Edit tour
Linux
Analysis Report
x86.elf
Overview
General Information
Sample name: | x86.elf |
Analysis ID: | 1576201 |
MD5: | 3e7577a2fa2cca1c44fd60bc3d67b64a |
SHA1: | ea0d89cb9b5d0c7b80512732109bbddb092e04b3 |
SHA256: | 975e5edf880671ad6b0e9c46f6125313b74c79a01af2596ff462fe44aec15cf4 |
Tags: | elfuser-abuse_ch |
Infos: |
Detection
Mirai
Score: | 68 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Yara detected Mirai
Machine Learning detection for sample
Detected TCP or UDP traffic on non-standard ports
Executes the "rm" command used to delete files or directories
Sample contains strings that are user agent strings indicative of HTTP manipulation
Sample has stripped symbol table
Yara signature match
Classification
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1576201 |
Start date and time: | 2024-12-16 16:28:05 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 1s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | x86.elf |
Detection: | MAL |
Classification: | mal68.troj.linELF@0/0@0/0 |
- VT rate limit hit for: x86.elf
Command: | /tmp/x86.elf |
PID: | 6249 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | Infected |
Standard Error: |
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
Mirai | Mirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world. | No Attribution |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Mirai_8 | Yara detected Mirai | Joe Security | ||
Linux_Trojan_Gafgyt_e6d75e6f | unknown | unknown |
| |
Linux_Trojan_Mirai_122ff2e6 | unknown | unknown |
| |
Linux_Trojan_Mirai_fa48b592 | unknown | unknown |
| |
Linux_Trojan_Mirai_8aa7b5d3 | unknown | unknown |
|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Mirai_8 | Yara detected Mirai | Joe Security | ||
Linux_Trojan_Gafgyt_e6d75e6f | unknown | unknown |
| |
Linux_Trojan_Mirai_122ff2e6 | unknown | unknown |
| |
Linux_Trojan_Mirai_fa48b592 | unknown | unknown |
| |
Linux_Trojan_Mirai_8aa7b5d3 | unknown | unknown |
| |
Click to see the 10 entries |
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | ReversingLabs: |
Source: | Joe Sandbox ML: |
Source: | TCP traffic: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | .symtab present: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Classification label: |
Source: | Rm executable: | Jump to behavior | ||
Source: | Rm executable: | Jump to behavior |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: | ||
Source: | User agent string found: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | 1 File Deletion | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Data Obfuscation | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Non-Standard Port | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Application Layer Protocol | Traffic Duplication | Data Destruction |
⊘No configs have been found
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
47% | ReversingLabs | Linux.Trojan.LnxMirai | ||
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No contacted domains info
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
54.171.230.55 | unknown | United States | 16509 | AMAZON-02US | false | |
85.239.34.134 | unknown | Russian Federation | 134121 | RAINBOW-HKRainbownetworklimitedHK | false | |
109.202.202.202 | unknown | Switzerland | 13030 | INIT7CH | false | |
91.189.91.43 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false | |
91.189.91.42 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
54.171.230.55 | Get hash | malicious | Mirai, Okiru | Browse | ||
Get hash | malicious | Okiru | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
85.239.34.134 | Get hash | malicious | Mirai | Browse | ||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
109.202.202.202 | Get hash | malicious | Unknown | Browse |
| |
91.189.91.43 | Get hash | malicious | Mirai | Browse | ||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai, Okiru | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai, Okiru | Browse | |||
Get hash | malicious | Okiru | Browse | |||
Get hash | malicious | Mirai, Okiru | Browse | |||
Get hash | malicious | Mirai | Browse |
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
RAINBOW-HKRainbownetworklimitedHK | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
AMAZON-02US | Get hash | malicious | RHADAMANTHYS | Browse |
| |
Get hash | malicious | RHADAMANTHYS | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Okiru | Browse |
| ||
Get hash | malicious | MassLogger RAT | Browse |
| ||
Get hash | malicious | KnowBe4 | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
INIT7CH | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Okiru | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Mirai | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 6.687948783383679 |
TrID: |
|
File name: | x86.elf |
File size: | 68'452 bytes |
MD5: | 3e7577a2fa2cca1c44fd60bc3d67b64a |
SHA1: | ea0d89cb9b5d0c7b80512732109bbddb092e04b3 |
SHA256: | 975e5edf880671ad6b0e9c46f6125313b74c79a01af2596ff462fe44aec15cf4 |
SHA512: | 2b4682c22b7993faacb5a50edf5e998532427e68657ffb656a665febe776b94f5376daac5e45b506df3b41e844894d8787c192e60fc9d1975bb255051ea8c367 |
SSDEEP: | 1536:whkcvHWfVSOjBvKWJZWwNkZVCFGVcSCi/SJIDcNeqpzI5h5knx:wBOdvHRNkrGYDcNe2I5h5mx |
TLSH: | E463AECFE6C3D5B5D95201722162BF37D732DA2740A99243E3D42D25DC22632EB0BAC9 |
File Content Preview: | .ELF........................4...4.......4. ...(.........................................................|z..............|...|...|...................Q.td............................U..S............h........[]...$.............U......=.....t..5.............. |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 4 |
Section Header Offset: | 67892 |
Section Header Size: | 40 |
Number of Section Headers: | 14 |
Header String Table Index: | 13 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x80480b4 | 0xb4 | 0x1c | 0x0 | 0x6 | AX | 0 | 0 | 1 |
.text | PROGBITS | 0x80480d0 | 0xd0 | 0xccb7 | 0x0 | 0x6 | AX | 0 | 0 | 16 |
.fini | PROGBITS | 0x8054d87 | 0xcd87 | 0x17 | 0x0 | 0x6 | AX | 0 | 0 | 1 |
.rodata | PROGBITS | 0x8054da0 | 0xcda0 | 0x3330 | 0x0 | 0x2 | A | 0 | 0 | 32 |
.eh_frame | PROGBITS | 0x80590d0 | 0x100d0 | 0x5ac | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.tbss | NOBITS | 0x805967c | 0x1067c | 0x8 | 0x0 | 0x403 | WAT | 0 | 0 | 4 |
.ctors | PROGBITS | 0x805967c | 0x1067c | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x8059684 | 0x10684 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.jcr | PROGBITS | 0x805968c | 0x1068c | 0x4 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.got.plt | PROGBITS | 0x8059690 | 0x10690 | 0xc | 0x4 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x805969c | 0x1069c | 0x23c | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.bss | NOBITS | 0x80598e0 | 0x108d8 | 0x726c | 0x0 | 0x3 | WA | 0 | 0 | 32 |
.shstrtab | STRTAB | 0x0 | 0x108d8 | 0x5c | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x8048000 | 0x8048000 | 0x100d0 | 0x100d0 | 6.7298 | 0x5 | R E | 0x1000 | .init .text .fini .rodata | |
LOAD | 0x100d0 | 0x80590d0 | 0x80590d0 | 0x808 | 0x7a7c | 4.6900 | 0x6 | RW | 0x1000 | .eh_frame .tbss .ctors .dtors .jcr .got.plt .data .bss | |
TLS | 0x1067c | 0x805967c | 0x805967c | 0x0 | 0x8 | 0.0000 | 0x4 | R | 0x4 | .tbss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Dec 16, 2024 16:28:49.632133007 CET | 443 | 33606 | 54.171.230.55 | 192.168.2.23 |
Dec 16, 2024 16:28:49.632647038 CET | 33606 | 443 | 192.168.2.23 | 54.171.230.55 |
Dec 16, 2024 16:28:49.752603054 CET | 443 | 33606 | 54.171.230.55 | 192.168.2.23 |
Dec 16, 2024 16:28:51.887558937 CET | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Dec 16, 2024 16:28:51.988992929 CET | 40262 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:28:52.115067005 CET | 6666 | 40262 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:28:52.115164995 CET | 40262 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:28:52.115303040 CET | 40262 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:28:52.235161066 CET | 6666 | 40262 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:28:53.290080070 CET | 6666 | 40262 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:28:53.290180922 CET | 40262 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:28:53.290330887 CET | 6666 | 40262 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:28:53.290404081 CET | 40262 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:28:53.417084932 CET | 6666 | 40262 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:28:57.262862921 CET | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Dec 16, 2024 16:28:58.542680979 CET | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Dec 16, 2024 16:29:02.293190002 CET | 40266 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:02.414972067 CET | 6666 | 40266 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:02.415261984 CET | 40266 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:02.415349960 CET | 40266 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:02.537616014 CET | 6666 | 40266 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:03.559693098 CET | 6666 | 40266 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:03.559845924 CET | 6666 | 40266 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:03.559880018 CET | 40266 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:03.559926987 CET | 40266 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:03.680301905 CET | 6666 | 40266 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:12.563847065 CET | 40268 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:12.683723927 CET | 6666 | 40268 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:12.683856964 CET | 40268 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:12.683923960 CET | 40268 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:12.804362059 CET | 6666 | 40268 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:12.876807928 CET | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Dec 16, 2024 16:29:13.839173079 CET | 6666 | 40268 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:13.839360952 CET | 40268 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:13.839397907 CET | 6666 | 40268 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:13.839504004 CET | 40268 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:13.959446907 CET | 6666 | 40268 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:22.843421936 CET | 40270 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:22.963860989 CET | 6666 | 40270 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:22.964060068 CET | 40270 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:22.964137077 CET | 40270 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:23.084202051 CET | 6666 | 40270 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:23.115453959 CET | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Dec 16, 2024 16:29:24.104110956 CET | 6666 | 40270 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:24.104254961 CET | 6666 | 40270 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:24.104284048 CET | 40270 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:24.104346037 CET | 40270 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:24.224548101 CET | 6666 | 40270 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:29.258558035 CET | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Dec 16, 2024 16:29:33.108005047 CET | 40272 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:33.228034019 CET | 6666 | 40272 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:33.228257895 CET | 40272 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:33.228257895 CET | 40272 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:33.349446058 CET | 6666 | 40272 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:34.373917103 CET | 6666 | 40272 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:34.374001980 CET | 6666 | 40272 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:34.374166012 CET | 40272 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:34.374258041 CET | 40272 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:34.494143963 CET | 6666 | 40272 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:43.379188061 CET | 40274 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:43.499408007 CET | 6666 | 40274 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:43.499574900 CET | 40274 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:43.499619961 CET | 40274 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:43.619565010 CET | 6666 | 40274 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:44.664551973 CET | 6666 | 40274 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:44.664628029 CET | 6666 | 40274 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:44.664729118 CET | 40274 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:44.664761066 CET | 40274 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:44.784682035 CET | 6666 | 40274 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:53.670257092 CET | 40276 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:53.790672064 CET | 6666 | 40276 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:53.790873051 CET | 40276 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:53.790941000 CET | 40276 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:53.831106901 CET | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Dec 16, 2024 16:29:53.911370993 CET | 6666 | 40276 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:54.958811998 CET | 6666 | 40276 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:54.958884954 CET | 6666 | 40276 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:29:54.959028006 CET | 40276 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:54.959126949 CET | 40276 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:29:55.079257011 CET | 6666 | 40276 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:03.963264942 CET | 40278 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:04.083300114 CET | 6666 | 40278 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:04.083544016 CET | 40278 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:04.083595991 CET | 40278 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:04.203615904 CET | 6666 | 40278 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:05.283525944 CET | 6666 | 40278 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:05.283582926 CET | 6666 | 40278 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:05.283710957 CET | 40278 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:05.283797979 CET | 40278 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:05.404042006 CET | 6666 | 40278 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:14.290209055 CET | 40280 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:14.308192968 CET | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Dec 16, 2024 16:30:14.410665035 CET | 6666 | 40280 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:14.410880089 CET | 40280 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:14.410965919 CET | 40280 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:14.531405926 CET | 6666 | 40280 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:15.588788986 CET | 6666 | 40280 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:15.588843107 CET | 6666 | 40280 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:15.589039087 CET | 40280 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:15.589131117 CET | 40280 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:15.710588932 CET | 6666 | 40280 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:24.594589949 CET | 40282 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:24.714662075 CET | 6666 | 40282 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:24.714879990 CET | 40282 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:24.714915991 CET | 40282 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:24.834784031 CET | 6666 | 40282 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:25.902148008 CET | 6666 | 40282 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:25.902261972 CET | 6666 | 40282 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:25.902543068 CET | 40282 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:25.902652025 CET | 40282 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:26.023422003 CET | 6666 | 40282 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:34.908035040 CET | 40284 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:35.028639078 CET | 6666 | 40284 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:35.028795958 CET | 40284 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:35.937298059 CET | 40284 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:36.057805061 CET | 6666 | 40284 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:36.058002949 CET | 40284 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:36.058046103 CET | 40284 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:36.178350925 CET | 6666 | 40284 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:37.259922028 CET | 6666 | 40284 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:37.259974957 CET | 6666 | 40284 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:37.260189056 CET | 40284 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:37.260284901 CET | 40284 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:37.380276918 CET | 6666 | 40284 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:46.264403105 CET | 40286 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:46.387568951 CET | 6666 | 40286 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:46.387836933 CET | 40286 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:46.387950897 CET | 40286 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:46.507750988 CET | 6666 | 40286 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:47.537755966 CET | 6666 | 40286 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:47.537781954 CET | 6666 | 40286 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:47.538002014 CET | 40286 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:47.538116932 CET | 40286 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:47.661658049 CET | 6666 | 40286 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:56.542819023 CET | 40288 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:56.664367914 CET | 6666 | 40288 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:56.664619923 CET | 40288 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:56.664710045 CET | 40288 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:56.784847975 CET | 6666 | 40288 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:57.837428093 CET | 6666 | 40288 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:57.837464094 CET | 6666 | 40288 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:30:57.837578058 CET | 40288 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:57.837719917 CET | 40288 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:30:57.957570076 CET | 6666 | 40288 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:06.841741085 CET | 40290 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:06.962218046 CET | 6666 | 40290 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:06.962507010 CET | 40290 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:06.962507010 CET | 40290 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:07.082617998 CET | 6666 | 40290 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:08.137588978 CET | 6666 | 40290 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:08.137617111 CET | 6666 | 40290 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:08.137876987 CET | 40290 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:08.138041973 CET | 40290 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:08.257905960 CET | 6666 | 40290 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:17.143137932 CET | 40292 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:17.263215065 CET | 6666 | 40292 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:17.263418913 CET | 40292 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:17.263484955 CET | 40292 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:17.384893894 CET | 6666 | 40292 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:18.421607971 CET | 6666 | 40292 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:18.421808004 CET | 40292 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:18.422979116 CET | 6666 | 40292 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:18.423067093 CET | 40292 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:18.543018103 CET | 6666 | 40292 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:27.427086115 CET | 40294 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:27.547271013 CET | 6666 | 40294 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:27.547477007 CET | 40294 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:27.547477007 CET | 40294 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:27.667352915 CET | 6666 | 40294 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:28.693425894 CET | 6666 | 40294 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:28.693506002 CET | 6666 | 40294 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:28.693614960 CET | 40294 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:28.693754911 CET | 40294 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:28.813766956 CET | 6666 | 40294 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:37.697258949 CET | 40296 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:37.819211006 CET | 6666 | 40296 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:37.819303036 CET | 40296 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:37.819417953 CET | 40296 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:37.943038940 CET | 6666 | 40296 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:38.964862108 CET | 6666 | 40296 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:38.965095997 CET | 40296 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:38.965440035 CET | 6666 | 40296 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:38.965504885 CET | 40296 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:39.085294962 CET | 6666 | 40296 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:47.969805002 CET | 40298 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:48.089692116 CET | 6666 | 40298 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:48.090018988 CET | 40298 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:48.090116024 CET | 40298 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:48.209892035 CET | 6666 | 40298 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:49.237128019 CET | 6666 | 40298 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:49.237267971 CET | 40298 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:49.237472057 CET | 6666 | 40298 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:49.237586021 CET | 40298 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:49.357393026 CET | 6666 | 40298 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:58.241101980 CET | 40300 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:58.361037970 CET | 6666 | 40300 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:58.361207008 CET | 40300 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:58.361227036 CET | 40300 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:58.482258081 CET | 6666 | 40300 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:59.507770061 CET | 6666 | 40300 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:59.507993937 CET | 40300 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:59.508080959 CET | 6666 | 40300 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:31:59.508147001 CET | 40300 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:31:59.628020048 CET | 6666 | 40300 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:32:08.512377977 CET | 40302 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:32:08.632361889 CET | 6666 | 40302 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:32:08.632646084 CET | 40302 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:32:08.632839918 CET | 40302 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:32:08.752778053 CET | 6666 | 40302 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:32:09.782682896 CET | 6666 | 40302 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:32:09.782749891 CET | 6666 | 40302 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:32:09.782969952 CET | 40302 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:32:09.783056974 CET | 40302 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:32:09.903275013 CET | 6666 | 40302 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:32:18.788001060 CET | 40304 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:32:18.908109903 CET | 6666 | 40304 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:32:18.908521891 CET | 40304 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:32:18.908618927 CET | 40304 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:32:19.028413057 CET | 6666 | 40304 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:32:20.066682100 CET | 6666 | 40304 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:32:20.066759109 CET | 6666 | 40304 | 85.239.34.134 | 192.168.2.23 |
Dec 16, 2024 16:32:20.066951990 CET | 40304 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:32:20.066951990 CET | 40304 | 6666 | 192.168.2.23 | 85.239.34.134 |
Dec 16, 2024 16:32:20.188851118 CET | 6666 | 40304 | 85.239.34.134 | 192.168.2.23 |
System Behavior
Start time (UTC): | 15:28:48 |
Start date (UTC): | 16/12/2024 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 15:28:48 |
Start date (UTC): | 16/12/2024 |
Path: | /usr/bin/rm |
Arguments: | rm -f /tmp/tmp.kQ6IpcnAj6 /tmp/tmp.o46WndApTP /tmp/tmp.AFUl6K9Flp |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
Start time (UTC): | 15:28:48 |
Start date (UTC): | 16/12/2024 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 15:28:48 |
Start date (UTC): | 16/12/2024 |
Path: | /usr/bin/rm |
Arguments: | rm -f /tmp/tmp.kQ6IpcnAj6 /tmp/tmp.o46WndApTP /tmp/tmp.AFUl6K9Flp |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
Start time (UTC): | 15:28:51 |
Start date (UTC): | 16/12/2024 |
Path: | /tmp/x86.elf |
Arguments: | /tmp/x86.elf |
File size: | 68452 bytes |
MD5 hash: | 3e7577a2fa2cca1c44fd60bc3d67b64a |
Start time (UTC): | 15:28:51 |
Start date (UTC): | 16/12/2024 |
Path: | /tmp/x86.elf |
Arguments: | - |
File size: | 68452 bytes |
MD5 hash: | 3e7577a2fa2cca1c44fd60bc3d67b64a |
Start time (UTC): | 15:28:51 |
Start date (UTC): | 16/12/2024 |
Path: | /tmp/x86.elf |
Arguments: | - |
File size: | 68452 bytes |
MD5 hash: | 3e7577a2fa2cca1c44fd60bc3d67b64a |
Start time (UTC): | 15:28:51 |
Start date (UTC): | 16/12/2024 |
Path: | /tmp/x86.elf |
Arguments: | - |
File size: | 68452 bytes |
MD5 hash: | 3e7577a2fa2cca1c44fd60bc3d67b64a |