Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
boatnet.m68k.elf

Overview

General Information

Sample name:boatnet.m68k.elf
Analysis ID:1570542
MD5:a05602ec77a6fafe8b5c2441d7a5870e
SHA1:b304074091f184e4846d096dfc83ff25d67b65f7
SHA256:f35ff8be3da236cb6ea6d8c1982444854ae8b2fc66e2f36f83d9e6b2cce4370b
Tags:elfuser-abuse_ch
Infos:

Detection

Mirai
Score:76
Range:0 - 100
Whitelisted:false

Signatures

Antivirus / Scanner detection for submitted sample
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Yara detected Mirai
Sample tries to kill multiple processes (SIGKILL)
Creates hidden files and/or directories
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Sample has stripped symbol table
Sample tries to kill a process (SIGKILL)
Uses the "uname" system call to query kernel version information (possible evasion)
Yara signature match

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1570542
Start date and time:2024-12-07 08:59:34 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 4m 46s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:boatnet.m68k.elf
Detection:MAL
Classification:mal76.spre.troj.linELF@0/0@2/0

Runtime Messages

Command:/tmp/boatnet.m68k.elf
PID:5509
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
lzrd cock fest"/proc/"/exe
Standard Error:

Process Tree

  • system is lnxubuntu20
  • wrapper-2.0 (PID: 5521, Parent: 3172, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray "Notification Area" "Area where notification icons appear"
  • wrapper-2.0 (PID: 5522, Parent: 3172, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921 statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
  • wrapper-2.0 (PID: 5523, Parent: 3172, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8 12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
  • wrapper-2.0 (PID: 5524, Parent: 3172, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9 12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness of your display"
    • xfpm-power-backlight-helper (PID: 5543, Parent: 5524, MD5: 3d221ad23f28ca3259f599b1664e2427) Arguments: /usr/sbin/xfpm-power-backlight-helper --get-max-brightness
  • wrapper-2.0 (PID: 5525, Parent: 3172, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so 10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
  • wrapper-2.0 (PID: 5526, Parent: 3172, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925 actions "Action Buttons" "Log out, lock or other system actions"
  • xfconfd (PID: 5542, Parent: 5541, MD5: 4c7a0d6d258bb970905b19b84abcd8e9) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
  • systemd New Fork (PID: 5550, Parent: 2955)
  • xfce4-notifyd (PID: 5550, Parent: 2955, MD5: eee956f1b227c1d5031f9c61223255d1) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
MiraiMirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
boatnet.m68k.elfJoeSecurity_Mirai_8Yara detected MiraiJoe Security
    boatnet.m68k.elfLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
    • 0xc1e4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc1f8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc20c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc220:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc234:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc248:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc25c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc270:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc284:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc298:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc2ac:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc2c0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc2d4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc2e8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc2fc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc310:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc324:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc338:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc34c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc360:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0xc374:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    boatnet.m68k.elfLinux_Trojan_Gafgyt_ea92cca8unknownunknown
    • 0xc735:$a: 53 65 6C 66 20 52 65 70 20 46 75 63 6B 69 6E 67 20 4E 65 54 69 53 20 61 6E 64

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    5509.1.00007ff748001000.00007ff74800f000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
      5509.1.00007ff748001000.00007ff74800f000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
      • 0xc1e4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc1f8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc20c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc220:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc234:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc248:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc25c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc270:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc284:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc298:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc2ac:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc2c0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc2d4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc2e8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc2fc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc310:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc324:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc338:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc34c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc360:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0xc374:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      5509.1.00007ff748001000.00007ff74800f000.r-x.sdmpLinux_Trojan_Gafgyt_ea92cca8unknownunknown
      • 0xc735:$a: 53 65 6C 66 20 52 65 70 20 46 75 63 6B 69 6E 67 20 4E 65 54 69 53 20 61 6E 64
      5512.1.00007ff748001000.00007ff74800f000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
        5512.1.00007ff748001000.00007ff74800f000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
        • 0xc1e4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc1f8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc20c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc220:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc234:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc248:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc25c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc270:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc284:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc298:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc2ac:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc2c0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc2d4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc2e8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc2fc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc310:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc324:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc338:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc34c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc360:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0xc374:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        Click to see the 4 entries

        Suricata Signatures

        No Suricata rule has matched

        Joe Sandbox Signatures

        Click to jump to signature section

        Show All Signature Results

        AV Detection

        barindex
        Antivirus / Scanner detection for submitted sample
        Source: boatnet.m68k.elfAvira: detected
        Multi AV Scanner detection for submitted file
        Source: boatnet.m68k.elfReversingLabs: Detection: 65%
        Source: boatnet.m68k.elfVirustotal: Detection: 61%Perma Link
        Source: global trafficTCP traffic: 192.168.2.14:41288 -> 160.191.86.209:3778
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: unknownTCP traffic detected without corresponding DNS query: 160.191.86.209
        Source: global trafficDNS traffic detected: DNS query: daisy.ubuntu.com

        System Summary

        barindex
        Malicious sample detected (through community Yara rule)
        Source: boatnet.m68k.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
        Source: boatnet.m68k.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
        Source: 5509.1.00007ff748001000.00007ff74800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
        Source: 5509.1.00007ff748001000.00007ff74800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
        Source: 5512.1.00007ff748001000.00007ff74800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
        Source: 5512.1.00007ff748001000.00007ff74800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
        Source: Process Memory Space: boatnet.m68k.elf PID: 5509, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
        Source: Process Memory Space: boatnet.m68k.elf PID: 5509, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
        Sample tries to kill multiple processes (SIGKILL)
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3129, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3184, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3187, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3188, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3189, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3190, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3193, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3207, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3215, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3235, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5521, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5522, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5523, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5524, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5525, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5526, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5542, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5550, result: successfulJump to behavior
        Source: ELF static info symbol of initial sample.symtab present: no
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3129, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3184, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3187, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3188, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3189, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3190, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3193, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3207, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3215, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 3235, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5521, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5522, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5523, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5524, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5525, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5526, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5542, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)SIGKILL sent: pid: 5550, result: successfulJump to behavior
        Source: boatnet.m68k.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
        Source: boatnet.m68k.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
        Source: 5509.1.00007ff748001000.00007ff74800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
        Source: 5509.1.00007ff748001000.00007ff74800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
        Source: 5512.1.00007ff748001000.00007ff74800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
        Source: 5512.1.00007ff748001000.00007ff74800f000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
        Source: Process Memory Space: boatnet.m68k.elf PID: 5509, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
        Source: Process Memory Space: boatnet.m68k.elf PID: 5509, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
        Source: classification engineClassification label: mal76.spre.troj.linELF@0/0@2/0
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5521)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5522)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /home/saturnino/.fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/X11/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /home/saturnino/.fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/X11/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /home/saturnino/.fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/X11/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /home/saturnino/.cacheJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /home/saturnino/.localJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Directory: /home/saturnino/.configJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /home/saturnino/.fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/X11/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5542)Directory: /home/saturnino/.cacheJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5542)Directory: /home/saturnino/.localJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5542)Directory: /home/saturnino/.configJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 5542)Directory: /home/saturnino/.configJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 5550)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 5550)Directory: /home/saturnino/.cacheJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 5550)Directory: /home/saturnino/.localJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 5550)Directory: /home/saturnino/.configJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/5542/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3761/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/2672/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1583/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3244/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3120/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3361/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3239/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1577/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1610/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/512/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1299/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3235/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/514/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/519/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/2946/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/917/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/5550/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3134/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1593/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3011/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3094/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3406/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1589/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3129/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1588/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3402/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3125/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3246/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3245/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/767/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/800/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/888/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3762/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/801/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3763/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/769/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3764/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/803/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/806/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/807/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/928/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/2956/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3420/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/490/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3142/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1635/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1633/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1599/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3139/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3817/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1873/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1630/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3412/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/657/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/658/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/659/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/418/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/419/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1639/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1638/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3398/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1371/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3392/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/780/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/660/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/661/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/782/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1369/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3304/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3425/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/785/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1642/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/940/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/941/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1640/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3147/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3268/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1364/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/548/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1647/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/2991/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1383/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1382/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1381/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/791/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/671/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/794/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1655/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/2986/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/795/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/674/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1653/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/797/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/2983/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3159/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/678/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1650/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3157/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/679/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/5456/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/1659/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3319/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/5351/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5511)File opened: /proc/3178/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 5509)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5521)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5522)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5523)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5524)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5525)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 5526)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 5550)Queries kernel information via 'uname': Jump to behavior
        Source: boatnet.m68k.elf, 5509.1.000055c9e09af000.000055c9e0a34000.rw-.sdmp, boatnet.m68k.elf, 5512.1.000055c9e09af000.000055c9e0a34000.rw-.sdmpBinary or memory string: U!/etc/qemu-binfmt/m68k
        Source: boatnet.m68k.elf, 5509.1.00007ffc23d17000.00007ffc23d38000.rw-.sdmp, boatnet.m68k.elf, 5512.1.00007ffc23d17000.00007ffc23d38000.rw-.sdmpBinary or memory string: /usr/bin/qemu-m68k
        Source: boatnet.m68k.elf, 5509.1.000055c9e09af000.000055c9e0a34000.rw-.sdmp, boatnet.m68k.elf, 5512.1.000055c9e09af000.000055c9e0a34000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/m68k
        Source: boatnet.m68k.elf, 5509.1.00007ffc23d17000.00007ffc23d38000.rw-.sdmp, boatnet.m68k.elf, 5512.1.00007ffc23d17000.00007ffc23d38000.rw-.sdmpBinary or memory string: wZx86_64/usr/bin/qemu-m68k/tmp/boatnet.m68k.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/boatnet.m68k.elf

        Stealing of Sensitive Information

        barindex
        Yara detected Mirai
        Source: Yara matchFile source: boatnet.m68k.elf, type: SAMPLE
        Source: Yara matchFile source: 5509.1.00007ff748001000.00007ff74800f000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: 5512.1.00007ff748001000.00007ff74800f000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: Process Memory Space: boatnet.m68k.elf PID: 5509, type: MEMORYSTR

        Remote Access Functionality

        barindex
        Yara detected Mirai
        Source: Yara matchFile source: boatnet.m68k.elf, type: SAMPLE
        Source: Yara matchFile source: 5509.1.00007ff748001000.00007ff74800f000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: 5512.1.00007ff748001000.00007ff74800f000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: Process Memory Space: boatnet.m68k.elf PID: 5509, type: MEMORYSTR

        Mitre Att&ck Matrix

        ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
        Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath InterceptionPath Interception1
        Hidden Files and Directories        		1
        OS Credential Dumping        		11
        Security Software Discovery        		Remote ServicesData from Local System1
        Non-Standard Port        		Exfiltration Over Other Network Medium1
        Service Stop
        CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
        Non-Application Layer Protocol        		Exfiltration Over BluetoothNetwork Denial of Service
        Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive1
        Application Layer Protocol        		Automated ExfiltrationData Encrypted for Impact

        Malware Configuration

        No configs have been found

        Behavior Graph

        Hide Legend

        Legend:

        • Process
        • Signature
        • Created File
        • DNS/IP Info
        • Is Dropped
        • Number of created Files
        • Is malicious
        • Internet
        behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1570542 Sample: boatnet.m68k.elf Startdate: 07/12/2024 Architecture: LINUX Score: 76 24 160.191.86.209, 3778, 41288, 41290 SINET-ASResearchOrganizationofInformationandSystemsN unknown 2->24 26 daisy.ubuntu.com 2->26 28 Malicious sample detected (through community Yara rule) 2->28 30 Antivirus / Scanner detection for submitted sample 2->30 32 Multi AV Scanner detection for submitted file 2->32 34 Yara detected Mirai 2->34 7 boatnet.m68k.elf 2->7         started        9 xfce4-panel wrapper-2.0 2->9         started        11 xfce4-panel wrapper-2.0 2->11         started        13 6 other processes 2->13 signatures3 process4 process5 15 boatnet.m68k.elf 7->15         started        18 boatnet.m68k.elf 7->18         started        20 boatnet.m68k.elf 7->20         started        22 wrapper-2.0 xfpm-power-backlight-helper 9->22         started        signatures6 36 Sample tries to kill multiple processes (SIGKILL) 15->36

        Screenshots

        Thumbnails

        This section contains all screenshots as thumbnails, including those not shown in the slideshow.


        windows-stand

        Antivirus, Machine Learning and Genetic Malware Detection

        Initial Sample

        SourceDetectionScannerLabelLink
        boatnet.m68k.elf66%ReversingLabsLinux.Trojan.Mirai
        boatnet.m68k.elf62%VirustotalBrowse
        boatnet.m68k.elf100%AviraEXP/ELF.Gafgyt.D

        Dropped Files

        No Antivirus matches

        Domains

        No Antivirus matches

        URLs

        No Antivirus matches

        Domains and IPs

        Contacted Domains

        NameIPActiveMaliciousAntivirus DetectionReputation
        daisy.ubuntu.com
        		162.213.35.25
        		truefalse
          		high

          World Map of Contacted IPs

          • No. of IPs < 25%
          • 25% < No. of IPs < 50%
          • 50% < No. of IPs < 75%
          • 75% < No. of IPs

          Public IPs

          IPDomainCountryFlagASNASN NameMalicious
          160.191.86.209
          		unknownunknown
          		2907SINET-ASResearchOrganizationofInformationandSystemsNfalse

          Joe Sandbox View / Context

          IPs

          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
          160.191.86.209boatnet.mips.elfGet hashmaliciousMiraiBrowse
            boatnet.mpsl.elfGet hashmaliciousMiraiBrowse
              boatnet.arm.elfGet hashmaliciousMiraiBrowse
                boatnet.arm7.elfGet hashmaliciousMiraiBrowse
                  boatnet.x86.elfGet hashmaliciousMiraiBrowse

                    Domains

                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                    daisy.ubuntu.comboatnet.mips.elfGet hashmaliciousMiraiBrowse
                    • 162.213.35.24
                    boatnet.arm6.elfGet hashmaliciousMiraiBrowse
                    • 162.213.35.25
                    boatnet.mpsl.elfGet hashmaliciousMiraiBrowse
                    • 162.213.35.24
                    boatnet.arm7.elfGet hashmaliciousMiraiBrowse
                    • 162.213.35.25
                    boatnet.x86.elfGet hashmaliciousMiraiBrowse
                    • 162.213.35.24
                    jew.arm5.elfGet hashmaliciousMiraiBrowse
                    • 162.213.35.25
                    iwir64.elfGet hashmaliciousMiraiBrowse
                    • 162.213.35.25
                    Aqua.x86_64.elfGet hashmaliciousMiraiBrowse
                    • 162.213.35.24
                    la.bot.arm7.elfGet hashmaliciousMiraiBrowse
                    • 162.213.35.24
                    la.bot.arm6.elfGet hashmaliciousMiraiBrowse
                    • 162.213.35.25

                    ASNs

                    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                    SINET-ASResearchOrganizationofInformationandSystemsNboatnet.mips.elfGet hashmaliciousMiraiBrowse
                    • 160.191.86.209
                    boatnet.mpsl.elfGet hashmaliciousMiraiBrowse
                    • 160.191.86.209
                    boatnet.arm.elfGet hashmaliciousMiraiBrowse
                    • 160.191.86.209
                    boatnet.arm7.elfGet hashmaliciousMiraiBrowse
                    • 160.191.86.209
                    boatnet.x86.elfGet hashmaliciousMiraiBrowse
                    • 160.191.86.209
                    jew.mips.elfGet hashmaliciousUnknownBrowse
                    • 133.85.229.167
                    jew.ppc.elfGet hashmaliciousUnknownBrowse
                    • 192.244.254.94
                    jmggnxeedy.elfGet hashmaliciousUnknownBrowse
                    • 133.78.26.128
                    main_spc.elfGet hashmaliciousMiraiBrowse
                    • 160.29.132.5
                    main_mips.elfGet hashmaliciousMiraiBrowse
                    • 163.143.138.185

                    JA3 Fingerprints

                    No context

                    Dropped Files

                    No context

                    Created / dropped Files

                    No created / dropped files found

                    Static File Info

                    General

                    File type:ELF 32-bit MSB executable, Motorola m68k, 68020, version 1 (SYSV), statically linked, stripped
                    Entropy (8bit):6.255153295626506
                    TrID:
                    • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                    File name:boatnet.m68k.elf
                    File size:54'932 bytes
                    MD5:a05602ec77a6fafe8b5c2441d7a5870e
                    SHA1:b304074091f184e4846d096dfc83ff25d67b65f7
                    SHA256:f35ff8be3da236cb6ea6d8c1982444854ae8b2fc66e2f36f83d9e6b2cce4370b
                    SHA512:3f6f0f477f499e1893c5561ad03a9970507ae359b51755a8e52da15ce432e4f4319f3526e1f3ed9fefa73b51c22a1fa9a8b66e87534c0a068b7ee710f1d90f00
                    SSDEEP:768:gduPBFnHooqR8qOCKq2cH4Fje+TK806MMUVjzMfQXOtHud2oGh:r/hqaJMcjeqK806MHdMfQXoHuCh
                    TLSH:38330A8EB8029D3CF91BE6BE54164E0DB93177C152830B2757BBFDA36C721A45E02E85
                    File Content Preview:.ELF.......................D...4.........4. ...(.................................. ....................(.......... .dt.Q............................NV..a....da.....N^NuNV..J9....f>"y.... QJ.g.X.#.....N."y.... QJ.f.A.....J.g.Hy....N.X.........N^NuNV..N^NuN

                    Static ELF Info

                    ELF header

                    Class:ELF32
                    Data:2's complement, big endian
                    Version:1 (current)
                    Machine:MC68000
                    Version Number:0x1
                    Type:EXEC (Executable file)
                    OS/ABI:UNIX - System V
                    ABI Version:0
                    Entry Point Address:0x80000144
                    Flags:0x0
                    ELF Header Size:52
                    Program Header Offset:52
                    Program Header Size:32
                    Number of Program Headers:3
                    Section Header Offset:54532
                    Section Header Size:40
                    Number of Section Headers:10
                    Header String Table Index:9

                    Sections

                    NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
                    NULL0x00x00x00x00x0000
                    .initPROGBITS0x800000940x940x140x00x6AX002
                    .textPROGBITS0x800000a80xa80xc12e0x00x6AX004
                    .finiPROGBITS0x8000c1d60xc1d60xe0x00x6AX002
                    .rodataPROGBITS0x8000c1e40xc1e40x10b40x00x2A002
                    .ctorsPROGBITS0x8000f29c0xd29c0x80x00x3WA004
                    .dtorsPROGBITS0x8000f2a40xd2a40x80x00x3WA004
                    .dataPROGBITS0x8000f2b00xd2b00x2140x00x3WA004
                    .bssNOBITS0x8000f4c40xd4c40x2a00x00x3WA004
                    .shstrtabSTRTAB0x00xd4c40x3e0x00x0001

                    Program Segments

                    TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                    LOAD0x00x800000000x800000000xd2980xd2986.29050x5R E0x2000.init .text .fini .rodata
                    LOAD0xd29c0x8000f29c0x8000f29c0x2280x4c83.03460x6RW 0x2000.ctors .dtors .data .bss
                    GNU_STACK0x00x00x00x00x00.00000x6RW 0x4

                    Network Behavior

                    Network Port Distribution

                    TCP Packets

                    TimestampSource PortDest PortSource IPDest IP
                    Dec 7, 2024 09:00:12.458934069 CET412883778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:12.579510927 CET377841288160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:12.579596996 CET412883778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:12.581444025 CET412883778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:12.705161095 CET377841288160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:12.705368042 CET412883778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:12.829153061 CET377841288160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:15.260871887 CET377841288160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:15.261420012 CET412883778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:15.381228924 CET377841288160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:16.263499022 CET412903778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:16.383363962 CET377841290160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:16.383502960 CET412903778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:16.384641886 CET412903778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:16.504369020 CET377841290160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:16.504606009 CET412903778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:16.624468088 CET377841290160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:19.057792902 CET377841290160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:19.057943106 CET412903778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:19.177947998 CET377841290160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:20.066063881 CET412923778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:20.186489105 CET377841292160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:20.186572075 CET412923778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:20.193265915 CET412923778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:20.313163996 CET377841292160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:20.313219070 CET412923778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:20.433172941 CET377841292160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:22.849252939 CET377841292160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:22.849345922 CET412923778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:22.969432116 CET377841292160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:23.856249094 CET412943778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:23.976227999 CET377841294160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:23.976298094 CET412943778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:23.982575893 CET412943778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:24.102510929 CET377841294160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:24.102565050 CET412943778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:24.222254992 CET377841294160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:26.651243925 CET377841294160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:26.651348114 CET412943778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:26.771367073 CET377841294160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:27.658529997 CET412963778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:27.778748035 CET377841296160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:27.778876066 CET412963778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:27.783303022 CET412963778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:27.903306961 CET377841296160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:27.903381109 CET412963778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:28.023277044 CET377841296160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:30.445065975 CET377841296160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:30.445198059 CET412963778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:30.565082073 CET377841296160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:31.447356939 CET412983778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:31.567388058 CET377841298160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:31.567604065 CET412983778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:31.568485975 CET412983778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:31.688247919 CET377841298160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:31.693123102 CET412983778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:31.813045025 CET377841298160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:34.242990971 CET377841298160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:34.243247032 CET412983778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:34.363033056 CET377841298160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:35.244680882 CET413003778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:35.364455938 CET377841300160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:35.364650965 CET413003778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:35.365504980 CET413003778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:35.485187054 CET377841300160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:35.485369921 CET413003778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:35.605314016 CET377841300160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:38.041641951 CET377841300160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:38.041878939 CET413003778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:38.161689043 CET377841300160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:39.043248892 CET413023778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:39.163086891 CET377841302160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:39.163336039 CET413023778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:39.163970947 CET413023778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:39.283709049 CET377841302160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:39.283916950 CET413023778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:39.403690100 CET377841302160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:41.842183113 CET377841302160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:41.842370033 CET413023778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:41.962156057 CET377841302160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:42.843333960 CET413043778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:42.963227987 CET377841304160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:42.963318110 CET413043778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:42.963953018 CET413043778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:43.083761930 CET377841304160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:43.083934069 CET413043778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:43.203893900 CET377841304160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:45.634337902 CET377841304160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:45.634769917 CET413043778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:45.754622936 CET377841304160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:46.636641026 CET413063778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:46.756489992 CET377841306160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:46.756633043 CET413063778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:46.757478952 CET413063778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:46.877094030 CET377841306160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:46.877321959 CET413063778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:46.997056961 CET377841306160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:49.433054924 CET377841306160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:49.433504105 CET413063778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:49.553203106 CET377841306160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:50.435539007 CET413083778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:50.555450916 CET377841308160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:50.555541992 CET413083778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:50.557029963 CET413083778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:50.676758051 CET377841308160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:50.676964045 CET413083778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:50.797146082 CET377841308160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:53.226603985 CET377841308160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:53.227035999 CET413083778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:53.349817991 CET377841308160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:54.228895903 CET413103778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:54.348779917 CET377841310160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:54.348964930 CET413103778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:54.350022078 CET413103778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:54.469842911 CET377841310160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:54.470063925 CET413103778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:54.589879990 CET377841310160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:57.023056030 CET377841310160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:57.023358107 CET413103778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:57.143142939 CET377841310160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:58.025249004 CET413123778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:58.145221949 CET377841312160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:58.145596027 CET413123778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:58.146590948 CET413123778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:58.266561985 CET377841312160.191.86.209192.168.2.14
                    Dec 7, 2024 09:00:58.266863108 CET413123778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:00:58.387208939 CET377841312160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:00.819268942 CET377841312160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:00.819725990 CET413123778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:00.939584017 CET377841312160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:01.821064949 CET413143778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:01.940903902 CET377841314160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:01.941066980 CET413143778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:01.942131996 CET413143778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:02.062141895 CET377841314160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:02.062441111 CET413143778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:02.182281017 CET377841314160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:04.621675014 CET377841314160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:04.621870995 CET413143778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:04.742031097 CET377841314160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:05.623503923 CET413163778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:05.743293047 CET377841316160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:05.743387938 CET413163778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:05.744007111 CET413163778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:05.863950014 CET377841316160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:05.864187002 CET413163778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:05.983882904 CET377841316160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:08.418165922 CET377841316160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:08.418330908 CET413163778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:08.538187981 CET377841316160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:09.419491053 CET413183778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:09.539418936 CET377841318160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:09.539586067 CET413183778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:09.540168047 CET413183778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:09.659962893 CET377841318160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:09.660064936 CET413183778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:09.779901981 CET377841318160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:12.212124109 CET377841318160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:12.212466002 CET413183778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:12.332211018 CET377841318160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:13.215651989 CET413203778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:13.335582018 CET377841320160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:13.335720062 CET413203778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:13.336831093 CET413203778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:13.456538916 CET377841320160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:13.456789970 CET413203778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:13.576556921 CET377841320160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:16.043524027 CET377841320160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:16.043745041 CET413203778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:16.163523912 CET377841320160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:17.045660973 CET413223778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:17.165842056 CET377841322160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:17.165919065 CET413223778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:17.167228937 CET413223778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:17.287019014 CET377841322160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:17.287087917 CET413223778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:17.406908035 CET377841322160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:19.839534044 CET377841322160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:19.839660883 CET413223778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:19.959639072 CET377841322160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:20.840615034 CET413243778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:20.960442066 CET377841324160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:20.960515976 CET413243778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:20.961179972 CET413243778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:21.081288099 CET377841324160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:21.081373930 CET413243778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:21.202218056 CET377841324160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:23.638974905 CET377841324160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:23.639153004 CET413243778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:23.759031057 CET377841324160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:24.640393972 CET413263778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:24.760288954 CET377841326160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:24.760365963 CET413263778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:24.760947943 CET413263778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:24.880889893 CET377841326160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:24.881045103 CET413263778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:25.003055096 CET377841326160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:27.429462910 CET377841326160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:27.429577112 CET413263778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:27.549638033 CET377841326160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:28.430784941 CET413283778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:28.550873995 CET377841328160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:28.550976038 CET413283778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:28.551784992 CET413283778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:28.671495914 CET377841328160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:28.671596050 CET413283778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:28.793348074 CET377841328160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:31.227106094 CET377841328160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:31.227277994 CET413283778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:31.347062111 CET377841328160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:32.228842974 CET413303778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:32.348953009 CET377841330160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:32.349139929 CET413303778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:32.350198984 CET413303778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:32.470056057 CET377841330160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:32.470288992 CET413303778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:32.590040922 CET377841330160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:35.028465033 CET377841330160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:35.028610945 CET413303778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:35.148763895 CET377841330160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:36.030280113 CET413323778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:36.150306940 CET377841332160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:36.150398016 CET413323778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:36.151427031 CET413323778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:36.271131039 CET377841332160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:36.271195889 CET413323778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:36.390944958 CET377841332160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:38.823518991 CET377841332160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:38.823741913 CET413323778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:38.944539070 CET377841332160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:39.825565100 CET413343778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:39.945627928 CET377841334160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:39.945883989 CET413343778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:39.947063923 CET413343778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:40.066895008 CET377841334160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:40.067130089 CET413343778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:40.186995029 CET377841334160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:42.623367071 CET377841334160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:42.623464108 CET413343778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:42.743280888 CET377841334160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:43.624896049 CET413363778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:43.744946003 CET377841336160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:43.745016098 CET413363778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:43.745759010 CET413363778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:43.865469933 CET377841336160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:43.865510941 CET413363778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:43.985331059 CET377841336160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:46.418021917 CET377841336160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:46.418153048 CET413363778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:46.418184996 CET413363778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:46.538204908 CET377841336160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:47.419358015 CET413383778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:47.539227009 CET377841338160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:47.539293051 CET413383778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:47.539902925 CET413383778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:47.659636021 CET377841338160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:47.659701109 CET413383778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:47.781246901 CET377841338160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:50.216466904 CET377841338160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:50.216587067 CET413383778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:50.336361885 CET377841338160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:51.217787981 CET413403778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:51.337661982 CET377841340160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:51.337892056 CET413403778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:51.338427067 CET413403778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:51.458085060 CET377841340160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:51.458229065 CET413403778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:51.577999115 CET377841340160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:54.011259079 CET377841340160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:54.011393070 CET413403778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:54.131208897 CET377841340160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:55.012454033 CET413423778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:55.132283926 CET377841342160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:55.132364035 CET413423778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:55.132916927 CET413423778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:55.252566099 CET377841342160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:55.252624035 CET413423778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:55.372385979 CET377841342160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:57.823766947 CET377841342160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:57.823884964 CET413423778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:57.943619013 CET377841342160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:58.825021029 CET413443778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:58.945128918 CET377841344160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:58.945250988 CET413443778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:58.945810080 CET413443778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:59.065562010 CET377841344160.191.86.209192.168.2.14
                    Dec 7, 2024 09:01:59.065665960 CET413443778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:01:59.185384989 CET377841344160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:01.622881889 CET377841344160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:01.623121977 CET413443778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:01.742842913 CET377841344160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:02.624625921 CET413463778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:02.744426966 CET377841346160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:02.744657040 CET413463778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:02.745737076 CET413463778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:02.865678072 CET377841346160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:02.865916014 CET413463778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:02.985724926 CET377841346160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:05.416903973 CET377841346160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:05.417110920 CET413463778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:05.537039042 CET377841346160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:06.418900013 CET413483778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:06.538938999 CET377841348160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:06.539016008 CET413483778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:06.540081978 CET413483778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:06.659775019 CET377841348160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:06.659974098 CET413483778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:06.779740095 CET377841348160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:09.213074923 CET377841348160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:09.213269949 CET413483778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:09.213345051 CET413483778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:09.334126949 CET377841348160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:10.215029001 CET413503778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:10.335669041 CET377841350160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:10.335743904 CET413503778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:10.336374998 CET413503778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:10.456480980 CET377841350160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:10.456547022 CET413503778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:10.579957008 CET377841350160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:13.007076979 CET377841350160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:13.007169008 CET413503778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:13.126929045 CET377841350160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:14.008156061 CET413523778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:14.128294945 CET377841352160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:14.128492117 CET413523778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:14.129053116 CET413523778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:14.248927116 CET377841352160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:14.249001026 CET413523778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:14.368771076 CET377841352160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:16.809919119 CET377841352160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:16.810103893 CET413523778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:16.929873943 CET377841352160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:17.811484098 CET413543778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:17.931380987 CET377841354160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:17.931443930 CET413543778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:17.932084084 CET413543778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:18.052082062 CET377841354160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:18.052252054 CET413543778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:18.171941042 CET377841354160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:20.605026960 CET377841354160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:20.605145931 CET413543778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:20.724883080 CET377841354160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:21.606698036 CET413563778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:21.726499081 CET377841356160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:21.726702929 CET413563778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:21.727914095 CET413563778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:21.847634077 CET377841356160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:21.847843885 CET413563778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:21.969672918 CET377841356160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:24.404203892 CET377841356160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:24.404556990 CET413563778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:24.524290085 CET377841356160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:25.406440020 CET413583778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:25.526529074 CET377841358160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:25.526774883 CET413583778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:25.527879953 CET413583778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:25.647950888 CET377841358160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:25.648178101 CET413583778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:25.767884016 CET377841358160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:28.200784922 CET377841358160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:28.201023102 CET413583778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:28.320763111 CET377841358160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:29.203046083 CET413603778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:29.323014975 CET377841360160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:29.323256969 CET413603778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:29.324372053 CET413603778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:29.444072962 CET377841360160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:29.444228888 CET413603778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:29.563999891 CET377841360160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:32.001966000 CET377841360160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:32.002260923 CET413603778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:32.122365952 CET377841360160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:33.003990889 CET413623778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:33.124165058 CET377841362160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:33.124409914 CET413623778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:33.125659943 CET413623778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:33.245415926 CET377841362160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:33.245634079 CET413623778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:33.365461111 CET377841362160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:35.807209015 CET377841362160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:35.807579994 CET413623778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:35.927755117 CET377841362160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:36.808882952 CET413643778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:36.928816080 CET377841364160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:36.928875923 CET413643778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:36.929413080 CET413643778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:37.049258947 CET377841364160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:37.049415112 CET413643778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:37.169399023 CET377841364160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:39.604006052 CET377841364160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:39.604247093 CET413643778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:39.725128889 CET377841364160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:40.605964899 CET413663778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:40.725773096 CET377841366160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:40.726166964 CET413663778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:40.727505922 CET413663778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:40.847290039 CET377841366160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:40.847431898 CET413663778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:40.967143059 CET377841366160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:43.402642965 CET377841366160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:43.403196096 CET413663778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:43.522954941 CET377841366160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:44.405041933 CET413683778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:44.525127888 CET377841368160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:44.525428057 CET413683778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:44.526562929 CET413683778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:44.646255016 CET377841368160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:44.646709919 CET413683778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:44.766514063 CET377841368160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:47.198048115 CET377841368160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:47.198276997 CET413683778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:47.318651915 CET377841368160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:48.199920893 CET413703778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:48.319735050 CET377841370160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:48.319996119 CET413703778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:48.321197987 CET413703778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:48.440886021 CET377841370160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:48.440992117 CET413703778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:48.560827017 CET377841370160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:50.995440960 CET377841370160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:50.995727062 CET413703778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:50.995727062 CET413703778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:51.115665913 CET377841370160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:51.997469902 CET413723778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:52.117326021 CET377841372160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:52.117405891 CET413723778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:52.118542910 CET413723778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:52.238308907 CET377841372160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:52.238522053 CET413723778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:52.358238935 CET377841372160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:54.793586016 CET377841372160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:54.793883085 CET413723778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:54.913680077 CET377841372160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:55.795160055 CET413743778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:55.915026903 CET377841374160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:55.915276051 CET413743778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:55.915941000 CET413743778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:56.035684109 CET377841374160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:56.035945892 CET413743778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:56.156531096 CET377841374160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:58.591392040 CET377841374160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:58.591686010 CET413743778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:58.711512089 CET377841374160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:59.637413025 CET413763778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:59.757270098 CET377841376160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:59.757433891 CET413763778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:59.758533001 CET413763778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:59.878182888 CET377841376160.191.86.209192.168.2.14
                    Dec 7, 2024 09:02:59.878341913 CET413763778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:02:59.998045921 CET377841376160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:02.452758074 CET377841376160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:02.453083992 CET413763778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:02.572890997 CET377841376160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:03.454461098 CET413783778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:03.574273109 CET377841378160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:03.574503899 CET413783778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:03.575633049 CET413783778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:03.695307016 CET377841378160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:03.695565939 CET413783778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:03.815793037 CET377841378160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:06.246316910 CET377841378160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:06.246613979 CET413783778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:06.366372108 CET377841378160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:07.248265982 CET413803778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:07.369198084 CET377841380160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:07.369347095 CET413803778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:07.370271921 CET413803778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:07.490830898 CET377841380160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:07.490962982 CET413803778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:07.610933065 CET377841380160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:10.040091991 CET377841380160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:10.040393114 CET413803778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:10.161482096 CET377841380160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:11.042213917 CET413823778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:11.162481070 CET377841382160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:11.162561893 CET413823778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:11.163490057 CET413823778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:11.283257008 CET377841382160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:11.283440113 CET413823778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:11.403366089 CET377841382160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:13.840066910 CET377841382160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:13.840236902 CET413823778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:13.960031986 CET377841382160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:14.842185974 CET413843778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:14.961985111 CET377841384160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:14.962088108 CET413843778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:14.963258028 CET413843778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:15.083734035 CET377841384160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:15.083816051 CET413843778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:15.203583956 CET377841384160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:17.639379025 CET377841384160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:17.639484882 CET413843778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:17.759274006 CET377841384160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:18.641072989 CET413863778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:18.760986090 CET377841386160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:18.761065960 CET413863778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:18.761898041 CET413863778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:18.881727934 CET377841386160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:18.881882906 CET413863778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:19.001599073 CET377841386160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:21.437875032 CET377841386160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:21.438236952 CET413863778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:21.557976961 CET377841386160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:22.439923048 CET413883778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:22.559787989 CET377841388160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:22.560066938 CET413883778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:22.561235905 CET413883778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:22.681355000 CET377841388160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:22.681653976 CET413883778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:22.801454067 CET377841388160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:25.248369932 CET377841388160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:25.248774052 CET413883778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:25.368566036 CET377841388160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:26.250210047 CET413903778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:26.370032072 CET377841390160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:26.370208979 CET413903778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:26.371289015 CET413903778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:26.491436958 CET377841390160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:26.491627932 CET413903778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:26.611457109 CET377841390160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:29.040144920 CET377841390160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:29.040462017 CET413903778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:29.160294056 CET377841390160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:30.042536020 CET413923778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:30.162291050 CET377841392160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:30.162606001 CET413923778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:30.163360119 CET413923778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:30.283957958 CET377841392160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:30.284301043 CET413923778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:30.404244900 CET377841392160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:32.840924025 CET377841392160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:32.841281891 CET413923778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:32.961056948 CET377841392160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:33.843589067 CET413943778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:33.963397026 CET377841394160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:33.963582039 CET413943778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:33.965079069 CET413943778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:34.084800005 CET377841394160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:34.084985018 CET413943778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:34.205144882 CET377841394160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:36.638792038 CET377841394160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:36.638917923 CET413943778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:36.758614063 CET377841394160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:37.640496969 CET413963778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:37.760356903 CET377841396160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:37.760464907 CET413963778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:37.761663914 CET413963778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:37.881441116 CET377841396160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:37.881505013 CET413963778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:38.001281977 CET377841396160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:40.450556993 CET377841396160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:40.450757980 CET413963778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:40.570585012 CET377841396160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:41.452419043 CET413983778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:41.572241068 CET377841398160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:41.572341919 CET413983778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:41.573276997 CET413983778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:41.692944050 CET377841398160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:41.693123102 CET413983778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:41.812922955 CET377841398160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:44.244134903 CET377841398160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:44.244334936 CET413983778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:44.364797115 CET377841398160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:45.245839119 CET414003778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:45.365636110 CET377841400160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:45.365699053 CET414003778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:45.366695881 CET414003778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:45.486530066 CET377841400160.191.86.209192.168.2.14
                    Dec 7, 2024 09:03:45.486604929 CET414003778192.168.2.14160.191.86.209
                    Dec 7, 2024 09:03:45.606461048 CET377841400160.191.86.209192.168.2.14

                    UDP Packets

                    TimestampSource PortDest PortSource IPDest IP
                    Dec 7, 2024 09:02:58.118808985 CET3509753192.168.2.141.1.1.1
                    Dec 7, 2024 09:02:58.118855953 CET3854353192.168.2.141.1.1.1
                    Dec 7, 2024 09:02:58.257999897 CET53385431.1.1.1192.168.2.14
                    Dec 7, 2024 09:02:58.343105078 CET53350971.1.1.1192.168.2.14

                    DNS Queries

                    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                    Dec 7, 2024 09:02:58.118808985 CET192.168.2.141.1.1.10xe43dStandard query (0)daisy.ubuntu.comA (IP address)IN (0x0001)false
                    Dec 7, 2024 09:02:58.118855953 CET192.168.2.141.1.1.10xf579Standard query (0)daisy.ubuntu.com28IN (0x0001)false

                    DNS Answers

                    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                    Dec 7, 2024 09:02:58.343105078 CET1.1.1.1192.168.2.140xe43dNo error (0)daisy.ubuntu.com162.213.35.25A (IP address)IN (0x0001)false
                    Dec 7, 2024 09:02:58.343105078 CET1.1.1.1192.168.2.140xe43dNo error (0)daisy.ubuntu.com162.213.35.24A (IP address)IN (0x0001)false

                    System Behavior

                    General

                    Start time (UTC):08:00:11
                    Start date (UTC):07/12/2024
                    Path:/tmp/boatnet.m68k.elf
                    Arguments:/tmp/boatnet.m68k.elf
                    File size:4463432 bytes
                    MD5 hash:cd177594338c77b895ae27c33f8f86cc

                    Chronological Activities


                    General

                    Start time (UTC):08:00:11
                    Start date (UTC):07/12/2024
                    Path:/tmp/boatnet.m68k.elf
                    Arguments:-
                    File size:4463432 bytes
                    MD5 hash:cd177594338c77b895ae27c33f8f86cc

                    Chronological Activities


                    General

                    Start time (UTC):08:00:11
                    Start date (UTC):07/12/2024
                    Path:/tmp/boatnet.m68k.elf
                    Arguments:-
                    File size:4463432 bytes
                    MD5 hash:cd177594338c77b895ae27c33f8f86cc

                    Chronological Activities


                    General

                    Start time (UTC):08:00:11
                    Start date (UTC):07/12/2024
                    Path:/tmp/boatnet.m68k.elf
                    Arguments:-
                    File size:4463432 bytes
                    MD5 hash:cd177594338c77b895ae27c33f8f86cc

                    Chronological Activities


                    General

                    Start time (UTC):08:00:17
                    Start date (UTC):07/12/2024
                    Path:/usr/bin/xfce4-panel
                    Arguments:-
                    File size:375768 bytes
                    MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                    Chronological Activities


                    General

                    Start time (UTC):08:00:17
                    Start date (UTC):07/12/2024
                    Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                    Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray "Notification Area" "Area where notification icons appear"
                    File size:35136 bytes
                    MD5 hash:ac0b8a906f359a8ae102244738682e76

                    Chronological Activities


                    General

                    Start time (UTC):08:00:17
                    Start date (UTC):07/12/2024
                    Path:/usr/bin/xfce4-panel
                    Arguments:-
                    File size:375768 bytes
                    MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                    Chronological Activities


                    General

                    Start time (UTC):08:00:17
                    Start date (UTC):07/12/2024
                    Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                    Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921 statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
                    File size:35136 bytes
                    MD5 hash:ac0b8a906f359a8ae102244738682e76

                    Chronological Activities


                    General

                    Start time (UTC):08:00:17
                    Start date (UTC):07/12/2024
                    Path:/usr/bin/xfce4-panel
                    Arguments:-
                    File size:375768 bytes
                    MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                    Chronological Activities


                    General

                    Start time (UTC):08:00:17
                    Start date (UTC):07/12/2024
                    Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                    Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8 12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
                    File size:35136 bytes
                    MD5 hash:ac0b8a906f359a8ae102244738682e76

                    Chronological Activities


                    General

                    Start time (UTC):08:00:17
                    Start date (UTC):07/12/2024
                    Path:/usr/bin/xfce4-panel
                    Arguments:-
                    File size:375768 bytes
                    MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                    Chronological Activities


                    General

                    Start time (UTC):08:00:17
                    Start date (UTC):07/12/2024
                    Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                    Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9 12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness of your display"
                    File size:35136 bytes
                    MD5 hash:ac0b8a906f359a8ae102244738682e76

                    Chronological Activities


                    General

                    Start time (UTC):08:00:21
                    Start date (UTC):07/12/2024
                    Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                    Arguments:-
                    File size:35136 bytes
                    MD5 hash:ac0b8a906f359a8ae102244738682e76

                    Chronological Activities


                    General

                    Start time (UTC):08:00:21
                    Start date (UTC):07/12/2024
                    Path:/usr/sbin/xfpm-power-backlight-helper
                    Arguments:/usr/sbin/xfpm-power-backlight-helper --get-max-brightness
                    File size:14656 bytes
                    MD5 hash:3d221ad23f28ca3259f599b1664e2427

                    Chronological Activities


                    General

                    Start time (UTC):08:00:17
                    Start date (UTC):07/12/2024
                    Path:/usr/bin/xfce4-panel
                    Arguments:-
                    File size:375768 bytes
                    MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                    Chronological Activities


                    General

                    Start time (UTC):08:00:17
                    Start date (UTC):07/12/2024
                    Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                    Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so 10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
                    File size:35136 bytes
                    MD5 hash:ac0b8a906f359a8ae102244738682e76

                    Chronological Activities


                    General

                    Start time (UTC):08:00:17
                    Start date (UTC):07/12/2024
                    Path:/usr/bin/xfce4-panel
                    Arguments:-
                    File size:375768 bytes
                    MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                    Chronological Activities


                    General

                    Start time (UTC):08:00:17
                    Start date (UTC):07/12/2024
                    Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                    Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925 actions "Action Buttons" "Log out, lock or other system actions"
                    File size:35136 bytes
                    MD5 hash:ac0b8a906f359a8ae102244738682e76

                    Chronological Activities


                    General

                    Start time (UTC):08:00:21
                    Start date (UTC):07/12/2024
                    Path:/usr/bin/dbus-daemon
                    Arguments:-
                    File size:249032 bytes
                    MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                    Chronological Activities


                    General

                    Start time (UTC):08:00:21
                    Start date (UTC):07/12/2024
                    Path:/usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
                    Arguments:/usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
                    File size:112880 bytes
                    MD5 hash:4c7a0d6d258bb970905b19b84abcd8e9

                    Chronological Activities


                    General

                    Start time (UTC):08:00:24
                    Start date (UTC):07/12/2024
                    Path:/usr/lib/systemd/systemd
                    Arguments:-
                    File size:1620224 bytes
                    MD5 hash:9b2bec7092a40488108543f9334aab75

                    Chronological Activities


                    General

                    Start time (UTC):08:00:24
                    Start date (UTC):07/12/2024
                    Path:/usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd
                    Arguments:/usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd
                    File size:112872 bytes
                    MD5 hash:eee956f1b227c1d5031f9c61223255d1

                    Chronological Activities