Windows
Analysis Report
YiqjcLlhew.exe
Overview
General Information
Sample name: | YiqjcLlhew.exerenamed because original name is a hash value |
Original sample name: | e01a1e921ef924c2e1407fae1f09ec200cdb144973f431e81440e39b1005a9ce.exe |
Analysis ID: | 1551217 |
MD5: | f51da33b8f97ec40e1960522549dcca7 |
SHA1: | 001ffe1d668e5131cef1f105bfede3780c123ef8 |
SHA256: | e01a1e921ef924c2e1407fae1f09ec200cdb144973f431e81440e39b1005a9ce |
Tags: | exeuser-adrian__luca |
Infos: | |
Detection
Score: | 96 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- YiqjcLlhew.exe (PID: 6864 cmdline:
"C:\Users\ user\Deskt op\YiqjcLl hew.exe" MD5: F51DA33B8F97EC40E1960522549DCCA7) - kfdag3aedbkjqfngi9xbw.exe (PID: 6912 cmdline:
"C:\vdjmzg owdzhfmld\ kfdag3aedb kjqfngi9xb w.exe" MD5: F51DA33B8F97EC40E1960522549DCCA7) - skjlipudplp.exe (PID: 3156 cmdline:
"C:\vdjmzg owdzhfmld\ skjlipudpl p.exe" MD5: F51DA33B8F97EC40E1960522549DCCA7)
- skjlipudplp.exe (PID: 6980 cmdline:
C:\vdjmzgo wdzhfmld\s kjlipudplp .exe MD5: F51DA33B8F97EC40E1960522549DCCA7) - xmjofjnkdlv.exe (PID: 7092 cmdline:
owwisyfkhl jp "c:\vdj mzgowdzhfm ld\skjlipu dplp.exe" MD5: F51DA33B8F97EC40E1960522549DCCA7) - skjlipudplp.exe (PID: 5320 cmdline:
"c:\vdjmzg owdzhfmld\ skjlipudpl p.exe" MD5: F51DA33B8F97EC40E1960522549DCCA7) - xmjofjnkdlv.exe (PID: 4852 cmdline:
owwisyfkhl jp "c:\vdj mzgowdzhfm ld\skjlipu dplp.exe" MD5: F51DA33B8F97EC40E1960522549DCCA7)
- cleanup
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-11-07T15:57:41.186092+0100 | 2022930 | 1 | A Network Trojan was detected | 52.149.20.212 | 443 | 192.168.2.4 | 52907 | TCP |
2024-11-07T15:58:19.852670+0100 | 2022930 | 1 | A Network Trojan was detected | 52.149.20.212 | 443 | 192.168.2.4 | 52927 | TCP |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-11-07T15:57:28.607734+0100 | 2018141 | 1 | A Network Trojan was detected | 18.143.155.63 | 80 | 192.168.2.4 | 56256 | TCP |
2024-11-07T15:57:31.033944+0100 | 2018141 | 1 | A Network Trojan was detected | 54.244.188.177 | 80 | 192.168.2.4 | 56257 | TCP |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-11-07T15:57:28.607734+0100 | 2037771 | 1 | A Network Trojan was detected | 18.143.155.63 | 80 | 192.168.2.4 | 56256 | TCP |
2024-11-07T15:57:31.033944+0100 | 2037771 | 1 | A Network Trojan was detected | 54.244.188.177 | 80 | 192.168.2.4 | 56257 | TCP |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-11-07T15:57:31.045246+0100 | 2018316 | 1 | A Network Trojan was detected | 1.1.1.1 | 53 | 192.168.2.4 | 57543 | UDP |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-11-07T15:57:31.381815+0100 | 2811542 | 1 | A Network Trojan was detected | 1.1.1.1 | 53 | 192.168.2.4 | 53861 | UDP |
2024-11-07T15:59:15.174980+0100 | 2811542 | 1 | A Network Trojan was detected | 1.1.1.1 | 53 | 192.168.2.4 | 57323 | UDP |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-11-07T15:57:26.487582+0100 | 2815568 | 1 | A Network Trojan was detected | 192.168.2.4 | 56255 | 199.59.243.227 | 80 | TCP |
2024-11-07T15:58:59.354865+0100 | 2815568 | 1 | A Network Trojan was detected | 192.168.2.4 | 53059 | 199.59.243.227 | 80 | TCP |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-11-07T15:57:26.487582+0100 | 2820680 | 1 | Malware Command and Control Activity Detected | 192.168.2.4 | 56255 | 199.59.243.227 | 80 | TCP |
2024-11-07T15:58:59.354865+0100 | 2820680 | 1 | Malware Command and Control Activity Detected | 192.168.2.4 | 53059 | 199.59.243.227 | 80 | TCP |
Click to jump to signature section
AV Detection |
---|
Source: | Avira: |
Source: | Avira: | ||
Source: | Avira: | ||
Source: | Avira: |
Source: | ReversingLabs: | ||
Source: | ReversingLabs: | ||
Source: | ReversingLabs: |
Source: | ReversingLabs: |
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: | ||
Source: | Joe Sandbox ML: | ||
Source: | Joe Sandbox ML: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Code function: | 0_2_00CF3740 | |
Source: | Code function: | 1_2_00DA3740 | |
Source: | Code function: | 2_2_00473740 | |
Source: | Code function: | 3_2_00053740 | |
Source: | Code function: | 4_2_00473740 | |
Source: | Code function: | 10_2_004B3740 |
Networking |
---|
Source: | Suricata IDS: | ||
Source: | Suricata IDS: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | Network traffic detected: |
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | IP Address: | ||
Source: | IP Address: | ||
Source: | IP Address: |
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: |
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | Code function: | 0_2_00D06C30 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | File deleted: | Jump to behavior |
Source: | Code function: | 0_2_00D1D0EB | |
Source: | Code function: | 0_2_00D0B387 | |
Source: | Code function: | 0_2_00CF7FA0 | |
Source: | Code function: | 0_2_00D248F0 | |
Source: | Code function: | 0_2_00CFD446 | |
Source: | Code function: | 0_2_00D13860 | |
Source: | Code function: | 0_2_00D06C30 | |
Source: | Code function: | 0_2_00CF9820 | |
Source: | Code function: | 0_2_00D0E1D6 | |
Source: | Code function: | 0_2_00CF45C0 | |
Source: | Code function: | 0_2_00CFD1F0 | |
Source: | Code function: | 0_2_00D00950 | |
Source: | Code function: | 0_2_00D22170 | |
Source: | Code function: | 0_2_00D20930 | |
Source: | Code function: | 0_2_00D236D0 | |
Source: | Code function: | 0_2_00D202F0 | |
Source: | Code function: | 0_2_00CF2AE0 | |
Source: | Code function: | 0_2_00CFA6F0 | |
Source: | Code function: | 0_2_00D0D243 | |
Source: | Code function: | 0_2_00D10670 | |
Source: | Code function: | 0_2_00D0D271 | |
Source: | Code function: | 0_2_00D0E206 | |
Source: | Code function: | 0_2_00D0422D | |
Source: | Code function: | 0_2_00D1F790 | |
Source: | Code function: | 0_2_00D15710 | |
Source: | Code function: | 1_2_00DCD0EB | |
Source: | Code function: | 1_2_00DB0950 | |
Source: | Code function: | 1_2_00DD36D0 | |
Source: | Code function: | 1_2_00DA7FA0 | |
Source: | Code function: | 1_2_00DBB37F | |
Source: | Code function: | 1_2_00DD48F0 | |
Source: | Code function: | 1_2_00DAD446 | |
Source: | Code function: | 1_2_00DC3860 | |
Source: | Code function: | 1_2_00DB6C30 | |
Source: | Code function: | 1_2_00DA9820 | |
Source: | Code function: | 1_2_00DA45C0 | |
Source: | Code function: | 1_2_00DAD1F0 | |
Source: | Code function: | 1_2_00DD2170 | |
Source: | Code function: | 1_2_00DD0930 | |
Source: | Code function: | 1_2_00DAA6F0 | |
Source: | Code function: | 1_2_00DD02F0 | |
Source: | Code function: | 1_2_00DA2AE0 | |
Source: | Code function: | 1_2_00DBD243 | |
Source: | Code function: | 1_2_00DBD271 | |
Source: | Code function: | 1_2_00DC0670 | |
Source: | Code function: | 1_2_00DB422D | |
Source: | Code function: | 1_2_00DBD79A | |
Source: | Code function: | 1_2_00DCF790 | |
Source: | Code function: | 1_2_00DBD755 | |
Source: | Code function: | 1_2_00DBD772 | |
Source: | Code function: | 1_2_00DC5710 | |
Source: | Code function: | 1_2_00DBD716 | |
Source: | Code function: | 2_2_00486C30 | |
Source: | Code function: | 2_2_0049D0EB | |
Source: | Code function: | 2_2_00480950 | |
Source: | Code function: | 2_2_004A36D0 | |
Source: | Code function: | 2_2_00472AE0 | |
Source: | Code function: | 2_2_0048B37D | |
Source: | Code function: | 2_2_00477FA0 | |
Source: | Code function: | 2_2_0047D446 | |
Source: | Code function: | 2_2_00493860 | |
Source: | Code function: | 2_2_0048C41C | |
Source: | Code function: | 2_2_00479820 | |
Source: | Code function: | 2_2_004A48F0 | |
Source: | Code function: | 2_2_004A2170 | |
Source: | Code function: | 2_2_004A0930 | |
Source: | Code function: | 2_2_004745C0 | |
Source: | Code function: | 2_2_0047D1F0 | |
Source: | Code function: | 2_2_00490670 | |
Source: | Code function: | 2_2_0048D271 | |
Source: | Code function: | 2_2_0048422C | |
Source: | Code function: | 2_2_0047A6F0 | |
Source: | Code function: | 2_2_004A02F0 | |
Source: | Code function: | 2_2_0048D755 | |
Source: | Code function: | 2_2_0048D772 | |
Source: | Code function: | 2_2_00495710 | |
Source: | Code function: | 2_2_0048D716 | |
Source: | Code function: | 2_2_0048D79A | |
Source: | Code function: | 2_2_0049F790 | |
Source: | Code function: | 3_2_0007D0EB | |
Source: | Code function: | 3_2_0006B37D | |
Source: | Code function: | 3_2_00057FA0 | |
Source: | Code function: | 3_2_00059820 | |
Source: | Code function: | 3_2_00066C30 | |
Source: | Code function: | 3_2_0005D446 | |
Source: | Code function: | 3_2_00073860 | |
Source: | Code function: | 3_2_000848F0 | |
Source: | Code function: | 3_2_00080930 | |
Source: | Code function: | 3_2_00060950 | |
Source: | Code function: | 3_2_00082170 | |
Source: | Code function: | 3_2_000545C0 | |
Source: | Code function: | 3_2_0005D1F0 | |
Source: | Code function: | 3_2_0006422D | |
Source: | Code function: | 3_2_0006D243 | |
Source: | Code function: | 3_2_00070670 | |
Source: | Code function: | 3_2_0006D271 | |
Source: | Code function: | 3_2_000836D0 | |
Source: | Code function: | 3_2_00052AE0 | |
Source: | Code function: | 3_2_0005A6F0 | |
Source: | Code function: | 3_2_000802F0 | |
Source: | Code function: | 3_2_0006D716 | |
Source: | Code function: | 3_2_00075710 | |
Source: | Code function: | 3_2_0006D755 | |
Source: | Code function: | 3_2_0006D772 | |
Source: | Code function: | 3_2_0007F790 | |
Source: | Code function: | 3_2_0006D79A | |
Source: | Code function: | 4_2_0049D0EB | |
Source: | Code function: | 4_2_0048B37D | |
Source: | Code function: | 4_2_00477FA0 | |
Source: | Code function: | 4_2_0047D446 | |
Source: | Code function: | 4_2_00493860 | |
Source: | Code function: | 4_2_0048C41C | |
Source: | Code function: | 4_2_00479820 | |
Source: | Code function: | 4_2_00486C30 | |
Source: | Code function: | 4_2_004A48F0 | |
Source: | Code function: | 4_2_00480950 | |
Source: | Code function: | 4_2_004A2170 | |
Source: | Code function: | 4_2_004A0930 | |
Source: | Code function: | 4_2_004745C0 | |
Source: | Code function: | 4_2_0047D1F0 | |
Source: | Code function: | 4_2_00490670 | |
Source: | Code function: | 4_2_0048D271 | |
Source: | Code function: | 4_2_0048422C | |
Source: | Code function: | 4_2_004A36D0 | |
Source: | Code function: | 4_2_00472AE0 | |
Source: | Code function: | 4_2_0047A6F0 | |
Source: | Code function: | 4_2_004A02F0 | |
Source: | Code function: | 4_2_0048D755 | |
Source: | Code function: | 4_2_0048D772 | |
Source: | Code function: | 4_2_00495710 | |
Source: | Code function: | 4_2_0048D716 | |
Source: | Code function: | 4_2_0048D79A | |
Source: | Code function: | 4_2_0049F790 | |
Source: | Code function: | 10_2_004DD0EB | |
Source: | Code function: | 10_2_004CB37D | |
Source: | Code function: | 10_2_004B7FA0 | |
Source: | Code function: | 10_2_004BD446 | |
Source: | Code function: | 10_2_004D3860 | |
Source: | Code function: | 10_2_004CC41C | |
Source: | Code function: | 10_2_004B9820 | |
Source: | Code function: | 10_2_004C6C30 | |
Source: | Code function: | 10_2_004E48F0 | |
Source: | Code function: | 10_2_004C0950 | |
Source: | Code function: | 10_2_004E2170 | |
Source: | Code function: | 10_2_004E0930 | |
Source: | Code function: | 10_2_004B45C0 | |
Source: | Code function: | 10_2_004BD1F0 | |
Source: | Code function: | 10_2_004D0670 | |
Source: | Code function: | 10_2_004CD271 | |
Source: | Code function: | 10_2_004C422C | |
Source: | Code function: | 10_2_004E36D0 | |
Source: | Code function: | 10_2_004B2AE0 | |
Source: | Code function: | 10_2_004BA6F0 | |
Source: | Code function: | 10_2_004E02F0 | |
Source: | Code function: | 10_2_004CD755 | |
Source: | Code function: | 10_2_004CD772 | |
Source: | Code function: | 10_2_004CD716 | |
Source: | Code function: | 10_2_004D5710 | |
Source: | Code function: | 10_2_004CD79A | |
Source: | Code function: | 10_2_004DF790 |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_00CF53B0 | |
Source: | Code function: | 1_2_00DA53B0 | |
Source: | Code function: | 2_2_004753B0 | |
Source: | Code function: | 3_2_000553B0 | |
Source: | Code function: | 4_2_004753B0 | |
Source: | Code function: | 10_2_004B53B0 |
Source: | Code function: | 0_2_00D10250 |
Source: | Code function: | 0_2_00CF6430 |
Source: | Code function: | 0_2_00CF6430 | |
Source: | Code function: | 1_2_00DA6430 | |
Source: | Code function: | 2_2_00476430 | |
Source: | Code function: | 3_2_00056430 | |
Source: | Code function: | 4_2_00476430 | |
Source: | Code function: | 10_2_004B6430 |
Source: | Mutant created: |
Source: | Static PE information: |
Source: | Key opened: | Jump to behavior |
Source: | ReversingLabs: |
Source: | File read: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Static PE information: |
Source: | Code function: | 0_2_00D236D0 |
Source: | Code function: | 0_2_00D190D9 | |
Source: | Code function: | 0_2_00D00859 | |
Source: | Code function: | 0_2_00D03459 | |
Source: | Code function: | 0_2_00D02A2D | |
Source: | Code function: | 1_2_00DC90D9 | |
Source: | Code function: | 1_2_00DB0859 | |
Source: | Code function: | 1_2_00DB3459 | |
Source: | Code function: | 1_2_00DB2A2D | |
Source: | Code function: | 2_2_00481C60 | |
Source: | Code function: | 2_2_00480859 | |
Source: | Code function: | 2_2_00483459 | |
Source: | Code function: | 2_2_004990D9 | |
Source: | Code function: | 2_2_00482A2D | |
Source: | Code function: | 3_2_00060859 | |
Source: | Code function: | 3_2_00063459 | |
Source: | Code function: | 3_2_00061C60 | |
Source: | Code function: | 3_2_000790D9 | |
Source: | Code function: | 3_2_00062A2D | |
Source: | Code function: | 4_2_00481C60 | |
Source: | Code function: | 4_2_00480859 | |
Source: | Code function: | 4_2_00483459 | |
Source: | Code function: | 4_2_004990D9 | |
Source: | Code function: | 4_2_00482A2D | |
Source: | Code function: | 10_2_004C1C60 | |
Source: | Code function: | 10_2_004C0859 | |
Source: | Code function: | 10_2_004C3459 | |
Source: | Code function: | 10_2_004D90D9 | |
Source: | Code function: | 10_2_004C2A2D |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | Code function: | 0_2_00CF6430 |
Source: | Code function: | 0_2_00D062D0 | |
Source: | Code function: | 1_2_00DB62D0 | |
Source: | Code function: | 2_2_004862D0 | |
Source: | Code function: | 3_2_000662D0 | |
Source: | Code function: | 4_2_004862D0 | |
Source: | Code function: | 10_2_004C62D0 |
Source: | Code function: | 1_2_00DD36D0 | |
Source: | Code function: | 2_2_004A36D0 |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | Decision node followed by non-executed suspicious API: | graph_0-10449 | ||
Source: | Decision node followed by non-executed suspicious API: | graph_4-12305 | ||
Source: | Decision node followed by non-executed suspicious API: | graph_3-11417 | ||
Source: | Decision node followed by non-executed suspicious API: | graph_1-11304 |
Source: | Evasive API call chain: | graph_3-9991 | ||
Source: | Evasive API call chain: | graph_1-9677 | ||
Source: | Evasive API call chain: | graph_0-9220 | ||
Source: | Evasive API call chain: | graph_2-10531 |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | Last function: | ||
Source: | Last function: | ||
Source: | Last function: | ||
Source: | Last function: | ||
Source: | Last function: |
Source: | Code function: | 0_2_00CF3740 | |
Source: | Code function: | 1_2_00DA3740 | |
Source: | Code function: | 2_2_00473740 | |
Source: | Code function: | 3_2_00053740 | |
Source: | Code function: | 4_2_00473740 | |
Source: | Code function: | 10_2_004B3740 |
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | API call chain: | graph_0-8941 | ||
Source: | API call chain: | graph_0-8999 | ||
Source: | API call chain: | graph_0-8912 | ||
Source: | API call chain: | graph_0-8814 | ||
Source: | API call chain: | graph_0-8922 | ||
Source: | API call chain: | graph_1-9716 | ||
Source: | API call chain: | graph_1-9747 | ||
Source: | API call chain: | graph_1-9652 | ||
Source: | API call chain: | graph_1-9710 | ||
Source: | API call chain: | graph_1-9683 | ||
Source: | API call chain: | graph_1-9662 | ||
Source: | API call chain: | graph_1-10659 | ||
Source: | API call chain: | graph_2-10583 | ||
Source: | API call chain: | graph_2-10574 | ||
Source: | API call chain: | graph_2-10538 | ||
Source: | API call chain: | graph_2-10517 | ||
Source: | API call chain: | graph_2-10568 | ||
Source: | API call chain: | graph_2-11624 | ||
Source: | API call chain: | graph_2-10606 | ||
Source: | API call chain: | graph_2-10506 | ||
Source: | API call chain: | graph_3-9696 | ||
Source: | API call chain: | graph_3-9669 | ||
Source: | API call chain: | graph_3-9679 | ||
Source: | API call chain: | graph_3-9560 | ||
Source: | API call chain: | graph_3-9717 | ||
Source: | API call chain: | graph_4-10629 | ||
Source: | API call chain: | graph_4-11385 | ||
Source: | API call chain: | graph_4-10569 | ||
Source: | API call chain: | graph_4-10540 | ||
Source: | API call chain: | graph_4-10589 | ||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: | |||
Source: | API call chain: |
Source: | Process information queried: | Jump to behavior |
Source: | Code function: | 0_2_00D236D0 |
Source: | Code function: | 0_2_00D259B0 |
Source: | Code function: | 0_2_00D11510 |
Source: | Code function: | 0_2_00CF7A90 |
Source: | Code function: | 0_2_00CF7FA0 |
Source: | Key value queried: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 2 Service Execution | 4 Windows Service | 4 Windows Service | 1 Masquerading | OS Credential Dumping | 1 System Time Discovery | Remote Services | 1 Archive Collected Data | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | 2 Native API | 1 DLL Side-Loading | 1 Process Injection | 11 Virtualization/Sandbox Evasion | LSASS Memory | 111 Security Software Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Ingress Tool Transfer | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 1 DLL Side-Loading | 1 Process Injection | Security Account Manager | 11 Virtualization/Sandbox Evasion | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 2 Obfuscated Files or Information | NTDS | 2 Process Discovery | Distributed Component Object Model | Input Capture | 2 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 1 Software Packing | LSA Secrets | 1 Application Window Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 DLL Side-Loading | Cached Domain Credentials | 1 System Service Discovery | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 1 File Deletion | DCSync | 1 System Network Configuration Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | Indicator Removal from Tools | Proc Filesystem | 1 File and Directory Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | HTML Smuggling | /etc/passwd and /etc/shadow | 4 System Information Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
92% | ReversingLabs | Win32.Spyware.Nivdort | ||
100% | Avira | TR/Nivdort.Gen2 | ||
100% | Joe Sandbox ML |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira | TR/Nivdort.Gen2 | ||
100% | Avira | TR/Nivdort.Gen2 | ||
100% | Avira | TR/Nivdort.Gen2 | ||
100% | Joe Sandbox ML | |||
100% | Joe Sandbox ML | |||
100% | Joe Sandbox ML | |||
92% | ReversingLabs | Win32.Spyware.Nivdort | ||
92% | ReversingLabs | Win32.Spyware.Nivdort | ||
92% | ReversingLabs | Win32.Spyware.Nivdort |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
degreedaughter.net | 85.214.228.140 | true | false | high | |
7450.bodis.com | 199.59.243.227 | true | false | high | |
gentleanother.net | 54.244.188.177 | true | false | high | |
returnbottle.net | 18.143.155.63 | true | false | high | |
pleasantinstead.net | 18.143.155.63 | true | false | high | |
forwardpeople.net | unknown | unknown | true | unknown | |
degreeanother.net | unknown | unknown | false | high | |
degreeexplain.net | unknown | unknown | false | high | |
heaveninside.net | unknown | unknown | true | unknown | |
answerappear.net | unknown | unknown | false | high | |
heavybusiness.net | unknown | unknown | false | high | |
pleasantinside.net | unknown | unknown | true | unknown | |
requirebusiness.net | unknown | unknown | false | high | |
forwardinside.net | unknown | unknown | false | high | |
glassmanner.net | unknown | unknown | false | high | |
answerexplain.net | unknown | unknown | false | high | |
orderinside.net | unknown | unknown | true | unknown | |
variousappear.net | unknown | unknown | false | high | |
returnbright.net | unknown | unknown | true | unknown | |
difficultanother.net | unknown | unknown | false | high | |
heavyinside.net | unknown | unknown | true | unknown | |
forwardready.net | unknown | unknown | true | unknown | |
glassdaughter.net | unknown | unknown | true | unknown | |
necessarymanner.net | unknown | unknown | false | high | |
leadernothing.net | unknown | unknown | false | high | |
answeranother.net | unknown | unknown | false | high | |
leadermanner.net | unknown | unknown | false | high | |
heavybottle.net | unknown | unknown | false | high | |
heavenbright.net | unknown | unknown | true | unknown | |
heavydivide.net | unknown | unknown | false | high | |
degreebrown.net | unknown | unknown | true | unknown | |
gentleinstead.net | unknown | unknown | true | unknown | |
glassanother.net | unknown | unknown | false | high | |
heavenanother.net | unknown | unknown | false | high | |
difficultmanner.net | unknown | unknown | false | high | |
glassexplain.net | unknown | unknown | false | high | |
requireinside.net | unknown | unknown | true | unknown | |
heavenexplain.net | unknown | unknown | true | unknown | |
forwardbusiness.net | unknown | unknown | false | high | |
difficultexplain.net | unknown | unknown | true | unknown | |
gentleappear.net | unknown | unknown | false | high | |
pleasantbright.net | unknown | unknown | true | unknown | |
returnexplain.net | unknown | unknown | true | unknown | |
gentlemanner.net | unknown | unknown | false | high | |
answerdaughter.net | unknown | unknown | true | unknown | |
heardinside.net | unknown | unknown | true | unknown | |
requiremanner.net | unknown | unknown | false | high | |
gentleexplain.net | unknown | unknown | true | unknown | |
glassappear.net | unknown | unknown | false | high | |
necessaryanother.net | unknown | unknown | false | high | |
glassinside.net | unknown | unknown | true | unknown | |
difficultbright.net | unknown | unknown | true | unknown | |
heardbrown.net | unknown | unknown | true | unknown | |
glasspeople.net | unknown | unknown | true | unknown | |
requireinstead.net | unknown | unknown | true | unknown | |
necessaryinside.net | unknown | unknown | true | unknown | |
returndivide.net | unknown | unknown | false | high | |
heardinstead.net | unknown | unknown | true | unknown | |
variousbright.net | unknown | unknown | true | unknown | |
degreebusiness.net | unknown | unknown | false | high | |
answerbusiness.net | unknown | unknown | false | high | |
heavenbusiness.net | unknown | unknown | false | high | |
gentledivide.net | unknown | unknown | false | high | |
variousinstead.net | unknown | unknown | true | unknown | |
gentlestream.net | unknown | unknown | false | high | |
pleasantmanner.net | unknown | unknown | false | high | |
necessaryappear.net | unknown | unknown | false | high | |
pleasantbusiness.net | unknown | unknown | false | high | |
heardbright.net | unknown | unknown | true | unknown | |
heavenbottle.net | unknown | unknown | false | high | |
heavynothing.net | unknown | unknown | false | high | |
gentlebusiness.net | unknown | unknown | false | high | |
ordermanner.net | unknown | unknown | false | high | |
leaderbottle.net | unknown | unknown | false | high | |
pleasantanother.net | unknown | unknown | false | high | |
heavyanother.net | unknown | unknown | false | high | |
degreeinstead.net | unknown | unknown | false | high | |
degreepeople.net | unknown | unknown | true | unknown | |
answerready.net | unknown | unknown | true | unknown | |
difficultbrown.net | unknown | unknown | true | unknown | |
answerbright.net | unknown | unknown | false | high | |
heavennothing.net | unknown | unknown | false | high | |
returninside.net | unknown | unknown | true | unknown | |
forwardbright.net | unknown | unknown | false | high | |
difficultinside.net | unknown | unknown | true | unknown | |
heavybright.net | unknown | unknown | true | unknown | |
leaderanother.net | unknown | unknown | false | high | |
returninstead.net | unknown | unknown | true | unknown | |
difficultinstead.net | unknown | unknown | true | unknown | |
heavenappear.net | unknown | unknown | false | high | |
answerinside.net | unknown | unknown | true | unknown | |
degreebright.net | unknown | unknown | false | high | |
forwardbrown.net | unknown | unknown | true | unknown | |
heavyinstead.net | unknown | unknown | true | unknown | |
gentleinside.net | unknown | unknown | true | unknown | |
heardexplain.net | unknown | unknown | true | unknown | |
heavyappear.net | unknown | unknown | false | high | |
answerpeople.net | unknown | unknown | true | unknown | |
pleasantexplain.net | unknown | unknown | true | unknown | |
requireexplain.net | unknown | unknown | true | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
18.143.155.63 | returnbottle.net | United States | 16509 | AMAZON-02US | false | |
85.214.228.140 | degreedaughter.net | Germany | 6724 | STRATOSTRATOAGDE | false | |
199.59.243.227 | 7450.bodis.com | United States | 395082 | BODIS-NJUS | false | |
54.244.188.177 | gentleanother.net | United States | 16509 | AMAZON-02US | false |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1551217 |
Start date and time: | 2024-11-07 15:56:26 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 6m 23s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 11 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | YiqjcLlhew.exerenamed because original name is a hash value |
Original Sample Name: | e01a1e921ef924c2e1407fae1f09ec200cdb144973f431e81440e39b1005a9ce.exe |
Detection: | MAL |
Classification: | mal96.troj.winEXE@12/5@212/4 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing disassembly code.
- VT rate limit hit for: YiqjcLlhew.exe
Time | Type | Description |
---|---|---|
09:57:55 | API Interceptor | |
09:58:40 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
18.143.155.63 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
85.214.228.140 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | PureLog Stealer, RedLine | Browse |
| ||
Get hash | malicious | DBatLoader, Nitol, PureLog Stealer, XWorm | Browse |
| ||
199.59.243.227 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
gentleanother.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
returnbottle.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
degreedaughter.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
7450.bodis.com | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
AMAZON-02US | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Ducktail | Browse |
| ||
STRATOSTRATOAGDE | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
BODIS-NJUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
AMAZON-02US | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Ducktail | Browse |
|
Process: | C:\Users\user\Desktop\YiqjcLlhew.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 9 |
Entropy (8bit): | 3.169925001442312 |
Encrypted: | false |
SSDEEP: | 3:ign:ig |
MD5: | 848E1C84F4DAA882C9652ECE27785309 |
SHA1: | B87C783FEE5FE47917E533D4995701851ED25EE2 |
SHA-256: | 3B8F78C362F113BCD28891E0E1195F4D2B98AB523B1C6E0FEA7B74FC0A7AF5AA |
SHA-512: | 2276401873F5713355A0ECF990A72CD402D1CD432ECF971637E4239D8DE877BB485B87A35A4DB94E29621B64A94AC0A6F566259CBC5742A088F07969F35A7FC9 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Users\user\Desktop\YiqjcLlhew.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 9 |
Entropy (8bit): | 3.169925001442312 |
Encrypted: | false |
SSDEEP: | 3:ign:ig |
MD5: | 848E1C84F4DAA882C9652ECE27785309 |
SHA1: | B87C783FEE5FE47917E533D4995701851ED25EE2 |
SHA-256: | 3B8F78C362F113BCD28891E0E1195F4D2B98AB523B1C6E0FEA7B74FC0A7AF5AA |
SHA-512: | 2276401873F5713355A0ECF990A72CD402D1CD432ECF971637E4239D8DE877BB485B87A35A4DB94E29621B64A94AC0A6F566259CBC5742A088F07969F35A7FC9 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Users\user\Desktop\YiqjcLlhew.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 282112 |
Entropy (8bit): | 7.143656205471311 |
Encrypted: | false |
SSDEEP: | 6144:0u5QPgyknFyneuvNYXK/+w6doLOjO3+0UnGiE7saNZ:KPgnnEnh1GNsO49UGX7saP |
MD5: | F51DA33B8F97EC40E1960522549DCCA7 |
SHA1: | 001FFE1D668E5131CEF1F105BFEDE3780C123EF8 |
SHA-256: | E01A1E921EF924C2E1407FAE1F09EC200CDB144973F431E81440E39B1005A9CE |
SHA-512: | A3C31FDD2C71A21EA007860E13860D79746BEC527D31B200D7905569DDC1A4495DD0C0440B1E9EF97D61BBB1B91367DDFDF87F583B96ED60E8C5A44DE43F1684 |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
Process: | C:\vdjmzgowdzhfmld\kfdag3aedbkjqfngi9xbw.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 282112 |
Entropy (8bit): | 7.143656205471311 |
Encrypted: | false |
SSDEEP: | 6144:0u5QPgyknFyneuvNYXK/+w6doLOjO3+0UnGiE7saNZ:KPgnnEnh1GNsO49UGX7saP |
MD5: | F51DA33B8F97EC40E1960522549DCCA7 |
SHA1: | 001FFE1D668E5131CEF1F105BFEDE3780C123EF8 |
SHA-256: | E01A1E921EF924C2E1407FAE1F09EC200CDB144973F431E81440E39B1005A9CE |
SHA-512: | A3C31FDD2C71A21EA007860E13860D79746BEC527D31B200D7905569DDC1A4495DD0C0440B1E9EF97D61BBB1B91367DDFDF87F583B96ED60E8C5A44DE43F1684 |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
Process: | C:\vdjmzgowdzhfmld\skjlipudplp.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 282112 |
Entropy (8bit): | 7.143656205471311 |
Encrypted: | false |
SSDEEP: | 6144:0u5QPgyknFyneuvNYXK/+w6doLOjO3+0UnGiE7saNZ:KPgnnEnh1GNsO49UGX7saP |
MD5: | F51DA33B8F97EC40E1960522549DCCA7 |
SHA1: | 001FFE1D668E5131CEF1F105BFEDE3780C123EF8 |
SHA-256: | E01A1E921EF924C2E1407FAE1F09EC200CDB144973F431E81440E39B1005A9CE |
SHA-512: | A3C31FDD2C71A21EA007860E13860D79746BEC527D31B200D7905569DDC1A4495DD0C0440B1E9EF97D61BBB1B91367DDFDF87F583B96ED60E8C5A44DE43F1684 |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
File type: | |
Entropy (8bit): | 7.143656205471311 |
TrID: |
|
File name: | YiqjcLlhew.exe |
File size: | 282'112 bytes |
MD5: | f51da33b8f97ec40e1960522549dcca7 |
SHA1: | 001ffe1d668e5131cef1f105bfede3780c123ef8 |
SHA256: | e01a1e921ef924c2e1407fae1f09ec200cdb144973f431e81440e39b1005a9ce |
SHA512: | a3c31fdd2c71a21ea007860e13860d79746bec527d31b200d7905569ddc1a4495dd0c0440b1e9ef97d61bbb1b91367ddfdf87f583b96ed60e8c5a44de43f1684 |
SSDEEP: | 6144:0u5QPgyknFyneuvNYXK/+w6doLOjO3+0UnGiE7saNZ:KPgnnEnh1GNsO49UGX7saP |
TLSH: | D2548C55C9BA542ECC525EFD85AA3B72FCAF1072A7E805C3938230D0A4602F8DB76757 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.........i..............%|.....................................Rich............PE..L....-.V.................\...>.......U.......p....@ |
Icon Hash: | 90cececece8e8eb0 |
Entrypoint: | 0x425510 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x56892DF4 [Sun Jan 3 14:19:32 2016 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | fd660912aa6dbf67a78c3e4af3a5d215 |
Instruction |
---|
fld dword ptr [004790DCh] |
fld dword ptr [0047DDD0h] |
fmul qword ptr [004635D8h] |
fadd dword ptr [00474998h] |
fxch st(0), st(1) |
fucomip st(0), st(1) |
fstp st(0) |
lahf |
test ah, 00000044h |
jnp 00007F22948CEC44h |
fld dword ptr [0047C3CCh] |
fmul qword ptr [004588E0h] |
fstp dword ptr [0047C3CCh] |
call 00007F22948B4F7Ah |
mov eax, dword ptr [00446434h] |
imul eax, eax, 9882A734h |
mov dword ptr [00446434h], eax |
call 00007F22948D02B5h |
push 00437184h |
fld dword ptr [00474484h] |
push 0043717Ch |
fld qword ptr [00463938h] |
fld dword ptr [0047977Ch] |
fmulp st(2), st(0) |
fsubrp st(1), st(0) |
fstp dword ptr [00475624h] |
fld dword ptr [0047977Ch] |
fsub qword ptr [0043B0B0h] |
fstp dword ptr [0047977Ch] |
call 00007F22948DB508h |
mov cx, word ptr [0046FA0Ch] |
mov edx, dword ptr [0043FF54h] |
dec word ptr [0046FA0Ch] |
imul edx, edx, ABEE16C1h |
movsx eax, cx |
sub eax, 0FAF8D35h |
and eax, 1399A9A9h |
and edx, CDFEA84Fh |
add esp, 08h |
cmp edx, eax |
jnle 00007F22948CEC4Fh |
mov eax, dword ptr [0043F104h] |
mov ecx, dword ptr [00000000h] |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x3b0e8 | 0x50 | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x82000 | 0x9e1c | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x37000 | 0x17c | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x35bea | 0x35c00 | 50375fc1d8dd7a60063c581b5c9ced1b | False | 0.6988235828488372 | data | 6.868137010503397 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x37000 | 0x48f4 | 0x4a00 | 55ae83737777b356f3e01b6037c5df9e | False | 0.8528821790540541 | data | 7.170520001196571 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0x3c000 | 0x4506c | 0x200 | 07b5472d347d42780469fb2654b7fc54 | False | 0.02734375 | data | 0.020393135236084953 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.reloc | 0x82000 | 0xa12e | 0xa200 | 3af76855a0826f29034716a6eb8b96c5 | False | 0.6822675540123457 | data | 6.81111315269099 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
DLL | Import |
---|---|
GDI32.dll | GetClipRgn, GetStretchBltMode, GetPixelFormat, GetNearestPaletteIndex, GetNearestColor, GetTextCharacterExtra, GetTextCharset, SetSystemPaletteUse, GetMetaRgn, GetRandomRgn, GetMapMode, GetBkColor, GetDeviceCaps, GetFontLanguageInfo, SetTextJustification, GetObjectType, GetGraphicsMode, GetCurrentObject, GetFontUnicodeRanges, GetDCPenColor, GetDCBrushColor, GetSystemPaletteUse, GetPolyFillMode |
USER32.dll | GetMenuItemID, ShowWindow, SendMessageA, GetDlgItemInt, GetScrollPos, GetMenuState, IsWindowEnabled, GetForegroundWindow, GetCursor, GetMenuItemCount, GetDlgItem, EndDialog, CheckDlgButton, GetWindowContextHelpId, MoveWindow, SetDlgItemTextA, SetFocus, DrawTextA, EnableWindow, RemovePropA, PostMessageA, GetQueueStatus, SetWindowTextA, EndPaint, IsWindowUnicode, BeginPaint, CallWindowProcA, GetPropA, GetMenuCheckMarkDimensions, GetKeyboardType, LoadIconA, GetInputState, GetMenu, WindowFromDC, GetDC, GetWindowDC, GetMenuContextHelpId |
KERNEL32.dll | HeapAlloc, GetFileTime, WriteFile, GetCurrentThreadId, GetLastError, IsProcessorFeaturePresent, GetModuleHandleA, FlushFileBuffers, DeleteFileA, IsDebuggerPresent, GlobalSize, GetCurrentProcess, LockResource, MoveFileA, GlobalAlloc, CloseHandle, GetCurrentProcessId, SizeofResource, LocalFlags, GetDriveTypeA, GetTickCount, FindClose, GlobalHandle, GetFileType, GetVersion, GlobalFlags, QueryPerformanceCounter, FindResourceA, GetStdHandle, GetProcAddress, SetFilePointer, GetProcessHeap |
Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-11-07T15:57:26.487582+0100 | 2815568 | ETPRO MALWARE Terse HTTP 1.0 Request Possible Nivdort | 1 | 192.168.2.4 | 56255 | 199.59.243.227 | 80 | TCP |
2024-11-07T15:57:26.487582+0100 | 2820680 | ETPRO MALWARE W32/Bayrob Attempted Checkin 2 | 1 | 192.168.2.4 | 56255 | 199.59.243.227 | 80 | TCP |
2024-11-07T15:57:28.607734+0100 | 2018141 | ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz | 1 | 18.143.155.63 | 80 | 192.168.2.4 | 56256 | TCP |
2024-11-07T15:57:28.607734+0100 | 2037771 | ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst | 1 | 18.143.155.63 | 80 | 192.168.2.4 | 56256 | TCP |
2024-11-07T15:57:31.033944+0100 | 2018141 | ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz | 1 | 54.244.188.177 | 80 | 192.168.2.4 | 56257 | TCP |
2024-11-07T15:57:31.033944+0100 | 2037771 | ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value btst | 1 | 54.244.188.177 | 80 | 192.168.2.4 | 56257 | TCP |
2024-11-07T15:57:31.045246+0100 | 2018316 | ET MALWARE Possible Zeus GameOver/FluBot Related DGA NXDOMAIN Responses | 1 | 1.1.1.1 | 53 | 192.168.2.4 | 57543 | UDP |
2024-11-07T15:57:31.381815+0100 | 2811542 | ETPRO MALWARE Possible Tinba DGA NXDOMAIN Responses (net) | 1 | 1.1.1.1 | 53 | 192.168.2.4 | 53861 | UDP |
2024-11-07T15:57:41.186092+0100 | 2022930 | ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow | 1 | 52.149.20.212 | 443 | 192.168.2.4 | 52907 | TCP |
2024-11-07T15:58:19.852670+0100 | 2022930 | ET EXPLOIT Possible CVE-2016-2211 Symantec Cab Parsing Buffer Overflow | 1 | 52.149.20.212 | 443 | 192.168.2.4 | 52927 | TCP |
2024-11-07T15:58:59.354865+0100 | 2815568 | ETPRO MALWARE Terse HTTP 1.0 Request Possible Nivdort | 1 | 192.168.2.4 | 53059 | 199.59.243.227 | 80 | TCP |
2024-11-07T15:58:59.354865+0100 | 2820680 | ETPRO MALWARE W32/Bayrob Attempted Checkin 2 | 1 | 192.168.2.4 | 53059 | 199.59.243.227 | 80 | TCP |
2024-11-07T15:59:15.174980+0100 | 2811542 | ETPRO MALWARE Possible Tinba DGA NXDOMAIN Responses (net) | 1 | 1.1.1.1 | 53 | 192.168.2.4 | 57323 | UDP |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Nov 7, 2024 15:57:25.853058100 CET | 56255 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:57:25.858227015 CET | 80 | 56255 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:57:25.858352900 CET | 56255 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:57:25.858414888 CET | 56255 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:57:25.863919973 CET | 80 | 56255 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:57:26.487468004 CET | 80 | 56255 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:57:26.487528086 CET | 80 | 56255 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:57:26.487581968 CET | 56255 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:57:26.488176107 CET | 80 | 56255 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:57:26.488265038 CET | 56255 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:57:26.502768993 CET | 56255 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:57:26.507595062 CET | 80 | 56255 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:57:26.746654034 CET | 56256 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:57:26.751493931 CET | 80 | 56256 | 18.143.155.63 | 192.168.2.4 |
Nov 7, 2024 15:57:26.751589060 CET | 56256 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:57:26.751705885 CET | 56256 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:57:26.756625891 CET | 80 | 56256 | 18.143.155.63 | 192.168.2.4 |
Nov 7, 2024 15:57:28.186042070 CET | 80 | 56256 | 18.143.155.63 | 192.168.2.4 |
Nov 7, 2024 15:57:28.236475945 CET | 56256 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:57:28.607733965 CET | 80 | 56256 | 18.143.155.63 | 192.168.2.4 |
Nov 7, 2024 15:57:28.607805967 CET | 56256 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:57:28.607949972 CET | 56256 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:57:28.613217115 CET | 80 | 56256 | 18.143.155.63 | 192.168.2.4 |
Nov 7, 2024 15:57:30.072261095 CET | 56257 | 80 | 192.168.2.4 | 54.244.188.177 |
Nov 7, 2024 15:57:30.077280998 CET | 80 | 56257 | 54.244.188.177 | 192.168.2.4 |
Nov 7, 2024 15:57:30.077378035 CET | 56257 | 80 | 192.168.2.4 | 54.244.188.177 |
Nov 7, 2024 15:57:30.077418089 CET | 56257 | 80 | 192.168.2.4 | 54.244.188.177 |
Nov 7, 2024 15:57:30.082412958 CET | 80 | 56257 | 54.244.188.177 | 192.168.2.4 |
Nov 7, 2024 15:57:30.916203022 CET | 80 | 56257 | 54.244.188.177 | 192.168.2.4 |
Nov 7, 2024 15:57:30.974944115 CET | 56257 | 80 | 192.168.2.4 | 54.244.188.177 |
Nov 7, 2024 15:57:31.033943892 CET | 80 | 56257 | 54.244.188.177 | 192.168.2.4 |
Nov 7, 2024 15:57:31.034012079 CET | 56257 | 80 | 192.168.2.4 | 54.244.188.177 |
Nov 7, 2024 15:57:31.034077883 CET | 56257 | 80 | 192.168.2.4 | 54.244.188.177 |
Nov 7, 2024 15:57:31.039436102 CET | 80 | 56257 | 54.244.188.177 | 192.168.2.4 |
Nov 7, 2024 15:57:31.808835030 CET | 56258 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:57:31.813731909 CET | 80 | 56258 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:57:31.813812971 CET | 56258 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:57:31.813858986 CET | 56258 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:57:31.818928003 CET | 80 | 56258 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:57:32.439815044 CET | 80 | 56258 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:57:32.440130949 CET | 80 | 56258 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:57:32.440232992 CET | 56258 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:57:32.440695047 CET | 80 | 56258 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:57:32.440751076 CET | 56258 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:57:32.440788984 CET | 56258 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:57:32.445626020 CET | 80 | 56258 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:57:32.859895945 CET | 56259 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:57:32.865720987 CET | 80 | 56259 | 18.143.155.63 | 192.168.2.4 |
Nov 7, 2024 15:57:32.865818024 CET | 56259 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:57:32.865911007 CET | 56259 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:57:32.871763945 CET | 80 | 56259 | 18.143.155.63 | 192.168.2.4 |
Nov 7, 2024 15:57:34.301917076 CET | 80 | 56259 | 18.143.155.63 | 192.168.2.4 |
Nov 7, 2024 15:57:34.345855951 CET | 56259 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:57:34.720617056 CET | 80 | 56259 | 18.143.155.63 | 192.168.2.4 |
Nov 7, 2024 15:57:34.720716000 CET | 56259 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:57:34.720835924 CET | 56259 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:57:34.725684881 CET | 80 | 56259 | 18.143.155.63 | 192.168.2.4 |
Nov 7, 2024 15:57:36.290576935 CET | 52906 | 80 | 192.168.2.4 | 85.214.228.140 |
Nov 7, 2024 15:57:36.295619011 CET | 80 | 52906 | 85.214.228.140 | 192.168.2.4 |
Nov 7, 2024 15:57:36.295722008 CET | 52906 | 80 | 192.168.2.4 | 85.214.228.140 |
Nov 7, 2024 15:57:36.295778990 CET | 52906 | 80 | 192.168.2.4 | 85.214.228.140 |
Nov 7, 2024 15:57:36.301033020 CET | 80 | 52906 | 85.214.228.140 | 192.168.2.4 |
Nov 7, 2024 15:57:37.167211056 CET | 80 | 52906 | 85.214.228.140 | 192.168.2.4 |
Nov 7, 2024 15:57:37.167440891 CET | 52906 | 80 | 192.168.2.4 | 85.214.228.140 |
Nov 7, 2024 15:57:37.173258066 CET | 80 | 52906 | 85.214.228.140 | 192.168.2.4 |
Nov 7, 2024 15:57:37.173316002 CET | 52906 | 80 | 192.168.2.4 | 85.214.228.140 |
Nov 7, 2024 15:58:58.691948891 CET | 53059 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:58:58.696762085 CET | 80 | 53059 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:58:58.696835041 CET | 53059 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:58:58.696934938 CET | 53059 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:58:58.701845884 CET | 80 | 53059 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:58:59.354711056 CET | 80 | 53059 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:58:59.354749918 CET | 80 | 53059 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:58:59.354865074 CET | 53059 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:58:59.386847019 CET | 80 | 53059 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:58:59.386931896 CET | 53059 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:58:59.386960030 CET | 53059 | 80 | 192.168.2.4 | 199.59.243.227 |
Nov 7, 2024 15:58:59.391727924 CET | 80 | 53059 | 199.59.243.227 | 192.168.2.4 |
Nov 7, 2024 15:59:04.487379074 CET | 53060 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:59:04.492321968 CET | 80 | 53060 | 18.143.155.63 | 192.168.2.4 |
Nov 7, 2024 15:59:04.492455959 CET | 53060 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:59:04.492487907 CET | 53060 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:59:04.498064995 CET | 80 | 53060 | 18.143.155.63 | 192.168.2.4 |
Nov 7, 2024 15:59:05.946990013 CET | 80 | 53060 | 18.143.155.63 | 192.168.2.4 |
Nov 7, 2024 15:59:05.950577021 CET | 53060 | 80 | 192.168.2.4 | 18.143.155.63 |
Nov 7, 2024 15:59:05.956269979 CET | 80 | 53060 | 18.143.155.63 | 192.168.2.4 |
Nov 7, 2024 15:59:05.957601070 CET | 53060 | 80 | 192.168.2.4 | 18.143.155.63 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Nov 7, 2024 15:57:25.598953009 CET | 61687 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.631861925 CET | 53 | 61687 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:25.633697033 CET | 52595 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.645848989 CET | 53 | 52595 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:25.646873951 CET | 59367 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.656449080 CET | 53 | 59367 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:25.657315016 CET | 54626 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.667129040 CET | 53 | 54626 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:25.667728901 CET | 49687 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.677459955 CET | 53 | 49687 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:25.678292036 CET | 58660 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.687184095 CET | 53 | 58660 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:25.687746048 CET | 63477 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.719547987 CET | 53 | 63477 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:25.720197916 CET | 60292 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.731822014 CET | 53 | 60292 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:25.732448101 CET | 60230 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.742547989 CET | 53 | 60230 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:25.743042946 CET | 51539 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.753448009 CET | 53 | 51539 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:25.753922939 CET | 64542 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.763569117 CET | 53 | 64542 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:25.764054060 CET | 51781 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.795557022 CET | 53 | 51781 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:25.796324015 CET | 61359 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.805303097 CET | 53 | 61359 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:25.806137085 CET | 53984 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.815865040 CET | 53 | 53984 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:25.816534996 CET | 58028 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:25.850419998 CET | 53 | 58028 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:26.504765987 CET | 59895 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:26.516118050 CET | 53 | 59895 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:26.519882917 CET | 54852 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:26.530613899 CET | 53 | 54852 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:26.531505108 CET | 52084 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:26.540194035 CET | 53 | 52084 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:26.540818930 CET | 55026 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:26.551168919 CET | 53 | 55026 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:26.551928043 CET | 61028 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:26.746041059 CET | 53 | 61028 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:28.608932018 CET | 49476 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:28.640121937 CET | 53 | 49476 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:28.641144991 CET | 61387 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:28.651575089 CET | 53 | 61387 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:28.652244091 CET | 62766 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:28.683953047 CET | 53 | 62766 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:28.684809923 CET | 62395 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:28.695125103 CET | 53 | 62395 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:28.706078053 CET | 57721 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:28.717513084 CET | 53 | 57721 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:28.718172073 CET | 52717 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:28.749032974 CET | 53 | 52717 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:28.752068043 CET | 65500 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:28.761738062 CET | 53 | 65500 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:28.762501001 CET | 64914 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:28.769593954 CET | 53 | 64914 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:28.770487070 CET | 57699 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:28.802685022 CET | 53 | 57699 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:28.803914070 CET | 52790 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:28.813733101 CET | 53 | 52790 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:28.814615965 CET | 53125 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:28.846529961 CET | 53 | 53125 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:28.890871048 CET | 62691 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:28.922717094 CET | 53 | 62691 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:28.943527937 CET | 56936 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:28.975121975 CET | 53 | 56936 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:28.983619928 CET | 54365 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:28.995428085 CET | 53 | 54365 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.023113966 CET | 60319 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.033108950 CET | 53 | 60319 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.056510925 CET | 64999 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.088630915 CET | 53 | 64999 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.092259884 CET | 63003 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.100744009 CET | 53 | 63003 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.102926970 CET | 61629 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.114103079 CET | 53 | 61629 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.114737988 CET | 49538 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.125330925 CET | 53 | 49538 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.126133919 CET | 57921 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.135571003 CET | 53 | 57921 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.136465073 CET | 56857 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.146785975 CET | 53 | 56857 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.150029898 CET | 52053 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.160728931 CET | 53 | 52053 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.162488937 CET | 55672 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.195027113 CET | 53 | 55672 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.195741892 CET | 49766 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.205692053 CET | 53 | 49766 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.206238985 CET | 49892 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.216232061 CET | 53 | 49892 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.216711044 CET | 63189 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.248083115 CET | 53 | 63189 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.248653889 CET | 56062 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.259063959 CET | 53 | 56062 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.259706974 CET | 49313 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.271241903 CET | 53 | 49313 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.280312061 CET | 62262 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.289757013 CET | 53 | 62262 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.290527105 CET | 55892 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.300761938 CET | 53 | 55892 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.301466942 CET | 62327 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.311243057 CET | 53 | 62327 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.311822891 CET | 64089 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.321863890 CET | 53 | 64089 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.322402954 CET | 60752 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.333460093 CET | 53 | 60752 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.334032059 CET | 57522 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.341922998 CET | 53 | 57522 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.342523098 CET | 53480 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.373936892 CET | 53 | 53480 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.374519110 CET | 54387 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.385025024 CET | 53 | 54387 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.385798931 CET | 56492 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.395087004 CET | 53 | 56492 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.395567894 CET | 49426 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.427052975 CET | 53 | 49426 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.427556038 CET | 54527 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.458486080 CET | 53 | 54527 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.459433079 CET | 50387 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.478652954 CET | 53 | 50387 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.479537010 CET | 50180 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.489219904 CET | 53 | 50180 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.489816904 CET | 50894 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.521697044 CET | 53 | 50894 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.522387028 CET | 49823 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.532649040 CET | 53 | 49823 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.533108950 CET | 61996 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.543586969 CET | 53 | 61996 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.544166088 CET | 56025 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.551742077 CET | 53 | 56025 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.552328110 CET | 51872 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.563178062 CET | 53 | 51872 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.563798904 CET | 52046 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.574742079 CET | 53 | 52046 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.575304031 CET | 57920 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.605519056 CET | 53 | 57920 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.608778954 CET | 63820 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.639822006 CET | 53 | 63820 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.640881062 CET | 55311 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.800131083 CET | 53 | 55311 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.801202059 CET | 63379 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.810688019 CET | 53 | 63379 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.811295986 CET | 57639 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.819685936 CET | 53 | 57639 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.820270061 CET | 51947 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:29.851707935 CET | 53 | 51947 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:29.852560997 CET | 53167 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:30.071521997 CET | 53 | 53167 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.034883022 CET | 57543 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.045245886 CET | 53 | 57543 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.046117067 CET | 51668 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.056803942 CET | 53 | 51668 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.057584047 CET | 56723 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.067895889 CET | 53 | 56723 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.070287943 CET | 56157 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.079752922 CET | 53 | 56157 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.083619118 CET | 58353 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.093905926 CET | 53 | 58353 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.094738960 CET | 63141 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.129702091 CET | 53 | 63141 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.130283117 CET | 60700 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.160774946 CET | 53 | 60700 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.161422968 CET | 63943 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.170933962 CET | 53 | 63943 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.171503067 CET | 56934 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.178939104 CET | 53 | 56934 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.179951906 CET | 63094 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.191473961 CET | 53 | 63094 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.193454027 CET | 50553 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.203186035 CET | 53 | 50553 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.207791090 CET | 49677 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.217197895 CET | 53 | 49677 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.217861891 CET | 53798 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.228225946 CET | 53 | 53798 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.240741968 CET | 49973 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.271872997 CET | 53 | 49973 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.272670984 CET | 57560 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.282432079 CET | 53 | 57560 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.282916069 CET | 55868 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.290476084 CET | 53 | 55868 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.291152954 CET | 63290 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.303997993 CET | 53 | 63290 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.328244925 CET | 55123 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.337970972 CET | 53 | 55123 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.338823080 CET | 52651 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.348360062 CET | 53 | 52651 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.349282980 CET | 60229 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.359241009 CET | 53 | 60229 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.359914064 CET | 56400 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.370657921 CET | 53 | 56400 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.372553110 CET | 53861 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.381814957 CET | 53 | 53861 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.383318901 CET | 56363 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.393755913 CET | 53 | 56363 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.394382954 CET | 63770 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.404901981 CET | 53 | 63770 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.405455112 CET | 55973 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.416102886 CET | 53 | 55973 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:31.416682005 CET | 61968 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:31.808114052 CET | 53 | 61968 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:32.441715956 CET | 58703 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:32.451536894 CET | 53 | 58703 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:32.452512980 CET | 64555 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:32.484488010 CET | 53 | 64555 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:32.485547066 CET | 55053 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:32.495065928 CET | 53 | 55053 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:32.495738983 CET | 59778 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:32.535895109 CET | 53 | 59778 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:32.536716938 CET | 60513 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:32.546379089 CET | 53 | 60513 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:32.546979904 CET | 59335 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:32.579175949 CET | 53 | 59335 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:32.579816103 CET | 61345 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:32.589665890 CET | 53 | 61345 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:32.590279102 CET | 64935 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:32.622515917 CET | 53 | 64935 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:32.623049974 CET | 49462 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:32.653708935 CET | 53 | 49462 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:32.654361963 CET | 54095 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:32.664206028 CET | 53 | 54095 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:32.664824009 CET | 61761 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:32.859258890 CET | 53 | 61761 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:34.721852064 CET | 55619 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:34.752906084 CET | 53 | 55619 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:34.754009008 CET | 54237 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:34.763824940 CET | 53 | 54237 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:34.765712023 CET | 51561 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:34.775659084 CET | 53 | 51561 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:34.776513100 CET | 56884 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:34.785609007 CET | 53 | 56884 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:34.786246061 CET | 59470 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:34.819991112 CET | 53 | 59470 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:34.820839882 CET | 58895 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:34.831909895 CET | 53 | 58895 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:34.832411051 CET | 62433 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:34.842245102 CET | 53 | 62433 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:34.842756033 CET | 58286 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:34.852189064 CET | 53 | 58286 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:34.853035927 CET | 57466 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:34.862122059 CET | 53 | 57466 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:34.862692118 CET | 52054 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:34.894512892 CET | 53 | 52054 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:34.895277023 CET | 59322 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:34.927958965 CET | 53 | 59322 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:34.928857088 CET | 63013 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:34.960393906 CET | 53 | 63013 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:34.961563110 CET | 50787 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:34.991811991 CET | 53 | 50787 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:34.992927074 CET | 57204 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.005132914 CET | 53 | 57204 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.006141901 CET | 54342 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.016954899 CET | 53 | 54342 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.017961025 CET | 50002 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.049014091 CET | 53 | 50002 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.050293922 CET | 60359 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.061455965 CET | 53 | 60359 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.062438011 CET | 57592 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.095782995 CET | 53 | 57592 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.103013039 CET | 62072 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.113306999 CET | 53 | 62072 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.114564896 CET | 50089 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.146603107 CET | 53 | 50089 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.148169041 CET | 52010 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.159138918 CET | 53 | 52010 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.160119057 CET | 55590 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.170059919 CET | 53 | 55590 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.171287060 CET | 57013 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.181094885 CET | 53 | 57013 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.181827068 CET | 65036 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.193017006 CET | 53 | 65036 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.193883896 CET | 55999 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.204135895 CET | 53 | 55999 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.204827070 CET | 54895 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.237279892 CET | 53 | 54895 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.238082886 CET | 60093 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.270993948 CET | 53 | 60093 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.271697044 CET | 55502 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.282653093 CET | 53 | 55502 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.283339977 CET | 65321 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.293380022 CET | 53 | 65321 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.294009924 CET | 57657 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.304930925 CET | 53 | 57657 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.305702925 CET | 51621 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.316421032 CET | 53 | 51621 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.317099094 CET | 56989 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.348077059 CET | 53 | 56989 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.349088907 CET | 56254 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.379626036 CET | 53 | 56254 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.380559921 CET | 51805 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.389906883 CET | 53 | 51805 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.390535116 CET | 49580 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.401525021 CET | 53 | 49580 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.402508020 CET | 63567 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.414895058 CET | 53 | 63567 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.415702105 CET | 53312 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.426203012 CET | 53 | 53312 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.426805019 CET | 65013 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.457942963 CET | 53 | 65013 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:35.458795071 CET | 63291 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:35.466090918 CET | 53 | 63291 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:36.080801964 CET | 55618 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:36.091259003 CET | 53 | 55618 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:36.092027903 CET | 54498 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:36.104262114 CET | 53 | 54498 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:36.104963064 CET | 62824 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:36.136810064 CET | 53 | 62824 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:36.137752056 CET | 50939 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:36.150038958 CET | 53 | 50939 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:36.150887012 CET | 57794 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:36.183873892 CET | 53 | 57794 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:36.184926987 CET | 64735 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:36.195394993 CET | 53 | 64735 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:36.202963114 CET | 60006 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:36.289940119 CET | 53 | 60006 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:37.168531895 CET | 63553 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:37.178915977 CET | 53 | 63553 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:37.179748058 CET | 50375 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:37.188942909 CET | 53 | 50375 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:37.190592051 CET | 50182 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:37.220582962 CET | 53 | 50182 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:37.222835064 CET | 50542 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:37.253858089 CET | 53 | 50542 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:37.254793882 CET | 62669 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:37.264949083 CET | 53 | 62669 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:37.265779972 CET | 57047 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:37.296228886 CET | 53 | 57047 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:37.297281981 CET | 55665 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:37.327457905 CET | 53 | 55665 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:37.328386068 CET | 49925 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:37.337937117 CET | 53 | 49925 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:37.338747978 CET | 61708 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:37.348233938 CET | 53 | 61708 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:37.348999977 CET | 49822 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:37.380656958 CET | 53 | 49822 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:37.381479025 CET | 51734 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:37.414180040 CET | 53 | 51734 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:37.415046930 CET | 62976 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:37.425971985 CET | 53 | 62976 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:57:37.426877022 CET | 63083 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:57:37.437093973 CET | 53 | 63083 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:58:45.244280100 CET | 61827 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:58:45.275635004 CET | 53 | 61827 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:58:46.284641981 CET | 63471 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:58:46.295077085 CET | 53 | 63471 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:58:47.315727949 CET | 57999 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:58:47.325715065 CET | 53 | 57999 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:58:48.331154108 CET | 62830 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:58:48.339792013 CET | 53 | 62830 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:58:49.347044945 CET | 64663 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:58:49.359157085 CET | 53 | 64663 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:58:50.362693071 CET | 59514 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:58:50.372262955 CET | 53 | 59514 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:58:51.378467083 CET | 60724 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:58:51.387005091 CET | 53 | 60724 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:58:52.409006119 CET | 51082 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:58:52.418625116 CET | 53 | 51082 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:58:53.424958944 CET | 51485 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:58:53.456137896 CET | 53 | 51485 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:58:54.472050905 CET | 56911 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:58:54.483752012 CET | 53 | 56911 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:58:55.612168074 CET | 56239 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:58:55.643434048 CET | 53 | 56239 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:58:56.659132004 CET | 62598 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:58:56.669537067 CET | 53 | 62598 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:58:57.675082922 CET | 61955 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:58:57.685509920 CET | 53 | 61955 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:00.393326998 CET | 59367 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:00.424079895 CET | 53 | 59367 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:01.440242052 CET | 63328 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:01.449789047 CET | 53 | 63328 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:02.455888987 CET | 65271 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:02.465276003 CET | 53 | 65271 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:03.471364975 CET | 54161 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:03.483633995 CET | 53 | 54161 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:06.955768108 CET | 57847 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:06.965877056 CET | 53 | 57847 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:07.971486092 CET | 61341 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:07.981679916 CET | 53 | 61341 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:08.987201929 CET | 58418 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:08.996021032 CET | 53 | 58418 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:10.002863884 CET | 64829 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:10.013009071 CET | 53 | 64829 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:11.019175053 CET | 54106 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:11.029616117 CET | 53 | 54106 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:12.034075022 CET | 61007 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:12.045104980 CET | 53 | 61007 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:13.049737930 CET | 54975 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:13.081716061 CET | 53 | 54975 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:14.096457958 CET | 58044 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:14.126576900 CET | 53 | 58044 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:15.143170118 CET | 57323 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:15.174979925 CET | 53 | 57323 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:16.190762997 CET | 49586 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:16.201395988 CET | 53 | 49586 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:17.206154108 CET | 53934 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:17.215400934 CET | 53 | 53934 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:18.221826077 CET | 50009 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:18.232784033 CET | 53 | 50009 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:19.238291025 CET | 50858 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:19.247200012 CET | 53 | 50858 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:20.221410990 CET | 52538 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:20.231200933 CET | 53 | 52538 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:21.174698114 CET | 65336 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:21.185820103 CET | 53 | 65336 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:22.096545935 CET | 52408 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:22.107166052 CET | 53 | 52408 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:22.986951113 CET | 56237 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:22.996701002 CET | 53 | 56237 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:23.846404076 CET | 55744 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:23.855959892 CET | 53 | 55744 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:24.674396992 CET | 57009 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:24.681726933 CET | 53 | 57009 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:25.487883091 CET | 59353 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:25.497222900 CET | 53 | 59353 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:26.268379927 CET | 61303 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:26.427541018 CET | 53 | 61303 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:27.174776077 CET | 56544 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:27.184636116 CET | 53 | 56544 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:28.002542973 CET | 49231 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:28.012492895 CET | 53 | 49231 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:28.013588905 CET | 62847 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:28.044290066 CET | 53 | 62847 | 1.1.1.1 | 192.168.2.4 |
Nov 7, 2024 15:59:28.045198917 CET | 60719 | 53 | 192.168.2.4 | 1.1.1.1 |
Nov 7, 2024 15:59:28.054019928 CET | 53 | 60719 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Nov 7, 2024 15:57:25.598953009 CET | 192.168.2.4 | 1.1.1.1 | 0xaf52 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.633697033 CET | 192.168.2.4 | 1.1.1.1 | 0xecf2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.646873951 CET | 192.168.2.4 | 1.1.1.1 | 0xad35 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.657315016 CET | 192.168.2.4 | 1.1.1.1 | 0xd76d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.667728901 CET | 192.168.2.4 | 1.1.1.1 | 0x91cd | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.678292036 CET | 192.168.2.4 | 1.1.1.1 | 0xd9e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.687746048 CET | 192.168.2.4 | 1.1.1.1 | 0x37e1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.720197916 CET | 192.168.2.4 | 1.1.1.1 | 0xf3cb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.732448101 CET | 192.168.2.4 | 1.1.1.1 | 0xbebe | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.743042946 CET | 192.168.2.4 | 1.1.1.1 | 0x3cce | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.753922939 CET | 192.168.2.4 | 1.1.1.1 | 0xceb2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.764054060 CET | 192.168.2.4 | 1.1.1.1 | 0x179 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.796324015 CET | 192.168.2.4 | 1.1.1.1 | 0x9d0b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.806137085 CET | 192.168.2.4 | 1.1.1.1 | 0xc039 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.816534996 CET | 192.168.2.4 | 1.1.1.1 | 0x1b99 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:26.504765987 CET | 192.168.2.4 | 1.1.1.1 | 0x2bf5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:26.519882917 CET | 192.168.2.4 | 1.1.1.1 | 0x469a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:26.531505108 CET | 192.168.2.4 | 1.1.1.1 | 0xfc0d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:26.540818930 CET | 192.168.2.4 | 1.1.1.1 | 0x7f50 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:26.551928043 CET | 192.168.2.4 | 1.1.1.1 | 0xc09a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.608932018 CET | 192.168.2.4 | 1.1.1.1 | 0x88ef | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.641144991 CET | 192.168.2.4 | 1.1.1.1 | 0x7907 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.652244091 CET | 192.168.2.4 | 1.1.1.1 | 0x8d09 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.684809923 CET | 192.168.2.4 | 1.1.1.1 | 0x1099 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.706078053 CET | 192.168.2.4 | 1.1.1.1 | 0x198b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.718172073 CET | 192.168.2.4 | 1.1.1.1 | 0x4b45 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.752068043 CET | 192.168.2.4 | 1.1.1.1 | 0x8330 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.762501001 CET | 192.168.2.4 | 1.1.1.1 | 0x18dc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.770487070 CET | 192.168.2.4 | 1.1.1.1 | 0x3a59 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.803914070 CET | 192.168.2.4 | 1.1.1.1 | 0x91f1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.814615965 CET | 192.168.2.4 | 1.1.1.1 | 0xf8a5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.890871048 CET | 192.168.2.4 | 1.1.1.1 | 0xf0d9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.943527937 CET | 192.168.2.4 | 1.1.1.1 | 0xfdaf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.983619928 CET | 192.168.2.4 | 1.1.1.1 | 0x27df | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.023113966 CET | 192.168.2.4 | 1.1.1.1 | 0xe933 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.056510925 CET | 192.168.2.4 | 1.1.1.1 | 0x21c1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.092259884 CET | 192.168.2.4 | 1.1.1.1 | 0xeff5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.102926970 CET | 192.168.2.4 | 1.1.1.1 | 0x60dc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.114737988 CET | 192.168.2.4 | 1.1.1.1 | 0xc60d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.126133919 CET | 192.168.2.4 | 1.1.1.1 | 0x41ab | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.136465073 CET | 192.168.2.4 | 1.1.1.1 | 0xe98b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.150029898 CET | 192.168.2.4 | 1.1.1.1 | 0x1cb1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.162488937 CET | 192.168.2.4 | 1.1.1.1 | 0x8867 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.195741892 CET | 192.168.2.4 | 1.1.1.1 | 0x6e2c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.206238985 CET | 192.168.2.4 | 1.1.1.1 | 0x4386 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.216711044 CET | 192.168.2.4 | 1.1.1.1 | 0x9e32 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.248653889 CET | 192.168.2.4 | 1.1.1.1 | 0x2bae | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.259706974 CET | 192.168.2.4 | 1.1.1.1 | 0xc762 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.280312061 CET | 192.168.2.4 | 1.1.1.1 | 0x1a63 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.290527105 CET | 192.168.2.4 | 1.1.1.1 | 0xbd41 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.301466942 CET | 192.168.2.4 | 1.1.1.1 | 0x6c1c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.311822891 CET | 192.168.2.4 | 1.1.1.1 | 0x1ba9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.322402954 CET | 192.168.2.4 | 1.1.1.1 | 0x98a6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.334032059 CET | 192.168.2.4 | 1.1.1.1 | 0xa1e0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.342523098 CET | 192.168.2.4 | 1.1.1.1 | 0x6e61 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.374519110 CET | 192.168.2.4 | 1.1.1.1 | 0x3ed8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.385798931 CET | 192.168.2.4 | 1.1.1.1 | 0x3f9d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.395567894 CET | 192.168.2.4 | 1.1.1.1 | 0x77ca | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.427556038 CET | 192.168.2.4 | 1.1.1.1 | 0xb6f6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.459433079 CET | 192.168.2.4 | 1.1.1.1 | 0x9177 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.479537010 CET | 192.168.2.4 | 1.1.1.1 | 0xd39c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.489816904 CET | 192.168.2.4 | 1.1.1.1 | 0x9d90 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.522387028 CET | 192.168.2.4 | 1.1.1.1 | 0xd092 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.533108950 CET | 192.168.2.4 | 1.1.1.1 | 0x2300 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.544166088 CET | 192.168.2.4 | 1.1.1.1 | 0xe73b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.552328110 CET | 192.168.2.4 | 1.1.1.1 | 0x2055 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.563798904 CET | 192.168.2.4 | 1.1.1.1 | 0x4b45 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.575304031 CET | 192.168.2.4 | 1.1.1.1 | 0xc24a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.608778954 CET | 192.168.2.4 | 1.1.1.1 | 0xb9fc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.640881062 CET | 192.168.2.4 | 1.1.1.1 | 0xab7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.801202059 CET | 192.168.2.4 | 1.1.1.1 | 0xd36d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.811295986 CET | 192.168.2.4 | 1.1.1.1 | 0xbcf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.820270061 CET | 192.168.2.4 | 1.1.1.1 | 0x2629 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.852560997 CET | 192.168.2.4 | 1.1.1.1 | 0x611a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.034883022 CET | 192.168.2.4 | 1.1.1.1 | 0xf2d2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.046117067 CET | 192.168.2.4 | 1.1.1.1 | 0xc0c4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.057584047 CET | 192.168.2.4 | 1.1.1.1 | 0x916d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.070287943 CET | 192.168.2.4 | 1.1.1.1 | 0x8812 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.083619118 CET | 192.168.2.4 | 1.1.1.1 | 0x1cb6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.094738960 CET | 192.168.2.4 | 1.1.1.1 | 0x25cb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.130283117 CET | 192.168.2.4 | 1.1.1.1 | 0x150f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.161422968 CET | 192.168.2.4 | 1.1.1.1 | 0xe252 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.171503067 CET | 192.168.2.4 | 1.1.1.1 | 0xbaaa | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.179951906 CET | 192.168.2.4 | 1.1.1.1 | 0x72df | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.193454027 CET | 192.168.2.4 | 1.1.1.1 | 0x69ca | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.207791090 CET | 192.168.2.4 | 1.1.1.1 | 0x6ec2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.217861891 CET | 192.168.2.4 | 1.1.1.1 | 0x61fa | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.240741968 CET | 192.168.2.4 | 1.1.1.1 | 0xd02d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.272670984 CET | 192.168.2.4 | 1.1.1.1 | 0xa6ca | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.282916069 CET | 192.168.2.4 | 1.1.1.1 | 0xe30e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.291152954 CET | 192.168.2.4 | 1.1.1.1 | 0xe750 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.328244925 CET | 192.168.2.4 | 1.1.1.1 | 0x2190 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.338823080 CET | 192.168.2.4 | 1.1.1.1 | 0x56de | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.349282980 CET | 192.168.2.4 | 1.1.1.1 | 0xd2ab | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.359914064 CET | 192.168.2.4 | 1.1.1.1 | 0x86ed | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.372553110 CET | 192.168.2.4 | 1.1.1.1 | 0x8f12 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.383318901 CET | 192.168.2.4 | 1.1.1.1 | 0x588c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.394382954 CET | 192.168.2.4 | 1.1.1.1 | 0x727c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.405455112 CET | 192.168.2.4 | 1.1.1.1 | 0x9aae | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.416682005 CET | 192.168.2.4 | 1.1.1.1 | 0x74a2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.441715956 CET | 192.168.2.4 | 1.1.1.1 | 0xbd99 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.452512980 CET | 192.168.2.4 | 1.1.1.1 | 0xbe38 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.485547066 CET | 192.168.2.4 | 1.1.1.1 | 0xe81b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.495738983 CET | 192.168.2.4 | 1.1.1.1 | 0x2a29 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.536716938 CET | 192.168.2.4 | 1.1.1.1 | 0x28aa | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.546979904 CET | 192.168.2.4 | 1.1.1.1 | 0x4d0c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.579816103 CET | 192.168.2.4 | 1.1.1.1 | 0xc290 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.590279102 CET | 192.168.2.4 | 1.1.1.1 | 0xd67d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.623049974 CET | 192.168.2.4 | 1.1.1.1 | 0xdeff | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.654361963 CET | 192.168.2.4 | 1.1.1.1 | 0x1490 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.664824009 CET | 192.168.2.4 | 1.1.1.1 | 0xfc65 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.721852064 CET | 192.168.2.4 | 1.1.1.1 | 0x5af2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.754009008 CET | 192.168.2.4 | 1.1.1.1 | 0xe748 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.765712023 CET | 192.168.2.4 | 1.1.1.1 | 0x9737 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.776513100 CET | 192.168.2.4 | 1.1.1.1 | 0xdfaa | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.786246061 CET | 192.168.2.4 | 1.1.1.1 | 0xabc7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.820839882 CET | 192.168.2.4 | 1.1.1.1 | 0xf5e5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.832411051 CET | 192.168.2.4 | 1.1.1.1 | 0xc2af | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.842756033 CET | 192.168.2.4 | 1.1.1.1 | 0xeb89 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.853035927 CET | 192.168.2.4 | 1.1.1.1 | 0x9cde | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.862692118 CET | 192.168.2.4 | 1.1.1.1 | 0xe005 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.895277023 CET | 192.168.2.4 | 1.1.1.1 | 0x369f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.928857088 CET | 192.168.2.4 | 1.1.1.1 | 0x87b4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.961563110 CET | 192.168.2.4 | 1.1.1.1 | 0x410a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.992927074 CET | 192.168.2.4 | 1.1.1.1 | 0xeab | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.006141901 CET | 192.168.2.4 | 1.1.1.1 | 0xf201 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.017961025 CET | 192.168.2.4 | 1.1.1.1 | 0x2536 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.050293922 CET | 192.168.2.4 | 1.1.1.1 | 0x2ec5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.062438011 CET | 192.168.2.4 | 1.1.1.1 | 0x6f2f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.103013039 CET | 192.168.2.4 | 1.1.1.1 | 0x5c75 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.114564896 CET | 192.168.2.4 | 1.1.1.1 | 0x7d62 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.148169041 CET | 192.168.2.4 | 1.1.1.1 | 0xc3dc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.160119057 CET | 192.168.2.4 | 1.1.1.1 | 0x99a8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.171287060 CET | 192.168.2.4 | 1.1.1.1 | 0x6ab5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.181827068 CET | 192.168.2.4 | 1.1.1.1 | 0xb6e3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.193883896 CET | 192.168.2.4 | 1.1.1.1 | 0x3dea | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.204827070 CET | 192.168.2.4 | 1.1.1.1 | 0xfb78 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.238082886 CET | 192.168.2.4 | 1.1.1.1 | 0xd62d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.271697044 CET | 192.168.2.4 | 1.1.1.1 | 0x1dbd | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.283339977 CET | 192.168.2.4 | 1.1.1.1 | 0xb435 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.294009924 CET | 192.168.2.4 | 1.1.1.1 | 0x7090 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.305702925 CET | 192.168.2.4 | 1.1.1.1 | 0x8471 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.317099094 CET | 192.168.2.4 | 1.1.1.1 | 0xcf5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.349088907 CET | 192.168.2.4 | 1.1.1.1 | 0x811a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.380559921 CET | 192.168.2.4 | 1.1.1.1 | 0xdd10 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.390535116 CET | 192.168.2.4 | 1.1.1.1 | 0xda0a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.402508020 CET | 192.168.2.4 | 1.1.1.1 | 0xf8fe | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.415702105 CET | 192.168.2.4 | 1.1.1.1 | 0x1e5d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.426805019 CET | 192.168.2.4 | 1.1.1.1 | 0x86a8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.458795071 CET | 192.168.2.4 | 1.1.1.1 | 0x3ffc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:36.080801964 CET | 192.168.2.4 | 1.1.1.1 | 0x7706 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:36.092027903 CET | 192.168.2.4 | 1.1.1.1 | 0x9fe3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:36.104963064 CET | 192.168.2.4 | 1.1.1.1 | 0x9e86 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:36.137752056 CET | 192.168.2.4 | 1.1.1.1 | 0xf846 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:36.150887012 CET | 192.168.2.4 | 1.1.1.1 | 0xc31d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:36.184926987 CET | 192.168.2.4 | 1.1.1.1 | 0x6ea2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:36.202963114 CET | 192.168.2.4 | 1.1.1.1 | 0xd1e1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.168531895 CET | 192.168.2.4 | 1.1.1.1 | 0xaff5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.179748058 CET | 192.168.2.4 | 1.1.1.1 | 0x245c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.190592051 CET | 192.168.2.4 | 1.1.1.1 | 0x7cc9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.222835064 CET | 192.168.2.4 | 1.1.1.1 | 0x1381 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.254793882 CET | 192.168.2.4 | 1.1.1.1 | 0xb81f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.265779972 CET | 192.168.2.4 | 1.1.1.1 | 0x95fe | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.297281981 CET | 192.168.2.4 | 1.1.1.1 | 0x4a6a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.328386068 CET | 192.168.2.4 | 1.1.1.1 | 0xe7ca | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.338747978 CET | 192.168.2.4 | 1.1.1.1 | 0x3f9b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.348999977 CET | 192.168.2.4 | 1.1.1.1 | 0x7bff | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.381479025 CET | 192.168.2.4 | 1.1.1.1 | 0x7059 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.415046930 CET | 192.168.2.4 | 1.1.1.1 | 0x21b1 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.426877022 CET | 192.168.2.4 | 1.1.1.1 | 0x52fb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:45.244280100 CET | 192.168.2.4 | 1.1.1.1 | 0x9b56 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:46.284641981 CET | 192.168.2.4 | 1.1.1.1 | 0xaedb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:47.315727949 CET | 192.168.2.4 | 1.1.1.1 | 0x7c6a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:48.331154108 CET | 192.168.2.4 | 1.1.1.1 | 0xe7ed | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:49.347044945 CET | 192.168.2.4 | 1.1.1.1 | 0xf9c0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:50.362693071 CET | 192.168.2.4 | 1.1.1.1 | 0xfb3c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:51.378467083 CET | 192.168.2.4 | 1.1.1.1 | 0x21b3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:52.409006119 CET | 192.168.2.4 | 1.1.1.1 | 0x1bc2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:53.424958944 CET | 192.168.2.4 | 1.1.1.1 | 0xf7f9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:54.472050905 CET | 192.168.2.4 | 1.1.1.1 | 0xedd4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:55.612168074 CET | 192.168.2.4 | 1.1.1.1 | 0x846e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:56.659132004 CET | 192.168.2.4 | 1.1.1.1 | 0x9680 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:57.675082922 CET | 192.168.2.4 | 1.1.1.1 | 0x33d4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:00.393326998 CET | 192.168.2.4 | 1.1.1.1 | 0xd02a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:01.440242052 CET | 192.168.2.4 | 1.1.1.1 | 0x412e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:02.455888987 CET | 192.168.2.4 | 1.1.1.1 | 0xaec0 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:03.471364975 CET | 192.168.2.4 | 1.1.1.1 | 0xee0d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:06.955768108 CET | 192.168.2.4 | 1.1.1.1 | 0x5172 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:07.971486092 CET | 192.168.2.4 | 1.1.1.1 | 0xc2cc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:08.987201929 CET | 192.168.2.4 | 1.1.1.1 | 0x979a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:10.002863884 CET | 192.168.2.4 | 1.1.1.1 | 0x6622 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:11.019175053 CET | 192.168.2.4 | 1.1.1.1 | 0xaf55 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:12.034075022 CET | 192.168.2.4 | 1.1.1.1 | 0x8f7d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:13.049737930 CET | 192.168.2.4 | 1.1.1.1 | 0x2cb9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:14.096457958 CET | 192.168.2.4 | 1.1.1.1 | 0x6480 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:15.143170118 CET | 192.168.2.4 | 1.1.1.1 | 0x42d8 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:16.190762997 CET | 192.168.2.4 | 1.1.1.1 | 0x4e46 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:17.206154108 CET | 192.168.2.4 | 1.1.1.1 | 0x99a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:18.221826077 CET | 192.168.2.4 | 1.1.1.1 | 0x429 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:19.238291025 CET | 192.168.2.4 | 1.1.1.1 | 0x7b65 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:20.221410990 CET | 192.168.2.4 | 1.1.1.1 | 0x55cb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:21.174698114 CET | 192.168.2.4 | 1.1.1.1 | 0xe7a2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:22.096545935 CET | 192.168.2.4 | 1.1.1.1 | 0x1d09 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:22.986951113 CET | 192.168.2.4 | 1.1.1.1 | 0x2f35 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:23.846404076 CET | 192.168.2.4 | 1.1.1.1 | 0x97c2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:24.674396992 CET | 192.168.2.4 | 1.1.1.1 | 0x3d68 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:25.487883091 CET | 192.168.2.4 | 1.1.1.1 | 0xf30f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:26.268379927 CET | 192.168.2.4 | 1.1.1.1 | 0xafff | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:27.174776077 CET | 192.168.2.4 | 1.1.1.1 | 0xec8d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:28.002542973 CET | 192.168.2.4 | 1.1.1.1 | 0x3807 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:28.013588905 CET | 192.168.2.4 | 1.1.1.1 | 0x458c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:28.045198917 CET | 192.168.2.4 | 1.1.1.1 | 0xe3ce | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Nov 7, 2024 15:57:25.631861925 CET | 1.1.1.1 | 192.168.2.4 | 0xaf52 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.645848989 CET | 1.1.1.1 | 192.168.2.4 | 0xecf2 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.656449080 CET | 1.1.1.1 | 192.168.2.4 | 0xad35 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.667129040 CET | 1.1.1.1 | 192.168.2.4 | 0xd76d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.677459955 CET | 1.1.1.1 | 192.168.2.4 | 0x91cd | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.687184095 CET | 1.1.1.1 | 192.168.2.4 | 0xd9e | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.719547987 CET | 1.1.1.1 | 192.168.2.4 | 0x37e1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.731822014 CET | 1.1.1.1 | 192.168.2.4 | 0xf3cb | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.742547989 CET | 1.1.1.1 | 192.168.2.4 | 0xbebe | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.753448009 CET | 1.1.1.1 | 192.168.2.4 | 0x3cce | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.763569117 CET | 1.1.1.1 | 192.168.2.4 | 0xceb2 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.795557022 CET | 1.1.1.1 | 192.168.2.4 | 0x179 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.805303097 CET | 1.1.1.1 | 192.168.2.4 | 0x9d0b | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.815865040 CET | 1.1.1.1 | 192.168.2.4 | 0xc039 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:25.850419998 CET | 1.1.1.1 | 192.168.2.4 | 0x1b99 | No error (0) | 7450.bodis.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Nov 7, 2024 15:57:25.850419998 CET | 1.1.1.1 | 192.168.2.4 | 0x1b99 | No error (0) | 199.59.243.227 | A (IP address) | IN (0x0001) | false | ||
Nov 7, 2024 15:57:26.516118050 CET | 1.1.1.1 | 192.168.2.4 | 0x2bf5 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:26.530613899 CET | 1.1.1.1 | 192.168.2.4 | 0x469a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:26.540194035 CET | 1.1.1.1 | 192.168.2.4 | 0xfc0d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:26.551168919 CET | 1.1.1.1 | 192.168.2.4 | 0x7f50 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:26.746041059 CET | 1.1.1.1 | 192.168.2.4 | 0xc09a | No error (0) | 18.143.155.63 | A (IP address) | IN (0x0001) | false | ||
Nov 7, 2024 15:57:28.640121937 CET | 1.1.1.1 | 192.168.2.4 | 0x88ef | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.651575089 CET | 1.1.1.1 | 192.168.2.4 | 0x7907 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.683953047 CET | 1.1.1.1 | 192.168.2.4 | 0x8d09 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.695125103 CET | 1.1.1.1 | 192.168.2.4 | 0x1099 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.717513084 CET | 1.1.1.1 | 192.168.2.4 | 0x198b | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.749032974 CET | 1.1.1.1 | 192.168.2.4 | 0x4b45 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.761738062 CET | 1.1.1.1 | 192.168.2.4 | 0x8330 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.769593954 CET | 1.1.1.1 | 192.168.2.4 | 0x18dc | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.802685022 CET | 1.1.1.1 | 192.168.2.4 | 0x3a59 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.813733101 CET | 1.1.1.1 | 192.168.2.4 | 0x91f1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.846529961 CET | 1.1.1.1 | 192.168.2.4 | 0xf8a5 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.922717094 CET | 1.1.1.1 | 192.168.2.4 | 0xf0d9 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.975121975 CET | 1.1.1.1 | 192.168.2.4 | 0xfdaf | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:28.995428085 CET | 1.1.1.1 | 192.168.2.4 | 0x27df | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.033108950 CET | 1.1.1.1 | 192.168.2.4 | 0xe933 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.088630915 CET | 1.1.1.1 | 192.168.2.4 | 0x21c1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.100744009 CET | 1.1.1.1 | 192.168.2.4 | 0xeff5 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.114103079 CET | 1.1.1.1 | 192.168.2.4 | 0x60dc | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.125330925 CET | 1.1.1.1 | 192.168.2.4 | 0xc60d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.135571003 CET | 1.1.1.1 | 192.168.2.4 | 0x41ab | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.146785975 CET | 1.1.1.1 | 192.168.2.4 | 0xe98b | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.160728931 CET | 1.1.1.1 | 192.168.2.4 | 0x1cb1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.195027113 CET | 1.1.1.1 | 192.168.2.4 | 0x8867 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.205692053 CET | 1.1.1.1 | 192.168.2.4 | 0x6e2c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.216232061 CET | 1.1.1.1 | 192.168.2.4 | 0x4386 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.248083115 CET | 1.1.1.1 | 192.168.2.4 | 0x9e32 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.259063959 CET | 1.1.1.1 | 192.168.2.4 | 0x2bae | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.271241903 CET | 1.1.1.1 | 192.168.2.4 | 0xc762 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.289757013 CET | 1.1.1.1 | 192.168.2.4 | 0x1a63 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.300761938 CET | 1.1.1.1 | 192.168.2.4 | 0xbd41 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.311243057 CET | 1.1.1.1 | 192.168.2.4 | 0x6c1c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.321863890 CET | 1.1.1.1 | 192.168.2.4 | 0x1ba9 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.333460093 CET | 1.1.1.1 | 192.168.2.4 | 0x98a6 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.341922998 CET | 1.1.1.1 | 192.168.2.4 | 0xa1e0 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.373936892 CET | 1.1.1.1 | 192.168.2.4 | 0x6e61 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.385025024 CET | 1.1.1.1 | 192.168.2.4 | 0x3ed8 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.395087004 CET | 1.1.1.1 | 192.168.2.4 | 0x3f9d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.427052975 CET | 1.1.1.1 | 192.168.2.4 | 0x77ca | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.458486080 CET | 1.1.1.1 | 192.168.2.4 | 0xb6f6 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.478652954 CET | 1.1.1.1 | 192.168.2.4 | 0x9177 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.489219904 CET | 1.1.1.1 | 192.168.2.4 | 0xd39c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.521697044 CET | 1.1.1.1 | 192.168.2.4 | 0x9d90 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.532649040 CET | 1.1.1.1 | 192.168.2.4 | 0xd092 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.543586969 CET | 1.1.1.1 | 192.168.2.4 | 0x2300 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.551742077 CET | 1.1.1.1 | 192.168.2.4 | 0xe73b | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.563178062 CET | 1.1.1.1 | 192.168.2.4 | 0x2055 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.574742079 CET | 1.1.1.1 | 192.168.2.4 | 0x4b45 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.605519056 CET | 1.1.1.1 | 192.168.2.4 | 0xc24a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.639822006 CET | 1.1.1.1 | 192.168.2.4 | 0xb9fc | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.800131083 CET | 1.1.1.1 | 192.168.2.4 | 0xab7 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.810688019 CET | 1.1.1.1 | 192.168.2.4 | 0xd36d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.819685936 CET | 1.1.1.1 | 192.168.2.4 | 0xbcf | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:29.851707935 CET | 1.1.1.1 | 192.168.2.4 | 0x2629 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:30.071521997 CET | 1.1.1.1 | 192.168.2.4 | 0x611a | No error (0) | 54.244.188.177 | A (IP address) | IN (0x0001) | false | ||
Nov 7, 2024 15:57:31.045245886 CET | 1.1.1.1 | 192.168.2.4 | 0xf2d2 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.056803942 CET | 1.1.1.1 | 192.168.2.4 | 0xc0c4 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.067895889 CET | 1.1.1.1 | 192.168.2.4 | 0x916d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.079752922 CET | 1.1.1.1 | 192.168.2.4 | 0x8812 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.093905926 CET | 1.1.1.1 | 192.168.2.4 | 0x1cb6 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.129702091 CET | 1.1.1.1 | 192.168.2.4 | 0x25cb | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.160774946 CET | 1.1.1.1 | 192.168.2.4 | 0x150f | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.170933962 CET | 1.1.1.1 | 192.168.2.4 | 0xe252 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.178939104 CET | 1.1.1.1 | 192.168.2.4 | 0xbaaa | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.191473961 CET | 1.1.1.1 | 192.168.2.4 | 0x72df | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.203186035 CET | 1.1.1.1 | 192.168.2.4 | 0x69ca | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.217197895 CET | 1.1.1.1 | 192.168.2.4 | 0x6ec2 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.228225946 CET | 1.1.1.1 | 192.168.2.4 | 0x61fa | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.271872997 CET | 1.1.1.1 | 192.168.2.4 | 0xd02d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.282432079 CET | 1.1.1.1 | 192.168.2.4 | 0xa6ca | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.290476084 CET | 1.1.1.1 | 192.168.2.4 | 0xe30e | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.303997993 CET | 1.1.1.1 | 192.168.2.4 | 0xe750 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.337970972 CET | 1.1.1.1 | 192.168.2.4 | 0x2190 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.348360062 CET | 1.1.1.1 | 192.168.2.4 | 0x56de | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.359241009 CET | 1.1.1.1 | 192.168.2.4 | 0xd2ab | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.370657921 CET | 1.1.1.1 | 192.168.2.4 | 0x86ed | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.381814957 CET | 1.1.1.1 | 192.168.2.4 | 0x8f12 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.393755913 CET | 1.1.1.1 | 192.168.2.4 | 0x588c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.404901981 CET | 1.1.1.1 | 192.168.2.4 | 0x727c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.416102886 CET | 1.1.1.1 | 192.168.2.4 | 0x9aae | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:31.808114052 CET | 1.1.1.1 | 192.168.2.4 | 0x74a2 | No error (0) | 7450.bodis.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Nov 7, 2024 15:57:31.808114052 CET | 1.1.1.1 | 192.168.2.4 | 0x74a2 | No error (0) | 199.59.243.227 | A (IP address) | IN (0x0001) | false | ||
Nov 7, 2024 15:57:32.451536894 CET | 1.1.1.1 | 192.168.2.4 | 0xbd99 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.484488010 CET | 1.1.1.1 | 192.168.2.4 | 0xbe38 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.495065928 CET | 1.1.1.1 | 192.168.2.4 | 0xe81b | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.535895109 CET | 1.1.1.1 | 192.168.2.4 | 0x2a29 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.546379089 CET | 1.1.1.1 | 192.168.2.4 | 0x28aa | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.579175949 CET | 1.1.1.1 | 192.168.2.4 | 0x4d0c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.589665890 CET | 1.1.1.1 | 192.168.2.4 | 0xc290 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.622515917 CET | 1.1.1.1 | 192.168.2.4 | 0xd67d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.653708935 CET | 1.1.1.1 | 192.168.2.4 | 0xdeff | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.664206028 CET | 1.1.1.1 | 192.168.2.4 | 0x1490 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:32.859258890 CET | 1.1.1.1 | 192.168.2.4 | 0xfc65 | No error (0) | 18.143.155.63 | A (IP address) | IN (0x0001) | false | ||
Nov 7, 2024 15:57:34.752906084 CET | 1.1.1.1 | 192.168.2.4 | 0x5af2 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.763824940 CET | 1.1.1.1 | 192.168.2.4 | 0xe748 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.775659084 CET | 1.1.1.1 | 192.168.2.4 | 0x9737 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.785609007 CET | 1.1.1.1 | 192.168.2.4 | 0xdfaa | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.819991112 CET | 1.1.1.1 | 192.168.2.4 | 0xabc7 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.831909895 CET | 1.1.1.1 | 192.168.2.4 | 0xf5e5 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.842245102 CET | 1.1.1.1 | 192.168.2.4 | 0xc2af | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.852189064 CET | 1.1.1.1 | 192.168.2.4 | 0xeb89 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.862122059 CET | 1.1.1.1 | 192.168.2.4 | 0x9cde | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.894512892 CET | 1.1.1.1 | 192.168.2.4 | 0xe005 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.927958965 CET | 1.1.1.1 | 192.168.2.4 | 0x369f | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.960393906 CET | 1.1.1.1 | 192.168.2.4 | 0x87b4 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:34.991811991 CET | 1.1.1.1 | 192.168.2.4 | 0x410a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.005132914 CET | 1.1.1.1 | 192.168.2.4 | 0xeab | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.016954899 CET | 1.1.1.1 | 192.168.2.4 | 0xf201 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.049014091 CET | 1.1.1.1 | 192.168.2.4 | 0x2536 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.061455965 CET | 1.1.1.1 | 192.168.2.4 | 0x2ec5 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.095782995 CET | 1.1.1.1 | 192.168.2.4 | 0x6f2f | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.113306999 CET | 1.1.1.1 | 192.168.2.4 | 0x5c75 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.146603107 CET | 1.1.1.1 | 192.168.2.4 | 0x7d62 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.159138918 CET | 1.1.1.1 | 192.168.2.4 | 0xc3dc | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.170059919 CET | 1.1.1.1 | 192.168.2.4 | 0x99a8 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.181094885 CET | 1.1.1.1 | 192.168.2.4 | 0x6ab5 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.193017006 CET | 1.1.1.1 | 192.168.2.4 | 0xb6e3 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.204135895 CET | 1.1.1.1 | 192.168.2.4 | 0x3dea | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.237279892 CET | 1.1.1.1 | 192.168.2.4 | 0xfb78 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.270993948 CET | 1.1.1.1 | 192.168.2.4 | 0xd62d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.282653093 CET | 1.1.1.1 | 192.168.2.4 | 0x1dbd | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.293380022 CET | 1.1.1.1 | 192.168.2.4 | 0xb435 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.304930925 CET | 1.1.1.1 | 192.168.2.4 | 0x7090 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.316421032 CET | 1.1.1.1 | 192.168.2.4 | 0x8471 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.348077059 CET | 1.1.1.1 | 192.168.2.4 | 0xcf5 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.379626036 CET | 1.1.1.1 | 192.168.2.4 | 0x811a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.389906883 CET | 1.1.1.1 | 192.168.2.4 | 0xdd10 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.401525021 CET | 1.1.1.1 | 192.168.2.4 | 0xda0a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.414895058 CET | 1.1.1.1 | 192.168.2.4 | 0xf8fe | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.426203012 CET | 1.1.1.1 | 192.168.2.4 | 0x1e5d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:35.457942963 CET | 1.1.1.1 | 192.168.2.4 | 0x86a8 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:36.091259003 CET | 1.1.1.1 | 192.168.2.4 | 0x7706 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:36.104262114 CET | 1.1.1.1 | 192.168.2.4 | 0x9fe3 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:36.136810064 CET | 1.1.1.1 | 192.168.2.4 | 0x9e86 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:36.150038958 CET | 1.1.1.1 | 192.168.2.4 | 0xf846 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:36.183873892 CET | 1.1.1.1 | 192.168.2.4 | 0xc31d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:36.195394993 CET | 1.1.1.1 | 192.168.2.4 | 0x6ea2 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:36.289940119 CET | 1.1.1.1 | 192.168.2.4 | 0xd1e1 | No error (0) | 85.214.228.140 | A (IP address) | IN (0x0001) | false | ||
Nov 7, 2024 15:57:37.178915977 CET | 1.1.1.1 | 192.168.2.4 | 0xaff5 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.188942909 CET | 1.1.1.1 | 192.168.2.4 | 0x245c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.220582962 CET | 1.1.1.1 | 192.168.2.4 | 0x7cc9 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.253858089 CET | 1.1.1.1 | 192.168.2.4 | 0x1381 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.264949083 CET | 1.1.1.1 | 192.168.2.4 | 0xb81f | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.296228886 CET | 1.1.1.1 | 192.168.2.4 | 0x95fe | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.327457905 CET | 1.1.1.1 | 192.168.2.4 | 0x4a6a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.337937117 CET | 1.1.1.1 | 192.168.2.4 | 0xe7ca | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.348233938 CET | 1.1.1.1 | 192.168.2.4 | 0x3f9b | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.380656958 CET | 1.1.1.1 | 192.168.2.4 | 0x7bff | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.414180040 CET | 1.1.1.1 | 192.168.2.4 | 0x7059 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.425971985 CET | 1.1.1.1 | 192.168.2.4 | 0x21b1 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:57:37.437093973 CET | 1.1.1.1 | 192.168.2.4 | 0x52fb | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:45.275635004 CET | 1.1.1.1 | 192.168.2.4 | 0x9b56 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:46.295077085 CET | 1.1.1.1 | 192.168.2.4 | 0xaedb | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:47.325715065 CET | 1.1.1.1 | 192.168.2.4 | 0x7c6a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:48.339792013 CET | 1.1.1.1 | 192.168.2.4 | 0xe7ed | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:49.359157085 CET | 1.1.1.1 | 192.168.2.4 | 0xf9c0 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:50.372262955 CET | 1.1.1.1 | 192.168.2.4 | 0xfb3c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:51.387005091 CET | 1.1.1.1 | 192.168.2.4 | 0x21b3 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:52.418625116 CET | 1.1.1.1 | 192.168.2.4 | 0x1bc2 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:53.456137896 CET | 1.1.1.1 | 192.168.2.4 | 0xf7f9 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:54.483752012 CET | 1.1.1.1 | 192.168.2.4 | 0xedd4 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:55.643434048 CET | 1.1.1.1 | 192.168.2.4 | 0x846e | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:56.669537067 CET | 1.1.1.1 | 192.168.2.4 | 0x9680 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:58:57.685509920 CET | 1.1.1.1 | 192.168.2.4 | 0x33d4 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:00.424079895 CET | 1.1.1.1 | 192.168.2.4 | 0xd02a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:01.449789047 CET | 1.1.1.1 | 192.168.2.4 | 0x412e | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:02.465276003 CET | 1.1.1.1 | 192.168.2.4 | 0xaec0 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:03.483633995 CET | 1.1.1.1 | 192.168.2.4 | 0xee0d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:06.965877056 CET | 1.1.1.1 | 192.168.2.4 | 0x5172 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:07.981679916 CET | 1.1.1.1 | 192.168.2.4 | 0xc2cc | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:08.996021032 CET | 1.1.1.1 | 192.168.2.4 | 0x979a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:10.013009071 CET | 1.1.1.1 | 192.168.2.4 | 0x6622 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:11.029616117 CET | 1.1.1.1 | 192.168.2.4 | 0xaf55 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:12.045104980 CET | 1.1.1.1 | 192.168.2.4 | 0x8f7d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:13.081716061 CET | 1.1.1.1 | 192.168.2.4 | 0x2cb9 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:14.126576900 CET | 1.1.1.1 | 192.168.2.4 | 0x6480 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:15.174979925 CET | 1.1.1.1 | 192.168.2.4 | 0x42d8 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:16.201395988 CET | 1.1.1.1 | 192.168.2.4 | 0x4e46 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:17.215400934 CET | 1.1.1.1 | 192.168.2.4 | 0x99a | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:18.232784033 CET | 1.1.1.1 | 192.168.2.4 | 0x429 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:19.247200012 CET | 1.1.1.1 | 192.168.2.4 | 0x7b65 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:20.231200933 CET | 1.1.1.1 | 192.168.2.4 | 0x55cb | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:21.185820103 CET | 1.1.1.1 | 192.168.2.4 | 0xe7a2 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:22.107166052 CET | 1.1.1.1 | 192.168.2.4 | 0x1d09 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:22.996701002 CET | 1.1.1.1 | 192.168.2.4 | 0x2f35 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:23.855959892 CET | 1.1.1.1 | 192.168.2.4 | 0x97c2 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:24.681726933 CET | 1.1.1.1 | 192.168.2.4 | 0x3d68 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:25.497222900 CET | 1.1.1.1 | 192.168.2.4 | 0xf30f | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:26.427541018 CET | 1.1.1.1 | 192.168.2.4 | 0xafff | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:27.184636116 CET | 1.1.1.1 | 192.168.2.4 | 0xec8d | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:28.012492895 CET | 1.1.1.1 | 192.168.2.4 | 0x3807 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:28.044290066 CET | 1.1.1.1 | 192.168.2.4 | 0x458c | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Nov 7, 2024 15:59:28.054019928 CET | 1.1.1.1 | 192.168.2.4 | 0xe3ce | Name error (3) | none | none | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 56255 | 199.59.243.227 | 80 | 6980 | C:\vdjmzgowdzhfmld\skjlipudplp.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Nov 7, 2024 15:57:25.858414888 CET | 84 | OUT | |
Nov 7, 2024 15:57:26.487468004 CET | 1236 | IN | |
Nov 7, 2024 15:57:26.487528086 CET | 519 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 56256 | 18.143.155.63 | 80 | 6980 | C:\vdjmzgowdzhfmld\skjlipudplp.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Nov 7, 2024 15:57:26.751705885 CET | 83 | OUT | |
Nov 7, 2024 15:57:28.186042070 CET | 387 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 56257 | 54.244.188.177 | 80 | 6980 | C:\vdjmzgowdzhfmld\skjlipudplp.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Nov 7, 2024 15:57:30.077418089 CET | 84 | OUT | |
Nov 7, 2024 15:57:30.916203022 CET | 388 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 56258 | 199.59.243.227 | 80 | 6980 | C:\vdjmzgowdzhfmld\skjlipudplp.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Nov 7, 2024 15:57:31.813858986 CET | 82 | OUT | |
Nov 7, 2024 15:57:32.439815044 CET | 1236 | IN | |
Nov 7, 2024 15:57:32.440130949 CET | 515 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 56259 | 18.143.155.63 | 80 | 6980 | C:\vdjmzgowdzhfmld\skjlipudplp.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Nov 7, 2024 15:57:32.865911007 CET | 86 | OUT | |
Nov 7, 2024 15:57:34.301917076 CET | 390 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 52906 | 85.214.228.140 | 80 | 6980 | C:\vdjmzgowdzhfmld\skjlipudplp.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Nov 7, 2024 15:57:36.295778990 CET | 85 | OUT | |
Nov 7, 2024 15:57:37.167211056 CET | 176 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.4 | 53059 | 199.59.243.227 | 80 | 5320 | C:\vdjmzgowdzhfmld\skjlipudplp.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Nov 7, 2024 15:58:58.696934938 CET | 84 | OUT | |
Nov 7, 2024 15:58:59.354711056 CET | 1236 | IN | |
Nov 7, 2024 15:58:59.354749918 CET | 519 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.4 | 53060 | 18.143.155.63 | 80 | 5320 | C:\vdjmzgowdzhfmld\skjlipudplp.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Nov 7, 2024 15:59:04.492487907 CET | 83 | OUT | |
Nov 7, 2024 15:59:05.946990013 CET | 387 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 09:57:20 |
Start date: | 07/11/2024 |
Path: | C:\Users\user\Desktop\YiqjcLlhew.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0xcf0000 |
File size: | 282'112 bytes |
MD5 hash: | F51DA33B8F97EC40E1960522549DCCA7 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 1 |
Start time: | 09:57:20 |
Start date: | 07/11/2024 |
Path: | C:\vdjmzgowdzhfmld\kfdag3aedbkjqfngi9xbw.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0xda0000 |
File size: | 282'112 bytes |
MD5 hash: | F51DA33B8F97EC40E1960522549DCCA7 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Antivirus matches: |
|
Reputation: | low |
Has exited: | true |
Target ID: | 2 |
Start time: | 09:57:20 |
Start date: | 07/11/2024 |
Path: | C:\vdjmzgowdzhfmld\skjlipudplp.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x470000 |
File size: | 282'112 bytes |
MD5 hash: | F51DA33B8F97EC40E1960522549DCCA7 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Antivirus matches: |
|
Reputation: | low |
Has exited: | true |
Target ID: | 3 |
Start time: | 09:57:22 |
Start date: | 07/11/2024 |
Path: | C:\vdjmzgowdzhfmld\xmjofjnkdlv.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x50000 |
File size: | 282'112 bytes |
MD5 hash: | F51DA33B8F97EC40E1960522549DCCA7 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Antivirus matches: |
|
Reputation: | low |
Has exited: | true |
Target ID: | 4 |
Start time: | 09:57:23 |
Start date: | 07/11/2024 |
Path: | C:\vdjmzgowdzhfmld\skjlipudplp.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x470000 |
File size: | 282'112 bytes |
MD5 hash: | F51DA33B8F97EC40E1960522549DCCA7 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |
Target ID: | 9 |
Start time: | 09:58:39 |
Start date: | 07/11/2024 |
Path: | C:\vdjmzgowdzhfmld\skjlipudplp.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x470000 |
File size: | 282'112 bytes |
MD5 hash: | F51DA33B8F97EC40E1960522549DCCA7 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 10 |
Start time: | 09:58:40 |
Start date: | 07/11/2024 |
Path: | C:\vdjmzgowdzhfmld\xmjofjnkdlv.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x4b0000 |
File size: | 282'112 bytes |
MD5 hash: | F51DA33B8F97EC40E1960522549DCCA7 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Execution Graph
Execution Coverage: | 7% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 43.7% |
Total number of Nodes: | 1525 |
Total number of Limit Nodes: | 24 |
Graph
Function 00D1D0EB Relevance: 59.9, APIs: 28, Strings: 5, Instructions: 2186synchronizationsleepCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CF7FA0 Relevance: 29.0, APIs: 12, Strings: 4, Instructions: 990fileCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D11510 Relevance: 3.1, APIs: 2, Instructions: 100memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D259B0 Relevance: 3.0, APIs: 2, Instructions: 12memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D0B387 Relevance: 1.8, Strings: 1, Instructions: 532COMMON
Control-flow Graph
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CFB1D0 Relevance: 10.8, APIs: 7, Instructions: 282fileCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D05EB0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 123processCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D156A0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 24memoryCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CF70D0 Relevance: 4.8, APIs: 3, Instructions: 285fileCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CF7309 Relevance: 3.1, APIs: 2, Instructions: 134fileCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CF7307 Relevance: 3.1, APIs: 2, Instructions: 134fileCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D15535 Relevance: 1.6, APIs: 1, Instructions: 50COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CFC9B0 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D18A10 Relevance: 1.3, APIs: 1, Instructions: 72stringCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D236D0 Relevance: 21.8, APIs: 11, Strings: 1, Instructions: 814memorylibraryloaderCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CF53B0 Relevance: 17.7, APIs: 9, Strings: 1, Instructions: 203serviceCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D0E206 Relevance: 13.4, Strings: 10, Instructions: 907COMMON
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D10250 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 235processCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D0422D Relevance: 4.9, Strings: 3, Instructions: 1129COMMON
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D20930 Relevance: 4.8, Strings: 3, Instructions: 1084COMMON
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D248F0 Relevance: 4.7, Strings: 3, Instructions: 958COMMON
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D0E1D6 Relevance: 4.4, Strings: 3, Instructions: 641COMMON
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CF2AE0 Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 690sleepCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CF9820 Relevance: 3.7, APIs: 2, Instructions: 677threadCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CF7A90 Relevance: 3.1, APIs: 2, Instructions: 90timeCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CFD1F0 Relevance: 2.0, Strings: 1, Instructions: 740COMMON
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D0D243 Relevance: 2.0, Strings: 1, Instructions: 719COMMON
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D0D271 Relevance: 1.8, Strings: 1, Instructions: 515COMMON
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CFD446 Relevance: 1.7, Strings: 1, Instructions: 472COMMON
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CF6430 Relevance: 1.5, APIs: 1, Instructions: 17COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CFA6F0 Relevance: .4, Instructions: 448COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D22170 Relevance: .4, Instructions: 443COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D202F0 Relevance: .4, Instructions: 375COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D1F790 Relevance: .4, Instructions: 356COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D10670 Relevance: .4, Instructions: 355COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CF45C0 Relevance: .3, Instructions: 305COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D13860 Relevance: .3, Instructions: 285COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D15710 Relevance: .2, Instructions: 220COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CFCA00 Relevance: 30.2, APIs: 15, Strings: 2, Instructions: 426pipeprocessfileCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D13F70 Relevance: 14.4, APIs: 7, Strings: 1, Instructions: 383processCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00CF6000 Relevance: 12.2, APIs: 8, Instructions: 208registrysynchronizationCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D18650 Relevance: 7.6, APIs: 5, Instructions: 99synchronizationthreadCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D126B0 Relevance: 6.3, APIs: 4, Instructions: 281fileCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00D13790 Relevance: 6.0, APIs: 4, Instructions: 48memoryCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Execution Graph
Execution Coverage: | 11.1% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 2.5% |
Total number of Nodes: | 1708 |
Total number of Limit Nodes: | 34 |
Graph
Function 00DCD0EB Relevance: 61.7, APIs: 29, Strings: 5, Instructions: 2186synchronizationsleepCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DA7FA0 Relevance: 27.2, APIs: 12, Strings: 3, Instructions: 990fileCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DD36D0 Relevance: 25.3, APIs: 13, Strings: 1, Instructions: 814memorylibraryloaderCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DA53B0 Relevance: 17.7, APIs: 9, Strings: 1, Instructions: 203serviceCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DB0950 Relevance: 2.2, APIs: 1, Instructions: 742COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DB5EB0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 123processCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DC26B0 Relevance: 6.3, APIs: 4, Instructions: 281fileCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DA2510 Relevance: 5.6, APIs: 2, Strings: 1, Instructions: 326libraryloaderCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DC56A0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 24memoryCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DA70D0 Relevance: 4.8, APIs: 3, Instructions: 285fileCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DA7309 Relevance: 3.1, APIs: 2, Instructions: 134fileCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DA7307 Relevance: 3.1, APIs: 2, Instructions: 134fileCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DC1510 Relevance: 3.1, APIs: 2, Instructions: 100memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DD59B0 Relevance: 3.0, APIs: 2, Instructions: 12memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DB5770 Relevance: 1.7, APIs: 1, Instructions: 168fileCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DC5535 Relevance: 1.6, APIs: 1, Instructions: 50COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DAC9B0 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DC8A10 Relevance: 1.3, APIs: 1, Instructions: 72stringCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DACA00 Relevance: 30.2, APIs: 15, Strings: 2, Instructions: 426pipeprocessfileCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DC3F70 Relevance: 14.4, APIs: 7, Strings: 1, Instructions: 383processCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DA6000 Relevance: 12.2, APIs: 8, Instructions: 208registrysynchronizationCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DAB1D0 Relevance: 10.8, APIs: 7, Instructions: 282fileCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DC0250 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 235processCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DC8650 Relevance: 7.6, APIs: 5, Instructions: 99synchronizationthreadCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00DC3790 Relevance: 6.0, APIs: 4, Instructions: 48memoryCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Execution Graph
Execution Coverage: | 12.8% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 0% |
Total number of Nodes: | 1693 |
Total number of Limit Nodes: | 54 |
Graph
Function 0049D0EB Relevance: 63.4, APIs: 29, Strings: 6, Instructions: 2186synchronizationsleepCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00477FA0 Relevance: 27.2, APIs: 12, Strings: 3, Instructions: 990fileCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004A36D0 Relevance: 25.3, APIs: 13, Strings: 1, Instructions: 814memorylibraryloaderCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00472AE0 Relevance: 8.2, APIs: 1, Strings: 4, Instructions: 690sleepCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00480950 Relevance: 2.2, APIs: 1, Instructions: 742COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00476430 Relevance: 1.5, APIs: 1, Instructions: 17COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00476000 Relevance: 12.2, APIs: 8, Instructions: 208registrysynchronizationCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00490250 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 235processCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00485EB0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 123processCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00472510 Relevance: 5.6, APIs: 2, Strings: 1, Instructions: 326libraryloaderCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004956A0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 24memoryCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004770D0 Relevance: 4.8, APIs: 3, Instructions: 285fileCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00477307 Relevance: 3.1, APIs: 2, Instructions: 134fileCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00477309 Relevance: 3.1, APIs: 2, Instructions: 134fileCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00491510 Relevance: 3.1, APIs: 2, Instructions: 100memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004A59B0 Relevance: 3.0, APIs: 2, Instructions: 12memoryCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00485770 Relevance: 1.7, APIs: 1, Instructions: 168fileCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00496F70 Relevance: 1.7, APIs: 1, Instructions: 162fileCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00495535 Relevance: 1.6, APIs: 1, Instructions: 50COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00492BA0 Relevance: 1.4, APIs: 1, Instructions: 194sleepCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00498A10 Relevance: 1.3, APIs: 1, Instructions: 72stringCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004753B0 Relevance: 17.7, APIs: 9, Strings: 1, Instructions: 203serviceCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0047CA00 Relevance: 31.9, APIs: 15, Strings: 3, Instructions: 426pipeprocessfileCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00493F70 Relevance: 14.4, APIs: 7, Strings: 1, Instructions: 383processCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0047B1D0 Relevance: 10.8, APIs: 7, Instructions: 282fileCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00498650 Relevance: 7.6, APIs: 5, Instructions: 99synchronizationthreadCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004926B0 Relevance: 6.3, APIs: 4, Instructions: 281fileCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00493790 Relevance: 6.0, APIs: 4, Instructions: 48memoryCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004A4650 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 150timeCOMMON
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Execution Graph
Execution Coverage: | 6.5% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 0% |
Total number of Nodes: | 1540 |
Total number of Limit Nodes: | 21 |
Graph
Function 0007D0EB Relevance: 63.4, APIs: 28, Strings: 7, Instructions: 2186synchronizationsleepCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00057FA0 Relevance: 27.2, APIs: 12, Strings: 3, Instructions: 990fileCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00065EB0 Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 123processCOMMON
Control-flow Graph
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00070250 Relevance: 10.7, APIs: 4, Strings: 2, Instructions: 235processCOMMON
Control-flow Graph
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 000756A0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 24memoryCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 000570D0 Relevance: 4.8, APIs: 3, Instructions: 285fileCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00057307 Relevance: 3.1, APIs: 2, Instructions: 134fileCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00057309 Relevance: 3.1, APIs: 2, Instructions: 134fileCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00071510 Relevance: 3.1, APIs: 2, Instructions: 100memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 000859B0 Relevance: 3.0, APIs: 2, Instructions: 12memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00075535 Relevance: 1.6, APIs: 1, Instructions: 50COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0005C9B0 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00078A10 Relevance: 1.3, APIs: 1, Instructions: 72stringCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 000553B0 Relevance: 17.7, APIs: 9, Strings: 1, Instructions: 203serviceCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0005CA00 Relevance: 30.2, APIs: 15, Strings: 2, Instructions: 426pipeprocessfileCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00073F70 Relevance: 14.4, APIs: 7, Strings: 1, Instructions: 383processCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00056000 Relevance: 12.2, APIs: 8, Instructions: 208registrysynchronizationCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0005B1D0 Relevance: 10.8, APIs: 7, Instructions: 282fileCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00051700 Relevance: 9.0, APIs: 3, Strings: 2, Instructions: 292sleepfileCOMMON
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00078650 Relevance: 7.6, APIs: 5, Instructions: 99synchronizationthreadCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 000726B0 Relevance: 6.3, APIs: 4, Instructions: 281fileCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00073790 Relevance: 6.0, APIs: 4, Instructions: 48memoryCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Execution Graph
Execution Coverage: | 4.7% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 0% |
Total number of Nodes: | 1529 |
Total number of Limit Nodes: | 25 |
Graph
Function 0049D0EB Relevance: 58.2, APIs: 28, Strings: 4, Instructions: 2186synchronizationsleepCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00477FA0 Relevance: 27.2, APIs: 12, Strings: 3, Instructions: 990fileCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004956A0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 24memoryCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004770D0 Relevance: 4.8, APIs: 3, Instructions: 285fileCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00477307 Relevance: 3.1, APIs: 2, Instructions: 134fileCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00477309 Relevance: 3.1, APIs: 2, Instructions: 134fileCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00491510 Relevance: 3.1, APIs: 2, Instructions: 100memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004A59B0 Relevance: 3.0, APIs: 2, Instructions: 12memoryCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00485770 Relevance: 1.7, APIs: 1, Instructions: 168fileCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00495535 Relevance: 1.6, APIs: 1, Instructions: 50COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0047C9B0 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00498A10 Relevance: 1.3, APIs: 1, Instructions: 72stringCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004753B0 Relevance: 17.7, APIs: 9, Strings: 1, Instructions: 203serviceCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0047CA00 Relevance: 30.2, APIs: 15, Strings: 2, Instructions: 426pipeprocessfileCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00493F70 Relevance: 14.4, APIs: 7, Strings: 1, Instructions: 383processCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00476000 Relevance: 12.2, APIs: 8, Instructions: 208registrysynchronizationCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0047B1D0 Relevance: 10.8, APIs: 7, Instructions: 282fileCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00490250 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 235processCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00498650 Relevance: 7.6, APIs: 5, Instructions: 99synchronizationthreadCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00485EB0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 123processCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004926B0 Relevance: 6.3, APIs: 4, Instructions: 281fileCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00493790 Relevance: 6.0, APIs: 4, Instructions: 48memoryCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004A4650 Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 150timeCOMMON
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004DD0EB Relevance: 61.7, APIs: 28, Strings: 6, Instructions: 2186synchronizationsleepCOMMON
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 004B70D0 Relevance: 4.8, APIs: 3, Instructions: 285fileCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|