/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/793/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/672/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/5619/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1930/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/674/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/795/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3315/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1411/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/2984/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/1410/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/797/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/676/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3434/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5480)File opened: /proc/3158/cmdlineJump to behavior
        Source: /tmp/F4ged15cJ3.elf (PID: 5477)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5492)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5493)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5494)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5495)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5496)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5497)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 5520)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/bin/find (PID: 5644)Queries kernel information via 'uname': Jump to behavior
        Source: 5669.41.drBinary or memory string: -9915837702310A--gzvmware kernel module
        Source: 5669.41.drBinary or memory string: -1116261022170A--gzQEMU User Emulator
        Source: 5669.41.drBinary or memory string: qemu-or1k
        Source: 5669.41.drBinary or memory string: qemu-riscv64
        Source: 5669.41.drBinary or memory string: qemu-arm
        Source: 5669.41.drBinary or memory string: (qemu
        Source: 5669.41.drBinary or memory string: qemu-tilegx
        Source: 5669.41.drBinary or memory string: qemu-hppa
        Source: 5669.41.drBinary or memory string: q{rqemu%
        Source: 5669.41.drBinary or memory string: )qemu
        Source: 5669.41.drBinary or memory string: vmware-toolbox-cmd
        Source: 5669.41.drBinary or memory string: qemu-ppc
        Source: 5669.41.drBinary or memory string: Tqemu9
        Source: F4ged15cJ3.elf, 5477.1.0000561f86ff2000.0000561f87077000.rw-.sdmp, F4ged15cJ3.elf, 5482.1.0000561f86ff2000.0000561f87077000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/m68k
        Source: F4ged15cJ3.elf, 5477.1.0000561f86ff2000.0000561f87077000.rw-.sdmp, F4ged15cJ3.elf, 5482.1.0000561f86ff2000.0000561f87077000.rw-.sdmpBinary or memory string: V!/etc/qemu-binfmt/m68k
        Source: 5669.41.drBinary or memory string: qemu-aarch64_be
        Source: 5669.41.drBinary or memory string: 0qemu9
        Source: 5669.41.drBinary or memory string: qemu-sparc64
        Source: 5669.41.drBinary or memory string: qemu-mips64
        Source: 5669.41.drBinary or memory string: vV:qemu9
        Source: 5669.41.drBinary or memory string: <prezip-bin-1116269780060A--gzprefix zip delta word list compressor/decompressornameif-8815490444730A--gzname network interfaces based on MAC addressesxdg-user-dirs-update-1115483406210A--gzUpdate XDG user dir configurationip-link-8815816145190A--gznetwork device configurationhpsa-4415812813670A--gzHP Smart Array SCSI driverhd4-4415812813670A--gzMFM/IDE hard disk devicessane-canon630u-5516003468200A--gzSANE backend for the Canon 630u USB flatbed scannersg_copy_results-8815825816070A--gzsend SCSI RECEIVE COPY RESULTS command (XCOPY related)grub-macbless-8816214898500A--gzbless a mac file/directoryntfstruncate-8815568625640A-tgztruncate a file on an NTFS volumelessfile-1115936459130B--gz"input preprocessor" for less.sane-artec-5516003468200A--gzSANE backend for Artec flatbed scannersrmdir-1115676799200A--gzremove empty directoriessystemd-networkd-wait-online.service-8816268940210A--gzWait for network to come onlinemkfs.ntfs-8815568625640B-tgzcreate an NTFS file systemsg_inq-8815825816070A--gzissue SCSI INQUIRY command and/or decode its responseradattr.so-8815955079440Cpppd-radattr-gzc_rehash-1ssl116164130370B--gzCreate symbolic links to files named by the hash valuestc-htb-8815816145190A--gzHierarchy Token Bucketgvfs-open-1115868766090A--gzsg_rbuf-8815825816070A--gzreads data using SCSI READ BUFFER commandglib-compile-schemas-1116155671180A--gzGSettings schema compileropenssl-srp-1ssl116164130370B--gzmaintain SRP password fileopenssl-rehash-1ssl116164130370B--gzCreate symbolic links to files named by the hash valueslibvmtools-3315837702310A--gzvmware shared librarypasswd5-5515906478670A--gzthe password filenet::dbus::dumperNet::DBus::Dumper3pm315773746310A--gzStringify Net::DBus objects suitable for printingsane-hp4200-5516003468200A--gzSANE backend for Hewlett-Packard 4200 scannersposixoptions-7715812813670A--gzoptional parts of the POSIX standardnetworkmanager.confNetworkManager.conf5516002723180A--gzNetworkManager configuration fileownership-8815771238010A--gzCompaq ownership tag retrieveroakdecode-1115804162510A--gzDecode an OAKT printer stream into human readable form.gvfs-save-1115868766090A--gzmkfs.minix-8815953177680A--gzmake a Minix filesystemuri7-7715812813670A--gzuniform resource identifier (URI), including a URL or URNedit-1115714399500B--gzexecute programs via entries in the mailcap filegit-diff-files-1116148628880A--gzCompares files in the working tree and the index.ldaprc-5516136581350Cldap.conf-gzpactl-1116219586470A--gzControl a running PulseAudio sound servertempfile-1115756848240A--gzcreate a temporary file in a safe mannerhp-check-1115857238880A--gzDependency/Vers
        Source: 5669.41.drBinary or memory string: qemu-ppc64le
        Source: 5669.41.drBinary or memory string: <glib::param::uint64Glib::Param::UInt643pm315820097650A--gzWrapper for uint64 parameters in GLibx86_64-linux-gnu-ld.gold-1116112426130B--gzThe GNU ELF linkerprinter-profile-1115804162510A--gzProfile using X-Rite ColorMunki and Argyll CMSwhoami-1115676799200A--gzprint effective useridgrub-fstest-1116214898500A--gzdebug tool for GRUB filesystem driversxdg-user-dir-1115483406210A--gzFind an XDG user dirkmodsign-1115569251480A--gzKernel module signing toolsensible-editor-1115739932820A--gzsensible editing, paging, and web browsingminesMines6615854478170Cgnome-mines-gzinputattach-1115708189280A--gzattach a serial line to an input-layer devicegapplication-1116155671180A--gzD-Bus application launcherip-tunnel-8815816145190A--gztunnel configurationkoi8rxterm-1116140167530A--gzX terminal emulator for KOI8-R environmentsfoo2hiperc-wrapper-1115804162510A-tgzConvert Postscript into a HIPERC printer streamcryptsetup-reencrypt-8816002888050A--gztool for offline LUKS device re-encryptionsyndaemon-1115861716810A--gza program that monitors keyboard activity and disables the touchpad when the keyboard is being used.gslj-1115980290200B--gzFormat and print text for LaserJet printer using ghostscriptfile2brl-1115757179490A--gzTranslate an xml or a text file into an embosser-ready braille filexfdesktop-settings-1115793419820A--gzDesktop settings for Xfceua-1115856013570B--gzManage Ubuntu Advantage services from Canonicallatin4-7715812813670B--gzISO 8859-4 character set encoded in octal, decimal, and hexadecimalsane-genesys-5516003468200A--gzSANE backend for GL646, GL841, GL843, GL847 and GL124 based USB flatbed scannerspdftohtml-1115853266670A--gzprogram to convert PDF files into HTML, XML and PNG imagesbluetooth-sendto-1116015653360A--gzGTK application for transferring files over Bluetoothqemu-ppc64-1116261022170B--gzQEMU User Emulatorcache_metadata_size-8815811608350A--gzEstimate the size of the metadata device needed for a given configuration.net::dbus::exporterNet::DBus::Exporter3pm315773746310A--gzExport object methods and signals to the bussane-pint-5516003468200A--gzSANE backend for scanners that use the PINT device driverbpf-helpers7-7715812813670A--gzlist of eBPF helper functionsfull-4415812813670A--gzalways full devicelogin-1115906478670A--gzbegin session on the systemcups-snmp-8815877390340A--gzcups snmp backend (deprecated)ordchr-3am315728089600A--gzconvert characters to strings and vice versasosreport-1116092694050A--gzCollect and package diagnostic and support datatop-1115827827270A--gzdisplay Linux processesuri::_punycodeURI::_punycode3pm315811897880A--gzencodes Unicode string in Punycodettytty4tty1systemd-localed-881626894021
        Source: 5669.41.drBinary or memory string: vmware
        Source: 5669.41.drBinary or memory string: qemu-cris
        Source: 5669.41.drBinary or memory string: libvmtools
        Source: 5669.41.drBinary or memory string: qemu-m68k
        Source: 5669.41.drBinary or memory string: qemu-xtensa
        Source: 5669.41.drBinary or memory string: 9qemu
        Source: 5669.41.drBinary or memory string: qemu-sh4
        Source: F4ged15cJ3.elf, 5477.1.00007ffdeec25000.00007ffdeec46000.rw-.sdmp, F4ged15cJ3.elf, 5482.1.00007ffdeec25000.00007ffdeec46000.rw-.sdmpBinary or memory string: /usr/bin/qemu-m68k
        Source: 5669.41.drBinary or memory string: Vqemu m
        Source: 5669.41.drBinary or memory string: .qemu{
        Source: 5669.41.drBinary or memory string: qemu-ppc64abi32
        Source: 5669.41.drBinary or memory string: qemu-ppc64
        Source: 5669.41.drBinary or memory string: qemu-i386
        Source: 5669.41.drBinary or memory string: qemu-x86_64
        Source: 5669.41.drBinary or memory string: H~6\nqemu*q
        Source: 5669.41.drBinary or memory string: @qemu
        Source: 5669.41.drBinary or memory string: Fqqemu
        Source: 5669.41.drBinary or memory string: N4qemu
        Source: 5669.41.drBinary or memory string: ~6\nqemu*q
        Source: 5669.41.drBinary or memory string: qemu-mips64el
        Source: 5669.41.drBinary or memory string: &mqemu
        Source: 5669.41.drBinary or memory string: $qemu
        Source: 5669.41.drBinary or memory string: qemu-sparc
        Source: 5669.41.drBinary or memory string: {cqemujC
        Source: F4ged15cJ3.elf, 5477.1.00007ffdeec25000.00007ffdeec46000.rw-.sdmp, F4ged15cJ3.elf, 5482.1.00007ffdeec25000.00007ffdeec46000.rw-.sdmpBinary or memory string: x86_64/usr/bin/qemu-m68k/tmp/F4ged15cJ3.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/F4ged15cJ3.elf
        Source: 5669.41.drBinary or memory string: qemu-microblaze
        Source: 5669.41.drBinary or memory string: qemu-user
        Source: 5669.41.drBinary or memory string: qemu-aarch64
        Source: 5669.41.drBinary or memory string: qemu-sh4eb
        Source: 5669.41.drBinary or memory string: iqemu
        Source: 5669.41.drBinary or memory string: qemu-mipsel
        Source: 5669.41.drBinary or memory string: qemuP`
        Source: 5669.41.drBinary or memory string: hqemu)
        Source: 5669.41.drBinary or memory string: qemu-alpha
        Source: 5669.41.drBinary or memory string: qemu-microblazeel
        Source: 5669.41.drBinary or memory string: \qemu
        Source: 5669.41.drBinary or memory string: qemu-xtensaeb
        Source: 5669.41.drBinary or memory string: qemu-mipsn32el
        Source: 5669.41.drBinary or memory string: SAqemu
        Source: 5669.41.drBinary or memory string: qemu-mipsn32
        Source: 5669.41.drBinary or memory string: qemuAU
        Source: 5669.41.drBinary or memory string: qemu-riscv32
        Source: 5669.41.drBinary or memory string: qemu-sparc32plus
        Source: 5669.41.drBinary or memory string: 7,qemu
        Source: 5669.41.drBinary or memory string: qemu-s390x
        Source: 5669.41.drBinary or memory string: vmware-checkvm
        Source: 5669.41.drBinary or memory string: qemu-nios2
        Source: 5669.41.drBinary or memory string: qemu-armeb
        Source: 5669.41.drBinary or memory string: -4415868968400A--gzVMware SVGA video driver
        Source: 5669.41.drBinary or memory string: 7xml::parser::style::streamXML::Parser::Style::Stream3pm315701248990A--gzStream style for XML::Parsersystemd-timedated-8816268940210B--gzTime and date bus mechanismxfce4-keyboard-settings-1115867081120A--gzKeyboard settings for Xfcepygettext2-1115841026830B--gzPython equivalent of xgettext(1)sudoedit-8816110660620B--gzexecute a command as another userintro7-7715812813670A--gzintroduction to overview and miscellany sectionsprof-1115812813670A--gzread and display shared object profiling datadhclient.conf-5516219398220A--gzDHCP client configuration filepam_group-8815953742440A--gzPAM module for group accesssystemd-ask-password-1116268940210A--gzQuery the user for a system passwordupdate-dictcommon-hunspell-8815422954860A--gzrebuild hunspell database and emacsen stuffqemu-nios2-1116261022170B--gzQEMU User Emulatorlwp::useragentLWP::UserAgent3pm315750405830A--gzWeb user agent classgpgcompose-1115838662460A--gzGenerate a stream of OpenPGP packetsecho-1115676799200A--gzdisplay a line of textio::socket::ssl::utilsIO::Socket::SSL::Utils3pm315817106800A--gz- loading, storing, creating certificates and keyscurl-1116268709580A--gztransfer a URLgetcap-8815819434600A--gzexamine file capabilitieszegrep-1115762517060B--gzsearch possibly compressed files for a regular expressiongrub-syslinux2cfg-1116214898500A--gztransform syslinux config into grub.cfgrtc-4415812813670A--gzreal-time clockglib::codegenGlib::CodeGen3pm315820097650A--gzcode generation utilities for Glib-based bindings.wpa_cli-8816146062790A--gzWPA command line clientiso_8859_3-7715812813670B--gzISO 8859-3 character set encoded in octal, decimal, and hexadecimaliso_8859-9-7715812813670A-tgzISO 8859-9 character set encoded in octal, decimal, and hexadecimallvextend-8815816289110A--gzAdd space to a logical volumeresolvectl-1116268940210A--gzResolve domain names, IPV4 and IPv6 addresses, DNS resource records, and services; introspect and reconfigure the DNS resolverchgrp-1115676799200A--gzchange group ownershipsystemd-cgls-1116268940210A--gzRecursively show control group contentspygettext3.8-1113852085880A--gzPython equivalent of xgettext(1)ping4-8815804258830B--gzsend ICMP ECHO_REQUEST to network hostsidmapwb-8816000845410A--gzwinbind ID mapping plugin for cifs-utilsapturl-gtk-8815799493830B--gzgraphical apt-protocol interpreting package installersane-epsonds-5516003468200A--gzSANE backend for EPSON ESC/I-2 scannersgvfs-monitor-file-1115868766090A--gzrstart-1115829564830A--gza sample implementation of a Remote Start clientgit-stage-1116148628880A--gzAdd file contents to the staging areatc-pedit-8815816145190A--gzgeneric packet editor actioniptables-save-881582899
        Source: 5669.41.drBinary or memory string: I_qemu
        Source: 5669.41.drBinary or memory string: -1116261022170B--gzQEMU User Emulator
        Source: 5669.41.drBinary or memory string: -3315837702310A--gzvmware shared library
        Source: 5669.41.drBinary or memory string: qemu-mips
        Source: 5669.41.drBinary or memory string: qemuj\
        Source: 5669.41.drBinary or memory string: {qemuQ&
        Source: 5669.41.drBinary or memory string: Wgnome-text-editor-111629209547491759146B--gztext editor for the GNOME Desktopx11::protocol::connection::filehandleX11::Protocol::Connection::FileHandle3pm314314075500A--gzPerl module base class for FileHandle-based X11 connectionshtbHTB8815816145190Ctc-htb-gzcifscreds-1116000845410A--gzmanage NTLM credentials in kernel keyringiwconfig-8815490049440A--gzconfigure a wireless network interfaceossl_store-file-7ssl716164130370A--gzThe store 'file' scheme loadertc-stab-8815816145190A--gzGeneric size table manipulationsnotifier-7715877390340A--gzcups notification interfaceqemu-arm-1116261022170B--gzQEMU User EmulatorgemfileGemfile5516263767190Cgemfile2.7-gzglib::object::subclassGlib::Object::Subclass3pm315820097650A--gzregister a perl class as a GObject classnetcat-111612200165426646725B--gzarbitrary TCP and UDP connections and listensdpkg::changelog::parseDpkg::Changelog::Parse3perl315849439740A--gzgeneric changelog parser for dpkg-parsechangelogmpris-proxy-1116243432320A--gzBluetooth mpris-proxybundle-pristine2.7-1116263767190A--gzRestores installed gems to their pristine conditionfsck.ext3-8815816604980B--gzcheck a Linux ext2/ext3/ext4 file systemvolname-1115625752510A--gzreturn volume nameiso-8859-9-7715812813670B--gzISO 8859-9 character set encoded in octal, decimal, and hexadecimalheadhead1HEAD1psd-4415812813670A--gzdriver for SCSI disk driveschrt-1115953177680A--gzmanipulate the real-time attributes of a processvcs-4415812813670A--gzvirtual console memorygit-upload-archive-1116148628880A--gzSend archive back to git-archivenet::dbus::binding::message::errorNet::DBus::Binding::Message::Error3pm315773746310A--gza message encoding a method call errorpkcs11.conf-5516097870510A--gzConfiguration files for PKCS#11 modulessfill-1115227593860A--gzsecure free disk and inode space wiper (secure_deletion toolkit)ldattach-8815953177680A--gzattach a line discipline to a serial linethin_restore-8815811608350A--gzrestore thin provisioning metadata file to device or file.phar.phar7.4-1116254980150B--gzPHAR (PHP archive) command line toolbundle-outdated2.7-1116263767190A--gzList installed gems with newer versions availablemail::addressMail::Address3pm315640244160A--gzparse mail addressesopenssl-ca-1ssl116164130370B--gzsample minimal CA applicationchardet3-1115765858900A--gzuniversal character encoding detectorerb2.7-1116263767190A--gzRuby Templatingchktrust-1115826667350A--gzCheck the trust of a PE executable.sg_raw-8815825816070A--gzsend arbitrary SCSI command to a devicegvfs-trash-1115868766090A--gzintro1-1115812813670A--gzintroduction to user commandsmailcap-5515714399500A--gzmetamail capabilities filegigoloGigolo1gig
        Source: 5669.41.drBinary or memory string: vmware-xferlogs

        Stealing of Sensitive Information

        barindex
        Yara detected Mirai
        Source: Yara matchFile source: F4ged15cJ3.elf, type: SAMPLE
        Source: Yara matchFile source: 5482.1.00007f92f8001000.00007f92f800f000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: 5477.1.00007f92f8001000.00007f92f800f000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: Process Memory Space: F4ged15cJ3.elf PID: 5482, type: MEMORYSTR

        Remote Access Functionality

        barindex
        Yara detected Mirai
        Source: Yara matchFile source: F4ged15cJ3.elf, type: SAMPLE
        Source: Yara matchFile source: 5482.1.00007f92f8001000.00007f92f800f000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: 5477.1.00007f92f8001000.00007f92f800f000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: Process Memory Space: F4ged15cJ3.elf PID: 5482, type: MEMORYSTR

        Mitre Att&ck Matrix

        ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
        Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath InterceptionPath Interception1
        Hidden Files and Directories        		1
        OS Credential Dumping        		11
        Security Software Discovery        		Remote ServicesData from Local System1
        Non-Standard Port        		Exfiltration Over Other Network Medium1
        Service Stop
        CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
        Non-Application Layer Protocol        		Exfiltration Over BluetoothNetwork Denial of Service
        Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive1
        Application Layer Protocol        		Automated ExfiltrationData Encrypted for Impact

        Malware Configuration

        No configs have been found

        Behavior Graph

        Hide Legend

        Legend:

        • Process
        • Signature
        • Created File
        • DNS/IP Info
        • Is Dropped
        • Number of created Files
        • Is malicious
        • Internet
        behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1540787 Sample: F4ged15cJ3.elf Startdate: 24/10/2024 Architecture: LINUX Score: 76 24 daisy.ubuntu.com 2->24 26 79.133.46.243, 3778, 41258, 41260 AT-FIRSTCOLOAustriaAT Germany 2->26 28 Malicious sample detected (through community Yara rule) 2->28 30 Antivirus / Scanner detection for submitted sample 2->30 32 Multi AV Scanner detection for submitted file 2->32 34 Yara detected Mirai 2->34 7 F4ged15cJ3.elf 2->7         started        9 xfce4-panel wrapper-2.0 2->9         started        11 xfce4-panel wrapper-2.0 2->11         started        13 10 other processes 2->13 signatures3 process4 process5 15 F4ged15cJ3.elf 7->15         started        18 F4ged15cJ3.elf 7->18         started        20 F4ged15cJ3.elf 7->20         started        22 wrapper-2.0 xfpm-power-backlight-helper 9->22         started        signatures6 36 Sample tries to kill multiple processes (SIGKILL) 15->36

        Screenshots

        Thumbnails

        This section contains all screenshots as thumbnails, including those not shown in the slideshow.


        windows-stand

        Antivirus, Machine Learning and Genetic Malware Detection

        Initial Sample

        SourceDetectionScannerLabelLink
        F4ged15cJ3.elf66%ReversingLabsLinux.Trojan.Mirai
        F4ged15cJ3.elf63%VirustotalBrowse
        F4ged15cJ3.elf100%AviraEXP/ELF.Gafgyt.D

        Dropped Files

        No Antivirus matches

        Domains

        SourceDetectionScannerLabelLink
        daisy.ubuntu.com0%VirustotalBrowse

        URLs

        No Antivirus matches

        Domains and IPs

        Contacted Domains

        NameIPActiveMaliciousAntivirus DetectionReputation
        daisy.ubuntu.com
        		unknown
        		unknowntrueunknown

        World Map of Contacted IPs

        • No. of IPs < 25%
        • 25% < No. of IPs < 50%
        • 50% < No. of IPs < 75%
        • 75% < No. of IPs

        Public IPs

        IPDomainCountryFlagASNASN NameMalicious
        79.133.46.243
        		unknownGermany
        		203833AT-FIRSTCOLOAustriaATfalse

        Joe Sandbox View / Context

        IPs

        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
        79.133.46.243cZlRw8OG35.elfGet hashmaliciousMiraiBrowse
          j0GmmzdQRz.elfGet hashmaliciousMiraiBrowse
            VWpmyBcWBO.elfGet hashmaliciousMiraiBrowse
              KBW66LEndt.elfGet hashmaliciousMiraiBrowse

                Domains

                No context

                ASNs

                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                AT-FIRSTCOLOAustriaATcZlRw8OG35.elfGet hashmaliciousMiraiBrowse
                • 79.133.46.243
                j0GmmzdQRz.elfGet hashmaliciousMiraiBrowse
                • 79.133.46.243
                VWpmyBcWBO.elfGet hashmaliciousMiraiBrowse
                • 79.133.46.243
                KBW66LEndt.elfGet hashmaliciousMiraiBrowse
                • 79.133.46.243
                https://sothebys.us.com/ja4DCams2APwoTx4RAl4DCB4GI1AoTxp4RAoTx4DCuctsz01nQ3EtGet hashmaliciousHTMLPhisherBrowse
                • 79.133.57.143
                LSW51096D32024I.exeGet hashmaliciousFormBookBrowse
                • 79.133.41.250
                TNS71092E68UI0.vbeGet hashmaliciousFormBookBrowse
                • 79.133.41.250
                leXVJ63fbD.elfGet hashmaliciousGafgyt, MiraiBrowse
                • 79.133.46.138
                QsVZ6EVGYs.elfGet hashmaliciousGafgyt, MiraiBrowse
                • 79.133.46.138
                https://sacasqr3r3wesdgdzx.blob.core.windows.net/cdaswqrs242asdsasa/mhdihjhjudiuas.htmlGet hashmaliciousPhisherBrowse
                • 79.133.41.53

                JA3 Fingerprints

                No context

                Dropped Files

                No context

                Created / dropped Files

                /var/cache/man/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):622592
                Entropy (8bit):4.657827884365303
                Encrypted:false
                SSDEEP:6144:2v7lWAmFtL5N80nuvUpC076nKM/H9pPoARzzMRfPE6CwwNZ:ExWAmHBCGaDb+8w
                MD5:FB18C3CA88FA7799736523B80D7D75C2
                SHA1:AF7E8F1A8C17E6439087AE7FDF1E4B1E6A1B6CF5
                SHA-256:7D453A1D99527A10F0626890893537BBCB800E0B6314B6BBA3363DFD8141F6D8
                SHA-512:141B4A676B06CCA2D8421ACD3FD3B9C64E4C0875E04B3347AC62020B4AD8E9D3845039BBAF8F4069803A3E21BA2BC2EFAD296DCF68E7915559A2C5781F39C7E1
                Malicious:false
                Reputation:moderate, very likely benign file
                Preview:.W.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/cs/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):1.6070136442091312
                Encrypted:false
                SSDEEP:48:bhVGQeUzGLIsWUMZJ5CggJHtheYdiKNHTlJ8NK:bhVGaGLIWMZXZgxeYtzll
                MD5:D0CA2EBA9E7A17D4680AA9DDC5F88946
                SHA1:270F443EFF85209052AE8FFA86660AFB0FAAD39B
                SHA-256:9504DC65F8B4E057D0939FA3B2C640FC703D0290EE19381836BAA5EB3EFBADBD
                SHA-512:9F999B0467E396E78A91F0BFE56E191DB9D9AFA6DC47858F3427CB44A39D5A13A206542A471CE15C8851674A234B9A7A49AAB7E6D5AF8D080BBC99C2BA3C56D8
                Malicious:false
                Reputation:high, very likely benign file
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/cs/index.db.0zcQkQ

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Reputation:high, very likely benign file
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/da/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):2.24195239843379
                Encrypted:false
                SSDEEP:96:bhHY2DzMnpU0QMiloesQdUTn3WVE0UnknJfsWdv0SBpEVvsb6eZeGfRL+:dYKM+oagn3WW5nkniWdv0SAVE6eZee6
                MD5:4DF08004EE4C5384C02376841F2B50BC
                SHA1:C02E58212CA012913390B4C1CCD64DD3353009EE
                SHA-256:F4D6A62A734E2844B99F3AD0EB480373AFBE56B29C0CFC9C70D9DFDF19D95C02
                SHA-512:6146001CA7028F58595235F244AE8FC4ECAEA3E95C83276514FC704E91B7596678E74CDE9963D680F2493F9C04AFDEBC4DB5094E2AB7C1A949E9378307AE0116
                Malicious:false
                Reputation:high, very likely benign file
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/da/index.db.smsriP

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Reputation:high, very likely benign file
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/de/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):45056
                Entropy (8bit):4.162642546083835
                Encrypted:false
                SSDEEP:768:hKTynsA3KVtOOcm2MrTJDEmf5RLOrsVDhtq5:QTyncXT+g0rs/q
                MD5:BA87621AF79D3CADEA1742192F67B67E
                SHA1:AFBF329091F1F10BD80A862CBBA91C62206A3813
                SHA-256:ECED571D3ACB8F75FF56913BE556A3227DE8FF61B6E3D6DFED80052464D1AAC6
                SHA-512:ADF9D0DE53D0AAE4E412B7DFD2256818DCE3AF5FC804766E51BBB552AABB6F9F9E0B352961F70816F6C2169A01912D0E5666CDFDE91306D95C406774F445003D
                Malicious:false
                Preview:.W.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/de/index.db.sDgJvP

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):45056
                Entropy (8bit):0.20558603354177746
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:55880A8B73FD160B73198E09A21C83DB
                SHA1:5EB780702D2501747AF46F7525EF5C635EC5E64C
                SHA-256:66BD4C98AF40E2E208AC102ACD0F555A6C118E7258D91B833BE1D53EBFFB7BBB
                SHA-512:388924B8CAE80CCA6CA8E5109D0239A963A66CC0454450223EC7FB2A188F6F05E49632E535DC06E49DF6D007B221AA6B3D5F23C80203BCC861FF95EFA10AC1F9
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/es/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):20480
                Entropy (8bit):2.469989054365123
                Encrypted:false
                SSDEEP:96:bh8fr5fT5pYUBUtKGGTaZ1n3zbHGc2WjAXGBCgfd6Dgzs30z8ztvpWFoDXst4:qD5w6xT6n3zbNBSw/fd6Oz8ztQiDXo
                MD5:25F69E721343453F17D650B66F6725FD
                SHA1:E412A004F93F579547210D0D0113ABB70CAE29E1
                SHA-256:A2392B2B025C45E6C136BBC6AA16ADB8A5260A7BC1E4B21366F32EC255D5C0B5
                SHA-512:C8BF7E610B758A9C19F792B630A972213FF6525E82A477521D5702869856C3A504EA591BDE8F50CDF2C3C9BDC356631F326B3923333B186F855114A1A124FAEE
                Malicious:false
                Preview:.W..............................P......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/es/index.db.PvoSfR

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):20480
                Entropy (8bit):0.3847690842836057
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:F0B902DEA5EF122A0B1F0F496DDC781B
                SHA1:90176D320A9C3601787D53CC346DC743367D53F1
                SHA-256:CFD64D42263C5D323AF423FC09CDB5DDB2F914114B87BAB6566EAB1020F15DE0
                SHA-512:3A5BC0E51D53A12E65441FB98E1201DC434C42DB389CFCA4C96FF65C2413CF9B06B29CC39A48BD3FDC61F4896396813E54B9C2CE404EF35AC33B35377E718874
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/fi/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.5882948808594274
                Encrypted:false
                SSDEEP:12:Ey20yaajjjjjjjjjjjjjjjjjjjjjjjjjjGjjjjjjjjjjjjjjjjjjjjjjjjjjjjjp:bhjz+9Ab
                MD5:09F6ED1A60B8A4203EA97CF5926C6AFF
                SHA1:C28F4E393D55AD057E3C7608741904B796F67076
                SHA-256:56664D61D0BB8BF34CCA28C73CB314CB73EA1C4FAC64D2208B43F63C009FC855
                SHA-512:476EAE37D827C8BB322213799AB52DBE8FA43274DB3447BC5FEDFED64ECCEAF2C11DA375FDA09B37977D03CA1910E22443B22A3EEA875CE6F3BC698F8ADCC0E2
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/fi/index.db.d1L1SS

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/fr.ISO8859-1/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.9312184489410064
                Encrypted:false
                SSDEEP:12:Ey20yIpyjjjjjjjjjjjjjjjjjjjjjjjjXjjjjjjjjjjjjjjjjjjjjjjjjjjjjGz7:bhbpFi043WmkN2GmGufUeDDx+yxrq3
                MD5:43ADE2E40B8B5A0DFA0A155FC9A02F7F
                SHA1:3D04BDFFD0E2A8433150C87D334014099336A5C5
                SHA-256:81E48EE4653A5E6F25C33133F24F045EB1EB2CC6724ECE0C5336612AB711273E
                SHA-512:C9C5C436A0E986A39CE3FA1CAF15A92D509F4450744BAE0283204B58CDD6FE9B8EEB8D3E2CAFB4B1ACB46729317FFAEFE86B0DD2D60472CAB30B204CC2003B03
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/fr.ISO8859-1/index.db.n3JzVQ

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/fr.UTF-8/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.9312184489410064
                Encrypted:false
                SSDEEP:12:Ey20yIpyjjjjjjjjjjjjjjjjjjjjjjjjXjjjjjjjjjjjjjjjjjjjjjjjjjjjjGz7:bhbpFi043WmkN2GmGufUeDDx+yxrq3
                MD5:43ADE2E40B8B5A0DFA0A155FC9A02F7F
                SHA1:3D04BDFFD0E2A8433150C87D334014099336A5C5
                SHA-256:81E48EE4653A5E6F25C33133F24F045EB1EB2CC6724ECE0C5336612AB711273E
                SHA-512:C9C5C436A0E986A39CE3FA1CAF15A92D509F4450744BAE0283204B58CDD6FE9B8EEB8D3E2CAFB4B1ACB46729317FFAEFE86B0DD2D60472CAB30B204CC2003B03
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/fr.UTF-8/index.db.AG7SLQ

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/fr/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):40960
                Entropy (8bit):3.8428961950265124
                Encrypted:false
                SSDEEP:768:A4VX6Bd+dla5HmdT8qHl87BaIPay4uz8HksyfHnmlNO:A4ROd+dStM83PavyfHmj
                MD5:A968051C00DB86BFF64EBC6FF796400C
                SHA1:198DFE6927BA968CFAA391662710F71C05426E66
                SHA-256:24E5E79A29611A1B3BF26353B62F77293ECA5994A2785ABF61C69EE3A932796F
                SHA-512:9747922B3C0060C42BC0B56B97CE88A5FB3FAAEBC326A417E3E6C039773CDC17857F621FEDD15F74B9552F91C9BBA3D99F7C87EC5F611C1F1FC55845386AA00E
                Malicious:false
                Preview:.W.....................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/fr/index.db.Z0L5BT

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):40960
                Entropy (8bit):0.22208993462959856
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:425CB57CD9B42556C8089FE7A7A3E495
                SHA1:4F33F9A9897218FDED958FD8F8D7AF7CD8BC48F3
                SHA-256:85E01EFF2AC0C83C827E118D5CE2CD1E1A19E059688B6E0D09CB3CC131F065D3
                SHA-512:8C7D4DACF5C5C5C4B78775048427AF99ED8057590AA3A69FD5B3F875B6DDD249A6DB0AF3A51BB96A7F629D1017B272317583A8DFF89FB3968FFE2F246F040F33
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/hu/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.9419610786280751
                Encrypted:false
                SSDEEP:24:bh04IR9rYz9kvNQFl46MdnqfPE9eTuF0Ce:bhXIHakVQmnqXqeT/Ce
                MD5:18F02B57872A97DE1E82FF5348A5AF1B
                SHA1:52F332343B120B1C950AC02B3C923556C70DC62A
                SHA-256:5C605DE68B3E05754698485F73413F4052AEA8C3AAE6012AC6416B3B6B056DF7
                SHA-512:E33A8412F52D26BDE55E4D72E0D9D09EB777F4B882F5BB1C4625AB392EE321D6ACD8795001BF50CCDACFAC131A1263B1398F208799F753554C43349136EB8BEC
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/hu/index.db.AxyMlT

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/id/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):1.309811236154278
                Encrypted:false
                SSDEEP:48:bhESUeDVrWTVd5ekRv/KSmGWqR0VouC4btU8IzTC74ExJKGtII:bhEVeBqTVdAcn3Iowl4UBtx
                MD5:3AFDA1B0F729816929FF7A6628D776D5
                SHA1:5982940A5782F11AEB5BF859C055DE3FEFBDF5DB
                SHA-256:77809D5F38F6D96A2E8BA9BE0DFBB16C10B6B1FF7D2BA1DD5FB9437F73C47E7F
                SHA-512:6D4CE03475C68EDC0AE928E7F65BB8C06198721146A1266F55455AF3D5E24F44A569E007C0DC44BC7745C1573DBC7F02B8C4094F9BD97FAF6A0B5894BE0E07E5
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/id/index.db.s5IKAT

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/index.db.JhuqcT

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):622592
                Entropy (8bit):0.022159377425242585
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:2E442DBA85DEDFDCB07090FDF9DE90D0
                SHA1:02658086E93854D13D82B1F0D80F4B78D26DCA51
                SHA-256:62406BFE7657964E490DE65A0007F7C1D59B62B2B9AD35BA55BA219673378848
                SHA-512:FDBBA0DEF310CF7DBF448CFB6E5C9CDCEFBF6A0CAEB26CA3AFA91A388FBA10A9E77BCC27CA9B0AEA2A7B67F964849E147FB44862C7394C2C7CDCB572C06FCB05
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/it/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):20480
                Entropy (8bit):3.3621193886235408
                Encrypted:false
                SSDEEP:384:Jtp0q5d98n3SaMfhtxfmbMy+HseeNwoMbHf:JDd9QSBf
                MD5:B228DE097081AF360D337CF8C8FF2C6F
                SHA1:7DD2C4640925B225F98014566F73C35F4E960940
                SHA-256:1056CECADA78542B173EE469C9BEAF61F81298EBBD21B54EA6EE449028E18B3F
                SHA-512:F61D7F9040E452C4B1B77F3657BE4252475C3BF23D78EED903A5E55FA97BA0571BA3AD90DBA7F77C334DF5B721F909B12720515034421A4AAB0450D1D43B32E4
                Malicious:false
                Preview:.W..............................P......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/it/index.db.ER6evR

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):20480
                Entropy (8bit):0.3847690842836057
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:F0B902DEA5EF122A0B1F0F496DDC781B
                SHA1:90176D320A9C3601787D53CC346DC743367D53F1
                SHA-256:CFD64D42263C5D323AF423FC09CDB5DDB2F914114B87BAB6566EAB1020F15DE0
                SHA-512:3A5BC0E51D53A12E65441FB98E1201DC434C42DB389CFCA4C96FF65C2413CF9B06B29CC39A48BD3FDC61F4896396813E54B9C2CE404EF35AC33B35377E718874
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/ja/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):20480
                Entropy (8bit):3.667488020062395
                Encrypted:false
                SSDEEP:192:CF4pPRfAgFn35FF1veUMjGiEGBuPhiB0PUKwA+U:5PRfAgFn35MSeAPUjN
                MD5:D3CD7D67F8155491493BB7235FB9AA57
                SHA1:5A7AE62A7AFE50EFCCED06CBD56AE2A0A284EFF3
                SHA-256:6958349ECA637F99AABC419B5E402CFB50BC5B8867F31BCB67F064F47A209929
                SHA-512:1168BF697CDE563F7D82A71EAE1CD496EA81D178B26F87EAAF2EDEED13274B1E3500CE1C981647717598495EBE1FF8F8AC54AD33547506E566C925D7002F5CFF
                Malicious:false
                Preview:.W..............................P......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/ja/index.db.ua8RTR

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):20480
                Entropy (8bit):0.3847690842836057
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:F0B902DEA5EF122A0B1F0F496DDC781B
                SHA1:90176D320A9C3601787D53CC346DC743367D53F1
                SHA-256:CFD64D42263C5D323AF423FC09CDB5DDB2F914114B87BAB6566EAB1020F15DE0
                SHA-512:3A5BC0E51D53A12E65441FB98E1201DC434C42DB389CFCA4C96FF65C2413CF9B06B29CC39A48BD3FDC61F4896396813E54B9C2CE404EF35AC33B35377E718874
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/ko/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.7847786157292606
                Encrypted:false
                SSDEEP:12:Ey20yYn0jjjjjjjjjjjjjjjjjjjjjjjjjjGjjjjjjjjjjjjjjjjjjjjjjjjjmjj7:bhXYznMk31RFe6f
                MD5:FBA25855E1C99D8F87E8AC13E2E2ECB1
                SHA1:D99351AC40D6CC4C9BE54E0E018C44A9A88983D7
                SHA-256:C0E18ED1CEFF427FD4D57D1B79CE1AF7320AC8453BAF8A0349C08267464C4D71
                SHA-512:0969DF6506E083A4995A18518BC3C4472157E7790EEC26C08221B0FC6DE9C7DA0ADB11CF92C56BC35B89BC60447F3D991F935E352552B58FB9BD1D4B2579FBB0
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/ko/index.db.z0breS

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/nl/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):2.554204221242331
                Encrypted:false
                SSDEEP:192:H8Y5a2oquB2aCYn3lvu3whjXVobdbs7dq1KJGbtf0Hoa:hoquYaCYn3Q8jXqbdbs7dGbKHoa
                MD5:27FED1CA8EB0101C459D9A617C833293
                SHA1:503B2A3E33FE79FF2CD58F831ED33DB358849BEA
                SHA-256:C3033C4F7CF0D6108611EF5A62CA893F98EE6463DDCFF7100D3BAFDEB0036D9E
                SHA-512:7BD630F5E0C5A91C34D2E48D0053923C9F2F5BAA07D21FDA79E60F3AFDF759E594E6639562C1F3EE68DD080D417009DC3AFB7DA534E3B8C29FF7B10438C3FD4E
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/nl/index.db.QmgmIT

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/pl/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):20480
                Entropy (8bit):2.880948418505059
                Encrypted:false
                SSDEEP:192:7Sf8026LXqn3ZTV6pXAmA44BRqvc3X3GVAjvAk/AvdWjWftxA:E802uXqn3/6pxARqr8kdWjW1
                MD5:37CEBCD3F5BF6322785FFF568EE33131
                SHA1:201298C827C77C60CD314BF721DC4C27EF95BD64
                SHA-256:012C5597C5DD8654EB14432AFCEFD9B131F2CE75AD21488991A5A688929AAEA6
                SHA-512:CCC8A8CCF4ACA332CAF610155DE9E7C4A12D1C45C98D20766B86098A3D2EF332189F159E3956944CD302DF652FE7A6F0D07CA39CBE7DF4A655D3211452487582
                Malicious:false
                Preview:.W..............................P......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/pl/index.db.fm0AaQ

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):20480
                Entropy (8bit):0.3847690842836057
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:F0B902DEA5EF122A0B1F0F496DDC781B
                SHA1:90176D320A9C3601787D53CC346DC743367D53F1
                SHA-256:CFD64D42263C5D323AF423FC09CDB5DDB2F914114B87BAB6566EAB1020F15DE0
                SHA-512:3A5BC0E51D53A12E65441FB98E1201DC434C42DB389CFCA4C96FF65C2413CF9B06B29CC39A48BD3FDC61F4896396813E54B9C2CE404EF35AC33B35377E718874
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/pt/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):20480
                Entropy (8bit):2.413200731126695
                Encrypted:false
                SSDEEP:192:KqFPMGn35+0+eo8TAnBW4VppKP8qtRuI:xPHn35+peo8T8V/fq6I
                MD5:10C8D94B4EB46E7CF59FDBBDB64C3E44
                SHA1:09A0C09834B1D84F5E24E7602182A5B90BB0F9B6
                SHA-256:F08266CEE0E60565B4F81D2D3D276B47FAF27A774278694F2E83F440016689CD
                SHA-512:7E8673703CB8BC9DEBEC1ACC297898BC0690704FC5613FAECF4AA2946E46556703952E11CC90DC2A8133A84628FD5674349B6911111A69AFE65618CE8F7FA5C8
                Malicious:false
                Preview:.W..............................P......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/pt/index.db.Xr8FxS

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):20480
                Entropy (8bit):0.3847690842836057
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:F0B902DEA5EF122A0B1F0F496DDC781B
                SHA1:90176D320A9C3601787D53CC346DC743367D53F1
                SHA-256:CFD64D42263C5D323AF423FC09CDB5DDB2F914114B87BAB6566EAB1020F15DE0
                SHA-512:3A5BC0E51D53A12E65441FB98E1201DC434C42DB389CFCA4C96FF65C2413CF9B06B29CC39A48BD3FDC61F4896396813E54B9C2CE404EF35AC33B35377E718874
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/pt_BR/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):1.7510008687365202
                Encrypted:false
                SSDEEP:48:bhX6G+IwvnUZe4Gv/KSmGROqAQAuSe0dDOfInYbmucrm3QEAvJBFIz:bhq5bnUY4Gn3P+/Z1tvJDQ
                MD5:A11F5E85A2A07AF84255570AE29318FB
                SHA1:D06BF25E5FD4A17BCF7C5BD77ACD747F0FE181E8
                SHA-256:8FFA8BC408B254217275A622D054853CB72B08409A11AA49C4C664C0DABFB62F
                SHA-512:059F3CBC93750B68942D88EDD4AD2531B2291CEC421EB903280B9105010D1C8AD70F9F3CFA1B1A50D5110DCBFDB807A6E7A3F9EBC9A48AC8C3A49DEC4B6B3899
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/pt_BR/index.db.zsZwzQ

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/ru/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):24576
                Entropy (8bit):3.440634655325007
                Encrypted:false
                SSDEEP:384:SpjHrhEon3PRekEF3PS6y13Vi6w5TlmmcOB:Q3hNEk23MuxrB
                MD5:DF5C1114538C5D8EA1EE929FFAC24E3C
                SHA1:B6331AF77566B63EA8204BE85F5DC99FAF51479E
                SHA-256:F238C75DAD82E10AB011A9BF79775B2A5F5889644A5A06835933340845A08555
                SHA-512:9514A424CC2A9290F749F527F515B35E45C6A829CB3930DBFB39DC9D70A684640A31686EC77258FF285FE89B6DD44BB01A478848FF9B3EBD764741A6F7856704
                Malicious:false
                Preview:.W..............................`......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/ru/index.db.h9EbTT

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):24576
                Entropy (8bit):0.3337394253577246
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:5B66CE03BFE548DEE335E0518E4E0554
                SHA1:65397845DC679AA972454B0FF237A513C0F490CB
                SHA-256:C38BB21B1D92166794DC09807C9A55B67B0A760C684FEEDD0C931F8415DD6D29
                SHA-512:A31C3D23F25607333250443490F0EE295BB702B46A636905FD413E8AEAA8ED23AAB42106868D2938718555C9DEEFB69FB416CAF5228A422F64D6CA8DB438FEE8
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/sl/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.8558400366712392
                Encrypted:false
                SSDEEP:12:Ey20y8jjjjjjjjjjjjjjjjjjjjjjjjjjGjjjKuV0jjjjjjjjjjjjjjjjjjjjjjje:bhaVZjx6ot7m13SmZQs
                MD5:67697BEA7C23E4805A82FE9755BB3CAE
                SHA1:14ACAFF0BECBDB116E4C0BC329E59DEF68CF46D1
                SHA-256:553DA7FF76999B7CCC4450498B11E6BD98B3B1E5FF81D82A53568F84B0D270D5
                SHA-512:D966DD6430003E708C6EE10764DC072A1ED0A252E6E1C822CBD28271A2EDD4B1F61C7F9AA7D1D442D6175791A104A365DE25B9C2598500AE705C9250C8BA46A1
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/sl/index.db.60EVbR

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/sr/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):1.3868484511023333
                Encrypted:false
                SSDEEP:48:bhLSUCt/WFekRv/KSmGWqApnEVyfNsu+tBNGg2PgULLE2vRy2QwfoQEDiR2e3iRj:bhLVC48cn3Vu2FtBv7AtboQIqb3qwK
                MD5:0DD75ECC81E4E564EA56A57FF32A24D3
                SHA1:859C0FE5F86A2C5A32BAD7920787BE845F34C4FB
                SHA-256:DB778B175D19DEFA4180D0B12D675AD0B8B22CC4BB77702D9EC8510F894EB3B1
                SHA-512:7B0C56A76797383527509F8036EB4911F8925E7ACC005CDC3269F0A43231479E3A0A9887BF4D2979F05CBFE18324997DEF715FDA6921EEF827B385C9D902C708
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/sr/index.db.NS9VET

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/sv/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):2.5432558448090097
                Encrypted:false
                SSDEEP:96:bhk/+fz7b9ldxbe2Vn3iwkVJIB0D6c6aZ4+1Wrzbxpl4/tMe1:imrn9lHbe2Vn3iwKhD6cvTAbl4/tMe
                MD5:D97454D6B1F39F39966A809BCA3D9647
                SHA1:276931CED8F34B7651C1BDFC8522FF0560E2C377
                SHA-256:DCB8CE7F4F21595D851100F315C56B717541DB898AEB9ED9C0CCC9FF217A5801
                SHA-512:3E014F3EA8EEE79B87726EDA6291AC2D0BD9B22803EE848F61CA2AAD39D5FB87704410C57C648EE4AF8A1B78EFB0D766524F6DB750208C9BAC346079FD8EE69E
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/sv/index.db.7PoTNR

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/tr/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):1.7558188637474321
                Encrypted:false
                SSDEEP:96:bhWV1OIM7cn3UZiPU1wywyoEpJmz6W2Mzgg:YDOL4n3fPvywrzgMU
                MD5:5F905B930E7310E72BC3DF5C50F8E579
                SHA1:50B1AD3115F095C743CB26F87ECCE406FAC3523B
                SHA-256:1DB72BA77CA01F25CA9768999825D8F97F5ED4D00E17C9130D6F7CDE34130270
                SHA-512:A6066F4DF4097DB93673CD156BBE5F910C3F64D01E1671E481BC9FBDD720DBD6F8CEF337E20404F7C6AE97B2FA1F5E67088041ACBB6EA85D6758924D5740D06C
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/tr/index.db.4xejOP

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/zh_CN/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):2.6210042560348144
                Encrypted:false
                SSDEEP:48:bh5roGafX8XKu5YIoBHtF2YekDsv/KSmGWNmA/y0uJNI/oyjaOUUfEHKn9nnjoEJ:bhdoLfX8N9oBNF2XFn3UD/9FZiy0aoN
                MD5:39398A15564A55EB7BFE895D7668A5A3
                SHA1:28DA677435B87176E08AFABBF8B51F7B93E22948
                SHA-256:A4C0216476E357ED3A23E71333DBE7DE91E04370EF049032EE8E47BB1EDBD83B
                SHA-512:B4E69212338C742F8C83194552078A86E4BED59375D82563C0B4059B7E0D6A58D6317151AB1F2A6FB20D2FF6DB7C550DF6A6984B2BB873A111D58AF9AEB7D95E
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/zh_CN/index.db.vVIUOQ

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/zh_TW/5669

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):1.0170167917961734
                Encrypted:false
                SSDEEP:24:bhAvIZuF4ptmpzf50dhOv8WvxjMMhFmMKxevOfOots+:bhDi4p+ahOhFFKxewj
                MD5:1FC5F2B98E5BC25B10373353D91B86B1
                SHA1:D848DA35B0731328195D59C1E996B95C4952F1F9
                SHA-256:509FAD18B4454CD70D974755F6156D4A5FA9B960AB9FF468D1FC350F0B64F379
                SHA-512:95BC2E289EDE5D9A3F56C9D8AE9DD13D9379BE2ABF8927CDABBE92B9F57A8EB667E9C08E4DFD82BF9F1F57118CE6E495722ADA2668AFF4FA0540F46C0A6D5138
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/cache/man/zh_TW/index.db.7u83VP

                Download File
                Process:/usr/bin/mandb
                File Type:GNU dbm 1.x or ndbm database, little endian, 64-bit
                Category:dropped
                Size (bytes):16384
                Entropy (8bit):0.45676214072558463
                Encrypted:false
                SSDEEP:12:Ey20ypjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjjj3:bh
                MD5:EE429C7E8B222AFF73C611A8C358B661
                SHA1:DA353E80DCF1195F259CCBC32D39F5923710453F
                SHA-256:BDAAC26D90701E063943763B7CBD9204B6F0007C6F1BCA3C7B4FE3B09CDF6091
                SHA-512:DC651AF7AEB4A64C63986100E416A7DA4782678497B73F1CE42536DE02DB9E4115748881A56B86EC5B12E34C9FDF829BD194BEA7790FDCA7B2F5178A24930809
                Malicious:false
                Preview:.W..............................@......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................

                /var/lib/logrotate/status.tmp

                Download File
                Process:/usr/sbin/logrotate
                File Type:ASCII text
                Category:dropped
                Size (bytes):1607
                Entropy (8bit):4.774064204486306
                Encrypted:false
                SSDEEP:48:Uvj9qJM+E0JnK4+iq4I+ho+cs2+UW+d+A5t5xvU+q4T+DNY+U1S+3o9NBqJNl+q4:ZyyhW4Ih9hWurmP4T46ho1GnlP4hlho2
                MD5:AACB1818497F9D44E35E27669D21417B
                SHA1:586601DD26A0E0F33C6659F8164B063AEEC3C1F7
                SHA-256:AC80118D71C35275736ACD0BF0499DDCB119895B0C2E120FAAE70A632C7BA2DA
                SHA-512:1512E59FF0D9D9B49B63ACC031053D45AD22E6D0F3A3C9DB603084DA687162A7C409E1F8B3D481559CC90E6F357107FEF061E405CD3780B9E4A52647FDDC6021
                Malicious:false
                Preview:logrotate state -- version 2."/var/log/syslog" 2024-10-24-4:57:5."/var/log/dpkg.log" 2023-7-31-11:2:47."/var/log/unattended-upgrades/unattended-upgrades.log" 2024-10-24-4:57:5."/var/log/speech-dispatcher/debug-flite" 2024-10-24-4:0:0."/var/log/unattended-upgrades/unattended-upgrades-shutdown.log" 2024-10-24-4:57:5."/var/log/auth.log" 2024-10-24-4:57:5."/var/log/apt/term.log" 2023-7-31-11:2:47."/var/log/ppp-connect-errors" 2024-10-24-4:0:0."/var/log/apport.log" 2024-10-24-4:57:5."/var/log/speech-dispatcher/speech-dispatcher-protocol.log" 2024-10-24-4:0:0."/var/log/apt/history.log" 2023-7-31-11:2:47."/var/log/boot.log" 2024-10-24-4:0:0."/var/log/alternatives.log" 2021-9-17-9:23:29."/var/log/lightdm/*.log" 2024-10-24-4:0:0."/var/log/mail.log" 2024-10-24-4:0:0."/var/log/debug" 2024-10-24-4:0:0."/var/log/kern.log" 2024-10-24-4:57:5."/var/log/cups/access_log" 2024-10-24-4:57:5."/var/log/ufw.log" 2024-10-24-4:0:0."/var/log/speech-dispatcher/speech-dispatcher.log" 2024-10-24-4:0:0."/var/log/wt

                Static File Info

                General

                File type:ELF 32-bit MSB executable, Motorola m68k, 68020, version 1 (SYSV), statically linked, stripped
                Entropy (8bit):6.254951814844468
                TrID:
                • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                File name:F4ged15cJ3.elf
                File size:54'932 bytes
                MD5:f5388d6edb7b27755ddb3a481b5efdeb
                SHA1:1059ef5dc720e111fec66b58a5c20a3f7842a9c5
                SHA256:d7f066f073657267d0e6b9fc0f78f0a840e659f4a380daec91581416569693f9
                SHA512:ee10071bc6417c23983b98cc2a4940038038bd2836cd95b7320d9fdff8a1145d4deb2e4ed60267fcb253e1fe39d3a9268d1dda6237ef6cc7e076b9af4f050377
                SSDEEP:768:gduPBFnHooqR8qOCKq2cH4Kg9e+TK806MMUVjzkfQXObHud2oGy:r/hqaJMDg9eqK806MHdkfQX6HuCy
                TLSH:77330A8EB8029D3CF91BE6BE54164E0DB93177C152830B2767BBFDA36C721945E02E85
                File Content Preview:.ELF.......................D...4.........4. ...(.................................. ....................(.......... .dt.Q............................NV..a....da.....N^NuNV..J9....f>"y.... QJ.g.X.#.....N."y.... QJ.f.A.....J.g.Hy....N.X.........N^NuNV..N^NuN

                Static ELF Info

                ELF header

                Class:ELF32
                Data:2's complement, big endian
                Version:1 (current)
                Machine:MC68000
                Version Number:0x1
                Type:EXEC (Executable file)
                OS/ABI:UNIX - System V
                ABI Version:0
                Entry Point Address:0x80000144
                Flags:0x0
                ELF Header Size:52
                Program Header Offset:52
                Program Header Size:32
                Number of Program Headers:3
                Section Header Offset:54532
                Section Header Size:40
                Number of Section Headers:10
                Header String Table Index:9

                Sections

                NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
                NULL0x00x00x00x00x0000
                .initPROGBITS0x800000940x940x140x00x6AX002
                .textPROGBITS0x800000a80xa80xc12e0x00x6AX004
                .finiPROGBITS0x8000c1d60xc1d60xe0x00x6AX002
                .rodataPROGBITS0x8000c1e40xc1e40x10b20x00x2A002
                .ctorsPROGBITS0x8000f29c0xd29c0x80x00x3WA004
                .dtorsPROGBITS0x8000f2a40xd2a40x80x00x3WA004
                .dataPROGBITS0x8000f2b00xd2b00x2140x00x3WA004
                .bssNOBITS0x8000f4c40xd4c40x2a00x00x3WA004
                .shstrtabSTRTAB0x00xd4c40x3e0x00x0001

                Program Segments

                TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                LOAD0x00x800000000x800000000xd2960xd2966.29050x5R E0x2000.init .text .fini .rodata
                LOAD0xd29c0x8000f29c0x8000f29c0x2280x4c83.03460x6RW 0x2000.ctors .dtors .data .bss
                GNU_STACK0x00x00x00x00x00.00000x6RW 0x4

                Network Behavior

                Network Port Distribution

                TCP Packets

                TimestampSource PortDest PortSource IPDest IP
                Oct 24, 2024 06:58:18.551300049 CEST412583778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:18.556894064 CEST37784125879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:18.557012081 CEST412583778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:18.602276087 CEST412583778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:18.608778954 CEST37784125879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:18.608836889 CEST412583778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:18.614182949 CEST37784125879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:19.390537977 CEST37784125879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:19.390697956 CEST412583778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:19.391024113 CEST412583778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:19.392498016 CEST412603778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:19.397866964 CEST37784126079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:19.397954941 CEST412603778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:19.399456978 CEST412603778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:19.404819012 CEST37784126079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:19.404881001 CEST412603778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:19.410254955 CEST37784126079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:20.229347944 CEST37784126079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:20.229526043 CEST412603778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:20.229794025 CEST412603778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:20.230477095 CEST412623778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:20.235795021 CEST37784126279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:20.235917091 CEST412623778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:20.236979008 CEST412623778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:20.242268085 CEST37784126279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:20.242330074 CEST412623778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:20.247631073 CEST37784126279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:21.075809002 CEST37784126279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:21.075864077 CEST37784126279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:21.076070070 CEST412623778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:21.076070070 CEST412623778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:21.076148987 CEST412623778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:21.077174902 CEST412643778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:21.082705021 CEST37784126479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:21.082894087 CEST412643778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:21.083805084 CEST412643778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:21.089163065 CEST37784126479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:21.089328051 CEST412643778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:21.094680071 CEST37784126479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:21.924309969 CEST37784126479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:21.924688101 CEST412643778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:21.924689054 CEST412643778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:21.925750971 CEST412663778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:21.931137085 CEST37784126679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:21.931220055 CEST412663778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:21.932049036 CEST412663778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:21.937323093 CEST37784126679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:21.937391996 CEST412663778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:21.942750931 CEST37784126679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:22.763459921 CEST37784126679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:22.763710022 CEST412663778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:22.763710022 CEST412663778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:22.764790058 CEST412683778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:22.770227909 CEST37784126879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:22.770307064 CEST412683778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:22.771554947 CEST412683778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:22.776931047 CEST37784126879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:22.777002096 CEST412683778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:22.782337904 CEST37784126879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:23.611948013 CEST37784126879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:23.612162113 CEST412683778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:23.612258911 CEST412683778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:23.612868071 CEST412703778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:23.618196011 CEST37784127079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:23.618263960 CEST412703778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:23.619673967 CEST412703778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:23.624984980 CEST37784127079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:23.625036001 CEST412703778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:23.630374908 CEST37784127079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:24.452173948 CEST37784127079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:24.452255964 CEST412703778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:24.452348948 CEST412703778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:24.455235958 CEST412723778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:24.460685015 CEST37784127279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:24.460804939 CEST412723778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:24.466377020 CEST412723778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:24.471714973 CEST37784127279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:24.471770048 CEST412723778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:24.477117062 CEST37784127279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:25.291446924 CEST37784127279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:25.291625023 CEST412723778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:25.291625023 CEST412723778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:25.298602104 CEST412743778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:25.304111004 CEST37784127479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:25.304176092 CEST412743778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:25.325213909 CEST412743778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:25.330636978 CEST37784127479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:25.330710888 CEST412743778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:25.336074114 CEST37784127479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:26.141803026 CEST37784127479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:26.141897917 CEST412743778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:26.141988993 CEST412743778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:26.144354105 CEST412763778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:26.149633884 CEST37784127679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:26.149689913 CEST412763778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:26.154695988 CEST412763778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:26.159950018 CEST37784127679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:26.159986973 CEST412763778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:26.165258884 CEST37784127679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:26.979871988 CEST37784127679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:26.980067015 CEST412763778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:26.980067015 CEST412763778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:26.987787962 CEST412783778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:26.993097067 CEST37784127879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:26.993289948 CEST412783778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:27.006480932 CEST412783778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:27.011802912 CEST37784127879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:27.011918068 CEST412783778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:27.017328024 CEST37784127879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:27.823429108 CEST37784127879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:27.823443890 CEST37784127879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:27.823504925 CEST412783778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:27.823504925 CEST412783778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:27.823558092 CEST412783778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:27.826781988 CEST412803778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:27.832144022 CEST37784128079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:27.832191944 CEST412803778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:27.838347912 CEST412803778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:27.843744040 CEST37784128079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:27.843792915 CEST412803778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:27.849287987 CEST37784128079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:28.662501097 CEST37784128079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:28.662520885 CEST37784128079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:28.662600040 CEST412803778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:28.662631989 CEST412803778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:28.662692070 CEST412803778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:28.670674086 CEST412823778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:28.676059008 CEST37784128279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:28.676137924 CEST412823778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:28.682717085 CEST412823778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:28.688092947 CEST37784128279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:28.688132048 CEST412823778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:28.693486929 CEST37784128279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:29.521517992 CEST37784128279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:29.524276972 CEST412823778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:29.524276972 CEST412823778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:29.581136942 CEST412843778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:29.586641073 CEST37784128479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:29.586705923 CEST412843778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:29.608299971 CEST412843778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:29.613881111 CEST37784128479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:29.613928080 CEST412843778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:29.619286060 CEST37784128479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:30.416785955 CEST37784128479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:30.416806936 CEST37784128479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:30.416989088 CEST412843778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:30.416989088 CEST412843778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:30.416989088 CEST412843778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:30.420511961 CEST412863778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:30.425905943 CEST37784128679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:30.425978899 CEST412863778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:30.435535908 CEST412863778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:30.440892935 CEST37784128679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:30.440946102 CEST412863778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:30.446304083 CEST37784128679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:31.265130997 CEST37784128679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:31.265218019 CEST412863778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:31.265306950 CEST412863778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:31.270119905 CEST412883778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:31.275526047 CEST37784128879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:31.275592089 CEST412883778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:31.283937931 CEST412883778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:31.289273024 CEST37784128879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:31.289347887 CEST412883778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:31.294671059 CEST37784128879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:32.104532003 CEST37784128879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:32.104655027 CEST412883778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:32.104655027 CEST412883778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:32.107589960 CEST412903778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:32.112895966 CEST37784129079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:32.113006115 CEST412903778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:32.118027925 CEST412903778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:32.123317957 CEST37784129079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:32.123363018 CEST412903778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:32.128655910 CEST37784129079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:32.952133894 CEST37784129079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:32.952265024 CEST412903778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:32.952265024 CEST412903778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:32.961654902 CEST412923778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:32.967381954 CEST37784129279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:32.967453003 CEST412923778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:32.989893913 CEST412923778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:32.995383024 CEST37784129279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:32.995441914 CEST412923778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:33.001178026 CEST37784129279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:33.797806978 CEST37784129279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:33.800224066 CEST412923778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:33.800276041 CEST412923778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:33.871412992 CEST412943778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:33.877479076 CEST37784129479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:33.877542973 CEST412943778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:33.886228085 CEST412943778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:33.891566992 CEST37784129479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:33.891639948 CEST412943778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:33.896955967 CEST37784129479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:34.708189011 CEST37784129479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:34.708348989 CEST412943778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:34.708410978 CEST412943778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:34.711790085 CEST412963778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:34.717202902 CEST37784129679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:34.717302084 CEST412963778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:34.724919081 CEST412963778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:34.730273962 CEST37784129679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:34.730336905 CEST412963778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:34.735707045 CEST37784129679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:35.555599928 CEST37784129679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:35.555737972 CEST412963778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:35.555850029 CEST412963778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:35.558228970 CEST412983778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:35.564457893 CEST37784129879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:35.564543009 CEST412983778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:35.569667101 CEST412983778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:35.575031042 CEST37784129879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:35.575185061 CEST412983778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:35.580550909 CEST37784129879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:36.395442963 CEST37784129879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:36.395566940 CEST412983778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:36.395654917 CEST412983778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:36.398217916 CEST413003778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:36.403601885 CEST37784130079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:36.403697968 CEST413003778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:36.409015894 CEST413003778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:36.414341927 CEST37784130079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:36.414460897 CEST413003778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:36.420676947 CEST37784130079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:37.224781036 CEST37784130079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:37.224934101 CEST413003778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:37.224935055 CEST413003778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:37.228627920 CEST413023778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:37.234070063 CEST37784130279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:37.234293938 CEST413023778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:37.241507053 CEST413023778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:37.246910095 CEST37784130279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:37.246989965 CEST413023778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:37.252360106 CEST37784130279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:38.065661907 CEST37784130279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:38.066834927 CEST413023778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:38.066834927 CEST413023778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:38.071074963 CEST413043778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:38.076381922 CEST37784130479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:38.080391884 CEST413043778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:38.294552088 CEST413043778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:38.300091028 CEST37784130479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:38.300178051 CEST413043778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:38.305510044 CEST37784130479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:38.901433945 CEST37784130479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:38.901489019 CEST413043778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:38.901583910 CEST413043778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:38.903002024 CEST413063778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:38.908427954 CEST37784130679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:38.908520937 CEST413063778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:38.911742926 CEST413063778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:38.917063951 CEST37784130679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:38.917114019 CEST413063778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:38.922537088 CEST37784130679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:39.750323057 CEST37784130679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:39.750674009 CEST413063778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:39.750674009 CEST413063778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:39.751383066 CEST413083778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:39.756741047 CEST37784130879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:39.756861925 CEST413083778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:39.758174896 CEST413083778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:39.763442993 CEST37784130879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:39.763520002 CEST413083778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:39.768798113 CEST37784130879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:40.588434935 CEST37784130879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:40.588635921 CEST413083778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:40.588685989 CEST413083778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:40.591392994 CEST413103778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:40.596856117 CEST37784131079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:40.596916914 CEST413103778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:40.599945068 CEST413103778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:40.605707884 CEST37784131079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:40.605752945 CEST413103778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:40.611069918 CEST37784131079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:41.430219889 CEST37784131079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:41.430347919 CEST413103778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:41.430629015 CEST413103778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:41.431427002 CEST413123778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:41.436835051 CEST37784131279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:41.436896086 CEST413123778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:41.437577009 CEST413123778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:41.442909956 CEST37784131279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:41.442972898 CEST413123778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:41.448426962 CEST37784131279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:42.274920940 CEST37784131279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:42.275194883 CEST413123778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:42.275194883 CEST413123778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:42.275729895 CEST413143778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:42.281007051 CEST37784131479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:42.281083107 CEST413143778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:42.281799078 CEST413143778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:42.287122965 CEST37784131479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:42.287178040 CEST413143778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:42.292721987 CEST37784131479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:43.109855890 CEST37784131479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:43.110222101 CEST413143778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:43.110222101 CEST413143778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:43.110749006 CEST413163778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:43.116106033 CEST37784131679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:43.116187096 CEST413163778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:43.116897106 CEST413163778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:43.122181892 CEST37784131679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:43.122245073 CEST413163778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:43.127553940 CEST37784131679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:43.939076900 CEST37784131679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:43.939198017 CEST413163778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:43.939269066 CEST413163778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:43.939793110 CEST413183778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:43.945213079 CEST37784131879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:43.945374012 CEST413183778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:43.946072102 CEST413183778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:43.951400995 CEST37784131879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:43.951455116 CEST413183778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:43.957757950 CEST37784131879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:44.769061089 CEST37784131879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:44.769093990 CEST37784131879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:44.769156933 CEST413183778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:44.769156933 CEST413183778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:44.769217014 CEST413183778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:44.769618988 CEST413203778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:44.774983883 CEST37784132079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:44.775041103 CEST413203778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:44.775866032 CEST413203778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:44.781188011 CEST37784132079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:44.781243086 CEST413203778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:44.786595106 CEST37784132079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:45.620198965 CEST37784132079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:45.620512009 CEST413203778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:45.620512962 CEST413203778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:45.621299028 CEST413223778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:45.626661062 CEST37784132279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:45.626741886 CEST413223778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:45.627501011 CEST413223778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:45.632790089 CEST37784132279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:45.632855892 CEST413223778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:45.638226986 CEST37784132279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:46.455617905 CEST37784132279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:46.455837965 CEST413223778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:46.455909014 CEST413223778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:46.456330061 CEST413243778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:46.461643934 CEST37784132479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:46.461774111 CEST413243778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:46.462541103 CEST413243778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:46.467844963 CEST37784132479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:46.468224049 CEST413243778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:46.473536968 CEST37784132479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:47.288286924 CEST37784132479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:47.288470984 CEST413243778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:47.288547993 CEST413243778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:47.289242029 CEST413263778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:47.294534922 CEST37784132679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:47.294596910 CEST413263778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:47.295790911 CEST413263778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:47.301264048 CEST37784132679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:47.301367044 CEST413263778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:47.306663036 CEST37784132679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:48.124145985 CEST37784132679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:48.124388933 CEST413263778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:48.124484062 CEST413263778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:48.125133038 CEST413283778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:48.130445004 CEST37784132879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:48.130491972 CEST413283778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:48.131360054 CEST413283778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:48.136729002 CEST37784132879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:48.136814117 CEST413283778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:48.142281055 CEST37784132879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:48.973206997 CEST37784132879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:48.973402023 CEST413283778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:48.973402023 CEST413283778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:48.973979950 CEST413303778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:48.979306936 CEST37784133079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:48.979377985 CEST413303778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:48.980407000 CEST413303778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:48.985732079 CEST37784133079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:48.985789061 CEST413303778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:48.991122961 CEST37784133079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:49.819360018 CEST37784133079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:49.819694996 CEST413303778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:49.819752932 CEST413303778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:49.820494890 CEST413323778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:49.825943947 CEST37784133279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:49.826030970 CEST413323778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:49.826910973 CEST413323778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:49.832294941 CEST37784133279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:49.832348108 CEST413323778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:49.837641001 CEST37784133279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:50.667701006 CEST37784133279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:50.667958021 CEST413323778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:50.668047905 CEST413323778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:50.668708086 CEST413343778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:50.674171925 CEST37784133479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:50.674266100 CEST413343778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:50.675627947 CEST413343778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:50.681246996 CEST37784133479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:50.681332111 CEST413343778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:50.686634064 CEST37784133479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:51.503458977 CEST37784133479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:51.503948927 CEST413343778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:51.503950119 CEST413343778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:51.504807949 CEST413363778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:51.510263920 CEST37784133679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:51.510319948 CEST413363778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:51.511893988 CEST413363778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:51.517999887 CEST37784133679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:51.518060923 CEST413363778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:51.525355101 CEST37784133679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:52.410990000 CEST37784133679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:52.411232948 CEST413363778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:52.411349058 CEST413363778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:52.412211895 CEST413383778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:52.417778015 CEST37784133879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:52.417861938 CEST413383778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:52.419118881 CEST413383778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:52.424678087 CEST37784133879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:52.424741030 CEST413383778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:52.430066109 CEST37784133879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:53.261303902 CEST37784133879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:53.261440992 CEST413383778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:53.261475086 CEST413383778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:53.262227058 CEST413403778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:53.268110991 CEST37784134079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:53.268168926 CEST413403778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:53.269448042 CEST413403778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:53.274934053 CEST37784134079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:53.274981976 CEST413403778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:53.280380964 CEST37784134079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:54.098248005 CEST37784134079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:54.098371029 CEST413403778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:54.098442078 CEST413403778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:54.099179029 CEST413423778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:54.104844093 CEST37784134279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:54.104918003 CEST413423778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:54.106489897 CEST413423778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:54.112020969 CEST37784134279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:54.112072945 CEST413423778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:54.117557049 CEST37784134279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:54.933814049 CEST37784134279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:54.934103012 CEST413423778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:54.934185982 CEST413423778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:54.935009956 CEST413443778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:54.940792084 CEST37784134479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:54.940845013 CEST413443778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:54.942049026 CEST413443778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:54.947617054 CEST37784134479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:54.947704077 CEST413443778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:54.953052044 CEST37784134479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:55.770972967 CEST37784134479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:55.771255970 CEST413443778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:55.771256924 CEST413443778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:55.772198915 CEST413463778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:55.777759075 CEST37784134679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:55.777836084 CEST413463778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:55.779422998 CEST413463778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:55.785073996 CEST37784134679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:55.785142899 CEST413463778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:55.790532112 CEST37784134679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:56.607698917 CEST37784134679.133.46.243192.168.2.13
                Oct 24, 2024 06:58:56.607831001 CEST413463778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:56.607912064 CEST413463778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:56.609476089 CEST413483778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:56.616287947 CEST37784134879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:56.616408110 CEST413483778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:56.618501902 CEST413483778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:56.624166012 CEST37784134879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:56.624233961 CEST413483778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:56.629545927 CEST37784134879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:57.445626974 CEST37784134879.133.46.243192.168.2.13
                Oct 24, 2024 06:58:57.446116924 CEST413483778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:57.446116924 CEST413483778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:57.447504997 CEST413503778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:57.453063965 CEST37784135079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:57.453134060 CEST413503778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:57.454761982 CEST413503778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:57.460308075 CEST37784135079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:57.460361004 CEST413503778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:57.465882063 CEST37784135079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:58.283373117 CEST37784135079.133.46.243192.168.2.13
                Oct 24, 2024 06:58:58.283807039 CEST413503778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:58.283807039 CEST413503778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:58.284907103 CEST413523778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:58.290525913 CEST37784135279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:58.290602922 CEST413523778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:58.292222977 CEST413523778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:58.297699928 CEST37784135279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:58.297775030 CEST413523778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:58.303340912 CEST37784135279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:59.116044044 CEST37784135279.133.46.243192.168.2.13
                Oct 24, 2024 06:58:59.116276979 CEST413523778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:59.116276979 CEST413523778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:59.117783070 CEST413543778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:59.123259068 CEST37784135479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:59.123361111 CEST413543778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:59.125102997 CEST413543778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:59.130486012 CEST37784135479.133.46.243192.168.2.13
                Oct 24, 2024 06:58:59.130543947 CEST413543778192.168.2.1379.133.46.243
                Oct 24, 2024 06:58:59.135869980 CEST37784135479.133.46.243192.168.2.13
                Oct 24, 2024 06:59:09.132184982 CEST413543778192.168.2.1379.133.46.243
                Oct 24, 2024 06:59:09.138701916 CEST37784135479.133.46.243192.168.2.13
                Oct 24, 2024 06:59:09.377307892 CEST37784135479.133.46.243192.168.2.13
                Oct 24, 2024 06:59:09.377588987 CEST413543778192.168.2.1379.133.46.243
                Oct 24, 2024 07:00:09.421649933 CEST413543778192.168.2.1379.133.46.243
                Oct 24, 2024 07:00:09.427547932 CEST37784135479.133.46.243192.168.2.13
                Oct 24, 2024 07:00:09.782293081 CEST37784135479.133.46.243192.168.2.13
                Oct 24, 2024 07:00:09.783024073 CEST413543778192.168.2.1379.133.46.243
                Oct 24, 2024 07:01:02.578797102 CEST3489853192.168.2.138.8.8.8
                Oct 24, 2024 07:01:02.584498882 CEST53348988.8.8.8192.168.2.13
                Oct 24, 2024 07:01:02.584954977 CEST3489853192.168.2.138.8.8.8
                Oct 24, 2024 07:01:02.584954977 CEST3489853192.168.2.138.8.8.8
                Oct 24, 2024 07:01:02.584954977 CEST3489853192.168.2.138.8.8.8
                Oct 24, 2024 07:01:02.590569973 CEST53348988.8.8.8192.168.2.13
                Oct 24, 2024 07:01:02.590584993 CEST53348988.8.8.8192.168.2.13
                Oct 24, 2024 07:01:03.187529087 CEST53348988.8.8.8192.168.2.13
                Oct 24, 2024 07:01:03.187962055 CEST3489853192.168.2.138.8.8.8
                Oct 24, 2024 07:01:05.188208103 CEST53348988.8.8.8192.168.2.13
                Oct 24, 2024 07:01:05.188821077 CEST3489853192.168.2.138.8.8.8
                Oct 24, 2024 07:01:05.194345951 CEST53348988.8.8.8192.168.2.13
                Oct 24, 2024 07:01:09.818514109 CEST413543778192.168.2.1379.133.46.243
                Oct 24, 2024 07:01:09.824332952 CEST37784135479.133.46.243192.168.2.13
                Oct 24, 2024 07:01:10.062846899 CEST37784135479.133.46.243192.168.2.13
                Oct 24, 2024 07:01:10.063107014 CEST413543778192.168.2.1379.133.46.243

                DNS Queries

                TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                Oct 24, 2024 07:01:02.584954977 CEST192.168.2.138.8.8.80x1b1fStandard query (0)daisy.ubuntu.comA (IP address)IN (0x0001)false
                Oct 24, 2024 07:01:02.584954977 CEST192.168.2.138.8.8.80xaef1Standard query (0)daisy.ubuntu.com28IN (0x0001)false

                System Behavior

                General

                Start time (UTC):04:58:17
                Start date (UTC):24/10/2024
                Path:/tmp/F4ged15cJ3.elf
                Arguments:/tmp/F4ged15cJ3.elf
                File size:4463432 bytes
                MD5 hash:cd177594338c77b895ae27c33f8f86cc

                Chronological Activities


                General

                Start time (UTC):04:58:17
                Start date (UTC):24/10/2024
                Path:/tmp/F4ged15cJ3.elf
                Arguments:-
                File size:4463432 bytes
                MD5 hash:cd177594338c77b895ae27c33f8f86cc

                Chronological Activities


                General

                Start time (UTC):04:58:17
                Start date (UTC):24/10/2024
                Path:/tmp/F4ged15cJ3.elf
                Arguments:-
                File size:4463432 bytes
                MD5 hash:cd177594338c77b895ae27c33f8f86cc

                Chronological Activities


                General

                Start time (UTC):04:58:17
                Start date (UTC):24/10/2024
                Path:/tmp/F4ged15cJ3.elf
                Arguments:-
                File size:4463432 bytes
                MD5 hash:cd177594338c77b895ae27c33f8f86cc

                Chronological Activities


                General

                Start time (UTC):04:58:22
                Start date (UTC):24/10/2024
                Path:/usr/bin/xfce4-panel
                Arguments:-
                File size:375768 bytes
                MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                Chronological Activities


                General

                Start time (UTC):04:58:22
                Start date (UTC):24/10/2024
                Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray "Notification Area" "Area where notification icons appear"
                File size:35136 bytes
                MD5 hash:ac0b8a906f359a8ae102244738682e76

                Chronological Activities


                General

                Start time (UTC):04:58:22
                Start date (UTC):24/10/2024
                Path:/usr/bin/xfce4-panel
                Arguments:-
                File size:375768 bytes
                MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                Chronological Activities


                General

                Start time (UTC):04:58:22
                Start date (UTC):24/10/2024
                Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921 statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
                File size:35136 bytes
                MD5 hash:ac0b8a906f359a8ae102244738682e76

                Chronological Activities


                General

                Start time (UTC):04:58:22
                Start date (UTC):24/10/2024
                Path:/usr/bin/xfce4-panel
                Arguments:-
                File size:375768 bytes
                MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                Chronological Activities


                General

                Start time (UTC):04:58:22
                Start date (UTC):24/10/2024
                Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8 12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
                File size:35136 bytes
                MD5 hash:ac0b8a906f359a8ae102244738682e76

                Chronological Activities


                General

                Start time (UTC):04:58:22
                Start date (UTC):24/10/2024
                Path:/usr/bin/xfce4-panel
                Arguments:-
                File size:375768 bytes
                MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                Chronological Activities


                General

                Start time (UTC):04:58:22
                Start date (UTC):24/10/2024
                Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9 12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness of your display"
                File size:35136 bytes
                MD5 hash:ac0b8a906f359a8ae102244738682e76

                Chronological Activities


                General

                Start time (UTC):04:58:28
                Start date (UTC):24/10/2024
                Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                Arguments:-
                File size:35136 bytes
                MD5 hash:ac0b8a906f359a8ae102244738682e76

                Chronological Activities


                General

                Start time (UTC):04:58:28
                Start date (UTC):24/10/2024
                Path:/usr/sbin/xfpm-power-backlight-helper
                Arguments:/usr/sbin/xfpm-power-backlight-helper --get-max-brightness
                File size:14656 bytes
                MD5 hash:3d221ad23f28ca3259f599b1664e2427

                Chronological Activities


                General

                Start time (UTC):04:58:22
                Start date (UTC):24/10/2024
                Path:/usr/bin/xfce4-panel
                Arguments:-
                File size:375768 bytes
                MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                Chronological Activities


                General

                Start time (UTC):04:58:22
                Start date (UTC):24/10/2024
                Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so 10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
                File size:35136 bytes
                MD5 hash:ac0b8a906f359a8ae102244738682e76

                Chronological Activities


                General

                Start time (UTC):04:58:22
                Start date (UTC):24/10/2024
                Path:/usr/bin/xfce4-panel
                Arguments:-
                File size:375768 bytes
                MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                Chronological Activities


                General

                Start time (UTC):04:58:22
                Start date (UTC):24/10/2024
                Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925 actions "Action Buttons" "Log out, lock or other system actions"
                File size:35136 bytes
                MD5 hash:ac0b8a906f359a8ae102244738682e76

                Chronological Activities


                General

                Start time (UTC):04:58:28
                Start date (UTC):24/10/2024
                Path:/usr/bin/dbus-daemon
                Arguments:-
                File size:249032 bytes
                MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                Chronological Activities


                General

                Start time (UTC):04:58:28
                Start date (UTC):24/10/2024
                Path:/usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
                Arguments:/usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
                File size:112880 bytes
                MD5 hash:4c7a0d6d258bb970905b19b84abcd8e9

                Chronological Activities


                General

                Start time (UTC):04:58:32
                Start date (UTC):24/10/2024
                Path:/usr/lib/systemd/systemd
                Arguments:-
                File size:1620224 bytes
                MD5 hash:9b2bec7092a40488108543f9334aab75

                Chronological Activities


                General

                Start time (UTC):04:58:32
                Start date (UTC):24/10/2024
                Path:/usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd
                Arguments:/usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd
                File size:112872 bytes
                MD5 hash:eee956f1b227c1d5031f9c61223255d1

                Chronological Activities


                General

                Start time (UTC):05:00:44
                Start date (UTC):24/10/2024
                Path:/usr/lib/systemd/systemd
                Arguments:-
                File size:1620224 bytes
                MD5 hash:9b2bec7092a40488108543f9334aab75

                Chronological Activities


                General

                Start time (UTC):05:00:44
                Start date (UTC):24/10/2024
                Path:/usr/sbin/logrotate
                Arguments:/usr/sbin/logrotate /etc/logrotate.conf
                File size:84056 bytes
                MD5 hash:ff9f6831debb63e53a31ff8057143af6

                Chronological Activities


                General

                Start time (UTC):05:00:44
                Start date (UTC):24/10/2024
                Path:/usr/lib/systemd/systemd
                Arguments:-
                File size:1620224 bytes
                MD5 hash:9b2bec7092a40488108543f9334aab75

                Chronological Activities


                General

                Start time (UTC):05:00:44
                Start date (UTC):24/10/2024
                Path:/usr/bin/install
                Arguments:/usr/bin/install -d -o man -g man -m 0755 /var/cache/man
                File size:158112 bytes
                MD5 hash:55e2520049dc6a62e8c94732e36cdd54

                Chronological Activities


                General

                Start time (UTC):05:00:44
                Start date (UTC):24/10/2024
                Path:/usr/lib/systemd/systemd
                Arguments:-
                File size:1620224 bytes
                MD5 hash:9b2bec7092a40488108543f9334aab75

                Chronological Activities


                General

                Start time (UTC):05:00:44
                Start date (UTC):24/10/2024
                Path:/usr/bin/find
                Arguments:/usr/bin/find /var/cache/man -type f -name *.gz -atime +6 -delete
                File size:320160 bytes
                MD5 hash:b68ef002f84cc54dd472238ba7df80ab

                Chronological Activities


                General

                Start time (UTC):05:00:45
                Start date (UTC):24/10/2024
                Path:/usr/lib/systemd/systemd
                Arguments:-
                File size:1620224 bytes
                MD5 hash:9b2bec7092a40488108543f9334aab75

                Chronological Activities


                General

                Start time (UTC):05:00:45
                Start date (UTC):24/10/2024
                Path:/usr/bin/mandb
                Arguments:/usr/bin/mandb --quiet
                File size:142432 bytes
                MD5 hash:1dda5ea0027ecf1c2db0f5a3de7e6941

                Chronological Activities