Edit tour
Windows
Analysis Report
Browser.Daemon.exe
Overview
General Information
| Sample name: | Browser.Daemon.exe |
| Analysis ID: | 1578858 |
| MD5: | 294a647f4efd42428dc119f961416b76 |
| SHA1: | bb39ff1d015ca479e9f9c1a78648ba8aa525e159 |
| SHA256: | bfd96babeb4eae22aa2ad642d036c1f57525cf709cf8481b930329f298f208ea |
| Tags: | BrowserDaemonexeuser-NDA0E |
| Infos: |  |
 | |
Detection
| Score: | 52 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Multi AV Scanner detection for submitted file
.NET source code contains a sample name check
Abnormal high CPU Usage
Allocates memory with a write watch (potentially for evading sandboxes)
Binary contains a suspicious time stamp
Contains long sleeps (>= 3 min)
Creates or modifies windows services
Detected potential crypto function
Enables debug privileges
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
HTTP GET or POST without a user agent
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
Modifies existing windows services
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
Queries sensitive Operating System Information (via WMI, Win32_ComputerSystem, often done to detect virtual machines)
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Sigma detected: Wow6432Node CurrentVersion Autorun Keys Modification
Suricata IDS alerts with low severity for network traffic
Uses insecure TLS / SSL version for HTTPS connection
Classification
- System is w10x64
Browser.Daemon.exe (PID: 7260 cmdline: "C:\Users\ user\Deskt op\Browser .Daemon.ex e" MD5: 294A647F4EFD42428DC119F961416B76)
- Browser.Daemon.exe (PID: 7664 cmdline:
"C:\Users\ user\Deskt op\Browser .Daemon.ex e" MD5: 294A647F4EFD42428DC119F961416B76)
- cleanup
⊘No configs have been found
⊘No yara matches
| Source: | Author: Victor Sergeev, Daniil Yugoslavskiy, Gleb Sukhodolskiy, Timur Zinniatullin, oscd.community, Tim Shelton, frack113 (split): | ||
| Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2024-12-20T15:51:17.565673+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 49738 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:51:22.218684+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 49740 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:51:25.491574+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 49745 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:51:44.000115+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 49751 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:52:08.138686+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 49780 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:52:34.818054+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 49844 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:52:44.052675+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 49868 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:52:50.342714+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 49885 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:52:53.648319+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 49895 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:53:20.825223+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 49962 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:53:27.084053+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 49979 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:53:42.992284+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 50019 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:53:46.100950+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 50028 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:53:49.484922+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 50036 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:54:05.930525+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 50057 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:54:15.861786+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 50060 | 82.156.94.47 | 443 | TCP |
| 2024-12-20T15:54:28.544429+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 50064 | 82.156.94.47 | 443 | TCP |
| 2024-12-20T15:54:31.664615+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 50065 | 82.156.94.47 | 443 | TCP |
| 2024-12-20T15:54:34.748676+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 50066 | 82.156.94.47 | 443 | TCP |
| 2024-12-20T15:54:37.828948+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 50067 | 82.156.94.47 | 443 | TCP |
| 2024-12-20T15:54:41.679090+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 50068 | 82.156.94.47 | 443 | TCP |
| 2024-12-20T15:55:02.204211+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 50074 | 82.156.94.47 | 443 | TCP |
| 2024-12-20T15:55:06.628181+0100 | 2803305 | 3 | Unknown Traffic | 192.168.2.4 | 50075 | 82.156.94.47 | 443 | TCP |
Click to jump to signature section
Show All Signature Results
AV Detection |   |
|---|
| Source: | ReversingLabs: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | IP Address: | ||
| Source: | JA3 fingerprint: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Process Stats: | ||
| Source: | Code function: | 0_2_01265C80 | |
| Source: | Code function: | 0_2_01266898 | |
| Source: | Code function: | 0_2_01262E40 | |
| Source: | Code function: | 0_2_01265FC8 | |
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Classification label: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | Mutant created: | ||
| Source: | Mutant created: | ||
| Source: | Static PE information: | ||
| Source: | Static file information: | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | ReversingLabs: | ||
| Source: | Process created: | ||
| Source: | Process created: | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Binary string: | ||
| Source: | Binary string: | ||
| Source: | Static PE information: | ||
| Source: | Registry key created: | Jump to behavior | ||
| Source: | Registry key value modified: | Jump to behavior | ||
| Source: | Registry value created or modified: | Jump to behavior | ||
| Source: | Registry value created or modified: | Jump to behavior | ||
| Source: | Registry key monitored for changes: | Jump to behavior | ||
| Source: | Registry key monitored for changes: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
Malware Analysis System Evasion | |
|---|
| Source: | .Net Code: | ||
| Source: | Memory allocated: | Jump to behavior | ||
| Source: | Memory allocated: | Jump to behavior | ||
| Source: | Memory allocated: | Jump to behavior | ||
| Source: | Memory allocated: | Jump to behavior | ||
| Source: | Memory allocated: | Jump to behavior | ||
| Source: | Memory allocated: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Window / User API: | Jump to behavior | ||
| Source: | Window / User API: | Jump to behavior | ||
| Source: | Thread sleep count: | Jump to behavior | ||
| Source: | Thread sleep count: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep count: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | WMI Queries: | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Process information queried: | Jump to behavior | ||
| Source: | Process token adjusted: | Jump to behavior | ||
| Source: | Memory allocated: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Key value queried: | Jump to behavior | ||
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 1 Windows Management Instrumentation | 2 Windows Service | 2 Windows Service | 1 Masquerading | OS Credential Dumping | 1 Query Registry | Remote Services | 1 Archive Collected Data | 11 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
| Credentials | Domains | Default Accounts | Scheduled Task/Job | 1 Office Application Startup | 1 Process Injection | 1 Disable or Modify Tools | LSASS Memory | 111 Security Software Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Ingress Tool Transfer | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | At | 1 Registry Run Keys / Startup Folder | 1 Registry Run Keys / Startup Folder | 141 Virtualization/Sandbox Evasion | Security Account Manager | 1 Process Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
| Employee Names | Virtual Private Server | Local Accounts | Cron | 1 DLL Side-Loading | 1 DLL Side-Loading | 1 Process Injection | NTDS | 141 Virtualization/Sandbox Evasion | Distributed Component Object Model | Input Capture | 3 Application Layer Protocol | Traffic Duplication | Data Destruction |
| Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 1 Timestomp | LSA Secrets | 1 Application Window Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
| Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 DLL Side-Loading | Cached Domain Credentials | 22 System Information Discovery | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 42% | ReversingLabs | Win32.Trojan.Jalapeno |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| bj.file.myqcloud.com | 82.156.94.45 | true | false | high | |
| market-1304768263.cos.ap-beijing.myqcloud.com | unknown | unknown | false | unknown |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false | unknown |
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false | high | |||
| false | unknown | |||
| false | unknown | |||
| false | unknown | |||
| false | high | |||
| false | unknown | |||
| false | unknown | |||
| false | unknown | |||
| false | high | |||
| false | high | |||
| false | unknown | |||
| false | unknown | |||
| false | high | |||
| false | unknown | |||
| false | high | |||
| false | unknown | |||
| false | high | |||
| false | unknown | |||
| false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 82.156.94.47 | unknown | China | 12513 | ECLIPSEGB | false | |
| 82.156.94.45 | bj.file.myqcloud.com | China | 12513 | ECLIPSEGB | false |
| Joe Sandbox version: | 41.0.0 Charoite |
| Analysis ID: | 1578858 |
| Start date and time: | 2024-12-20 15:50:05 +01:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | 0h 6m 51s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | default.jbs |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 13 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Sample name: | Browser.Daemon.exe |
| Detection: | MAL |
| Classification: | mal52.evad.winEXE@2/63@5/2 |
| EGA Information: | Failed |
| HCA Information: |
|
| Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, WmiApSrv.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 172.202.163.200, 13.107.246.63
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
- Execution Graph export aborted for target Browser.Daemon.exe, PID 7260 because it is empty
- Execution Graph export aborted for target Browser.Daemon.exe, PID 7664 because it is empty
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing behavior information.
- Report size getting too big, too many NtDeviceIoControlFile calls found.
- Report size getting too big, too many NtEnumerateKey calls found.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtProtectVirtualMemory calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Report size getting too big, too many NtQueryVolumeInformationFile calls found.
- Report size getting too big, too many NtReadVirtualMemory calls found.
- VT rate limit hit for: Browser.Daemon.exe
| Time | Type | Description |
|---|---|---|
| 09:51:10 | API Interceptor | |
| 14:51:04 | Autostart |
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 82.156.94.47 | Get hash | malicious | Unknown | Browse | ||
| Get hash | malicious | Unknown | Browse | |||
| 82.156.94.45 | Get hash | malicious | Unknown | Browse | ||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse |
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| bj.file.myqcloud.com | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | GhostRat, Nitol | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | AgentTesla, Amadey, Creal Stealer, Djvu, FormBook, Glupteba, GuLoader | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| ECLIPSEGB | Get hash | malicious | Mirai | Browse |
| |
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai, Okiru | Browse |
| ||
| Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
| Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
| ECLIPSEGB | Get hash | malicious | Mirai | Browse |
| |
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | HTMLPhisher | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai, Okiru | Browse |
| ||
| Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
| Get hash | malicious | Gafgyt, Mirai | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 54328bd36c14bd82ddaa0c04b25ed9ad | Get hash | malicious | Snake Keylogger | Browse |
| |
| Get hash | malicious | MassLogger RAT | Browse |
| ||
| Get hash | malicious | GuLoader, MassLogger RAT | Browse |
| ||
| Get hash | malicious | GuLoader, MassLogger RAT | Browse |
| ||
| Get hash | malicious | GuLoader, Snake Keylogger | Browse |
| ||
| Get hash | malicious | MassLogger RAT | Browse |
| ||
| Get hash | malicious | GuLoader, Snake Keylogger, VIP Keylogger | Browse |
| ||
| Get hash | malicious | Snake Keylogger, VIP Keylogger | Browse |
| ||
| Get hash | malicious | Snake Keylogger | Browse |
|
⊘No context
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | modified |
| Size (bytes): | 1687 |
| Entropy (8bit): | 5.338930762014548 |
| Encrypted: | false |
| SSDEEP: | 48:MxHKlYHKh3ouHgJHreylEHMHKo/tHo6hAHKzeR:iqlYqh3ou0aymsqwtI6eqzm |
| MD5: | 15E04367C03184DCF6E0D75C17713029 |
| SHA1: | ED1BF186345A11D8B4741F52B9DDCCE8702C8A12 |
| SHA-256: | C10A3B6F0C9F3DA0C85A63F296C3E027E486BC174FFDDA6371B00AE605799D76 |
| SHA-512: | EE9ADFDF176D8171AFB95920C265CBE5AC652D34990CF924E491C06337929BBDBF9EEEADE96EFB7943D07C25D66D634F49FD9C2B4CFFE072747FAD7E40ED4618 |
| Malicious: | true |
| Reputation: | moderate, very likely benign file |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 359 |
| Entropy (8bit): | 6.251691969248054 |
| Encrypted: | false |
| SSDEEP: | 6:dlIpAIO6lSD2ohpxADn4Rw2KSS0al6LmAMGbCeXAzb+EhKh0ZMofJHv:/jZDVpxq2iBtXJRyuJP |
| MD5: | 5399118D6FD67D3C4380D350C68656BB |
| SHA1: | 19C65D08F4DD7A2E12709614385FCA6FE5D3C055 |
| SHA-256: | 51B98382835ED60E3A8D2826A77E6CE213FE36531724B5072DA0A3209FBE43C1 |
| SHA-512: | 3BCA044037C29F67F84D0079CA2BC04069ADCBD39E5468B52798FF691C18FF156742968D4810E02A11E893C3F30EDC21BB2D1CE0E0E256AF8907A08E527329F3 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1 |
| Entropy (8bit): | 0.0 |
| Encrypted: | false |
| SSDEEP: | 3:W:W |
| MD5: | ECCBC87E4B5CE2FE28308FD9F2A7BAF3 |
| SHA1: | 77DE68DAECD823BABBB58EDB1C8E14D7106E83BB |
| SHA-256: | 4E07408562BEDB8B60CE05C1DECFE3AD16B72230967DE01F640B7E4729B49FCE |
| SHA-512: | 3BAFBF08882A2D10133093A1B8433F50563B93C14ACD05B79028EB1D12799027241450980651994501423A66C276AE26C43B739BC65C4E16B10C3AF6C202AEBB |
| Malicious: | false |
| Reputation: | moderate, very likely benign file |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4035 |
| Entropy (8bit): | 6.170395618201696 |
| Encrypted: | false |
| SSDEEP: | 48:opMbMNM2MYKpM1pMYiMYV35YXlT17EwwwYwYLuEYK7E17EYgEYV3eLvPYXlAwWwW:onKmE2rKoUeYKKzgOlRvKAY5 |
| MD5: | 9C7056E80ABCF16D580D5F8A801B228B |
| SHA1: | DCB5CD8932DEE37537BEA605C2FBAD244B58A30D |
| SHA-256: | 5CE680C84D2084C0DCCDFF3CBD677797B4D8F7BCDFB0DAF2E3E010ED84E61530 |
| SHA-512: | 6322F4AA113281533F5ACD1EB6A6EE02109EA32BA88CC98016B028EF8778454635E794FCF731FD45954223C2A9DEE1A83DC883221710D747467CC4F885C2436F |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 4048 |
| Entropy (8bit): | 6.151986356629609 |
| Encrypted: | false |
| SSDEEP: | 48:ofLYXlYLw2LwY2LYLyYKp1pYkYV3VYXlLwBwYBYLHxYKux1uxYdxYV3YYXlGwEwi:ofgYdWwKX4qKKaEhtKWoDnKtc5 |
| MD5: | 711C7F8F6F7D41D4D16DD04FE10ABC2D |
| SHA1: | 74622DFB1C5F26F4A2DE04E34C81B8FDE51EA9ED |
| SHA-256: | 9FC724701E3A91466C78992574E2D82CABCE061D9668E4802AD6FF923AE8947E |
| SHA-512: | ECC855CB11A4AA7D509A667FF5C4C10BF3D5D9085208D2C8C32E7F2DCD085FED5D44D57BD8C97248C1F9F429E63957D9D886FCA8961F682E3D17A944C0602F75 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 5060 |
| Entropy (8bit): | 6.150327427044957 |
| Encrypted: | false |
| SSDEEP: | 48:o3YXlow5wY5YLoYKj1jYWYV301YXlpwPwYPYLK9YKL91L9Yw9YV3RYXl8wqwYqYR:oE0Kx0pRKvIu3KqgUhKT4neHkGKpI5 |
| MD5: | 52E182B2DF14198874871A38BC7C2F7C |
| SHA1: | 444B8104F4DDB1B4B3C5256BFE81291E48A81EA4 |
| SHA-256: | 15C41B9CAC2ED0C95393D0CF6BDE71C46AE8FCE1F4906AE87630383BCFE938E8 |
| SHA-512: | C399367A76E9D9274FDD4E481D176313012A9C0E8AEB2659F605E94B1CE1DD97C2F65AE3121D3B0E5C23B1B930238C69D919A3E4E5B41C65752B750B7BFBAF95 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 3036 |
| Entropy (8bit): | 6.164879176829612 |
| Encrypted: | false |
| SSDEEP: | 48:omYXlxw0wY0YLLYKs1sYFYV3uYXlkwCwYyYL5YK212YbYV36YXlqwswYsYL5YKWA:ov+Kc03XKe4rVK+45 |
| MD5: | E22756ECF13A48EB4F8FD41B04BDE28C |
| SHA1: | FA2ED96B73695B9CB9ED4E20514BD3F97E25A606 |
| SHA-256: | 0CC2F2212A9DCCD5FBEC527898D5D80E841CFC04332578D8D6CE673C4A1E21E5 |
| SHA-512: | 2ADC9E5A368C96597C4B1D4C8ACF3C722FF489AB9C62468FD9295DCE246615629058D3FEF4D90EA7569BEFA8CAFBDDB7728C288260FB0CD789F1010941EC59B7 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 2024 |
| Entropy (8bit): | 6.131653643595925 |
| Encrypted: | false |
| SSDEEP: | 48:oXYXlEwiwYiYLxYKa1aYjYV3DYXlcw2wY2YL7YKs1sYNYV35:okDKikYlKc85 |
| MD5: | DDF72980D08241CB13AB9D5AC9FCD609 |
| SHA1: | 77FE1D3ED45CC476AAF21CE2B2AD300753EA8D20 |
| SHA-256: | D455736C7F5814C813C37D1D5C6F154670FC32600801ED7EE18B09C110A67D86 |
| SHA-512: | 2FAFFB79EF1FA96637A1FC78E520F4B4B5F9ACFD890AB42400952AD1EC73ECA8EF5985BC827CE6D359040E5881DEF5A024D3D1B44DB2AF1BA2704F23CC493FCC |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1012 |
| Entropy (8bit): | 6.157629493732267 |
| Encrypted: | false |
| SSDEEP: | 24:oHtjYmadZR7fjwljwYw4jYmD1UIxjYKDj1DjYmNjYm+35:oHBYXlrwpwYhYLMYK313YiYV35 |
| MD5: | 88F3FE17512F965520EA3F9CDC3BA15F |
| SHA1: | 127B824D408AEBD7BFDB10854F61387C149FBB87 |
| SHA-256: | 6E9374CC71C49F8F4331E1769C29F91DEC949A7752629894824B19D30F467DFE |
| SHA-512: | A3923C6633F8F76C5E220B97BABCFE5628A73DEE9ADC0AF79398866B11516FBF792959C67AB0D468E9106A0729F0F0D49F702C4AE11978938098523338B03D0C |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1012 |
| Entropy (8bit): | 6.163100630021208 |
| Encrypted: | false |
| SSDEEP: | 24:ogjYmadZR7tjwnjwYP4DjYmD1UIWjYKUj1ojYmijYm+35:oWYXlBwjwYmYLRYKC1OYvYV35 |
| MD5: | 1417D9B78AA994C0AD3A531AC879BC7A |
| SHA1: | 09BC3202E5F5D9DB572976849AB6456784DBB23E |
| SHA-256: | 887B6E725B7C171E058D8D187C9033CE501186CC8D68FD983B4E3705FD9B61F3 |
| SHA-512: | E4F590D57AD34672A8BF747437D393E7E989840E85EB1A1669E0B7402434E534A2EFD4141E5F2890460EC772BE89757B3A9A32B03C9C15180D300172C0EDA2A8 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.139820760411962 |
| Encrypted: | false |
| SSDEEP: | 24:o0jYmadZR7injwcDjwYcDjYmD1UIOjYKOj7Czaaj1/jYmZ/jYm+35:oiYXlmwowYoYLBYKE76n1LYmLYV35 |
| MD5: | A08D9A8D241906B4B1810F0A25839886 |
| SHA1: | FE704E10EBC84B1E56B10CE46D7CBB09DF5DDA96 |
| SHA-256: | BEABDBD14DC882044C32D5FD3E6D5FAD2B47C0FB1763D338184F9E1EF31586BD |
| SHA-512: | 24CA2F24FED00A3D1943B2555EEF8E73B19589BB45FAAD919ECEA2EEE368314EE485E10FD651B8B476BB9EE0B118A0DE3417DB58379A730E1073D53AEA1D6515 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.135046784079242 |
| Encrypted: | false |
| SSDEEP: | 24:oOjYmadZR7Njw/jwY/jYmD1UI6jYKsj7CzaSj1mHjYmAHjYm+35:oEYXlhwLwYLYL1YKK76T1KYnYV35 |
| MD5: | 576F93ED928BF59C0982CFD02E9CE625 |
| SHA1: | 543A70F9723237A7EB6443CC9DCE21B49ECDEEE6 |
| SHA-256: | FF702E0B254A5AA3BABDD531D1840285CAB0E556C9165EE884E671EB955C2B3C |
| SHA-512: | 9011AFD03C3DAAE45F9B7CEC6FA3F3270445A38E81B37234EC46C905AB63CA4A784FCF1E67AF5F9CEC9CF6BDB113B20413EC6F2F5D04452C511A0CF6FFDD444B |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.135559276801449 |
| Encrypted: | false |
| SSDEEP: | 24:oimjYmadZR7cDjwYjwYYjYmD1UI/4jYKl4j7CzaMj17jYmZjYm+35:otYXlc3wewYeYLfYKw76t1fY+YV35 |
| MD5: | DEA5E338A6721C17F2DE3E72CB6BDA1D |
| SHA1: | 2A0BDAC66D357CDBB6A613CCF02D7FCDF982B3E3 |
| SHA-256: | A09E6CD45156754286F2ECE1F10CE4A9DF2C7D9F5400911069AF6EC000716429 |
| SHA-512: | 5B1EFC17F05DF363F67EA9A61E0FCC76060E44A5391D3DAACDF7823C45FB229DD460B3FC57BBB58C8B02F97D20652A1FA0581C38F32C04D72F15C7606414D00B |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.159685423281451 |
| Encrypted: | false |
| SSDEEP: | 24:oP4jYmadZR76jwRDjwYzjYmD1UIaOjYKAH/j7CzakH/j1KjYmw/jYm+35:o2YXl4wR3wYHYLlEYKAHL76NHL1oYDY/ |
| MD5: | 54C536C3F95A424919169B38F1372D4D |
| SHA1: | B980D744F2EFAEAA023F5DE2A66629875325EEC3 |
| SHA-256: | 9F8DC065FC162457ED82DC45C9AEC1B69678647E28C90916C4E0B8A95FEC9039 |
| SHA-512: | 20239F46A6CA78F516BA298DC5BFDA7AB563DF44781BCA2DCC8225EAA8B34AF0FBF21A132F679B4340B990EC2466FEC0D7FE2B9410B42A3E7D6FD2A586508785 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.137646753416907 |
| Encrypted: | false |
| SSDEEP: | 24:oV8jYmadZR7kjw+jwYmjYmD1UIHjYKFj7CzaR4j1q4jYmOjYm+35:oEYXlywUwYMYLOYKJ76j13YnYV35 |
| MD5: | B791083D6D5667691A5B6DA83D06F816 |
| SHA1: | 9CF8CAE0691578D33DE9C8758C1A55CDD8F55E10 |
| SHA-256: | 12B2E0C62A21426D09ED72C2359B2B1784AAD0AF75F969DD70AECB2C8C65A38A |
| SHA-512: | 5509A11E33FA0EBECAD3CC69D351EDCBB4408E2F73919D3610E7E61F484B34F2D126F7076B328D263BD63094938E8882D517453A39843AC638BA0339204695A1 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1304 |
| Entropy (8bit): | 6.069071185029075 |
| Encrypted: | false |
| SSDEEP: | 24:onjYmadZR7Enjwa0/jwYGjYmD1UIKjYKbj7Cza3j7Cza4Dj1AjYmoAjYm+35:ojYXliwxwYsYLxYK/76s76J12Yr2YV35 |
| MD5: | 9FCF79A97143D4B3BC0BC74BE7EA60E0 |
| SHA1: | CB77A7ACCC41801609CC210CE39DF4E6D751BAF8 |
| SHA-256: | 3645CF464CA227D82C3E88AC5A0B96B020DB6990DD13D241DCC5638CA026AA37 |
| SHA-512: | 677A5B2580525D371567B7380283613AE70C9C33D99345BCAFC58A6F85EF5BA44DF85213441203F08268D7F3787ED99BA4E67A0D707D31E54271795875EDC93D |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.14108231026827 |
| Encrypted: | false |
| SSDEEP: | 24:oZAr/jYmadZR76jwDjwYDjYmD1UIm/jYK2+4j7CzaQj1jjYmtjYm+35:ooLYXl4w3wY3YL7LYK2L76p1XYqYV35 |
| MD5: | EB4F684AF21E94400C3083EA105C0D2F |
| SHA1: | C5B7E11DDC071C06BDC981C6A0823130E7596A67 |
| SHA-256: | E30133F7DCEBDE9027896868C3637607D02C3881E11E6126EE21268F4E1F82CC |
| SHA-512: | 61A92523097D367AD103C81EF412E2716ED4D52F99C698B2C335CD63C6A7F93BB3718980CF6579BC0376679BFCDC00E9788BB2170ECDC32A85CA19161CB292FA |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.139368759466927 |
| Encrypted: | false |
| SSDEEP: | 24:otjYmadZR7AjwPjwYEn4jYmD1UIzjYKh4j7Czaq4j1CjYmvjYm+35:oBYXl2w7wYE+YLOYKk76c1QY8YV35 |
| MD5: | E796A5DBE6FC4D59EA595AEA1FC9E0BB |
| SHA1: | E53816B6E242484E3FD2A366D807562D444F8C90 |
| SHA-256: | 2AA2403610DE471F06E24013F491884B4E77ACFC8D3BB2D63AB7E1013A400C26 |
| SHA-512: | 4FC0C5E43B64E1345322F2F6C65F2B3CEF2D5329C2AB3C005217761B1FD15F13AEC5FDF3D4632A9DA3EA76B752870C85E9D06BC22384CC2DA9CF751C899A32A1 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.135101600746602 |
| Encrypted: | false |
| SSDEEP: | 24:odjYmadZR71jwXbjwYIjYmD1UIojYK8j7Czaovj1mjjYmcmjYm+35:oRYXlZwPwYuYLXYK676lb10Y+YV35 |
| MD5: | 674E1ED550B637901C9654CF24EF924D |
| SHA1: | F2178A6E793DB56C4D43D2BFDA37AA00F17418F1 |
| SHA-256: | 39A7DE779CB371E6DE686B7416F5B91DDF62A3E66D8B555988E28AE3A3FCC177 |
| SHA-512: | A5E4C00A075A92BB2B23D7ED20E99F160C6DB9CC0F8082FD3B7D40EB9E9037FCAD213258933870E68DFF510E303A1A895F21EEEAA9534F75E857226847BEDD2F |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.127687258364465 |
| Encrypted: | false |
| SSDEEP: | 24:obOn4jYmadZR7nGjwZE4jwYZ0jYmD1UItx4jYK2j7Czabj1AjYmxjYm+35:obO+YXlswnwYoYL3YK876U12Y6YV35 |
| MD5: | C38CD76E282815B0848002E46190419B |
| SHA1: | A4E84EFF6139CC2DC630938B20F7883FBC16F222 |
| SHA-256: | B57B29A29A47067DDB203A3B29489A24521D7137879501753FC4C513E1CA658A |
| SHA-512: | 466C40819B27F65142157A872247244481947964E33F28633BB343B6C4A65A427842D192E9B7BE1552A6CC2B3029F019EB7D887909CF3065E378869430561623 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.139935956586272 |
| Encrypted: | false |
| SSDEEP: | 24:oRjYmadZR74r/jwpjwYyjYmD1UIQjYKN4j7CzaG3/j1AjYm0jYm+35:odYXlCwFwYgYLbYKI76l3L12YZYV35 |
| MD5: | 146B8699CB0988A0FE68A17CF2651E33 |
| SHA1: | 4A0308D132851268E26D60A21CAE45AA1A95110B |
| SHA-256: | CD94176631F59AF19F5E6209D7C3B1AEB1CD29018FF4E3091AB4E1C3A6E73B8B |
| SHA-512: | D63997D14987E07BA802231C1AB102F74FC08115AF37B27EC9276D012CF90EF2AC52910D4BF5C0D321A6311182627E1072B391154DA05DB4A43D9A3AFC40C8E9 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1450 |
| Entropy (8bit): | 6.03831027964594 |
| Encrypted: | false |
| SSDEEP: | 24:opjYmadZR7j4jwJjwY3jYmD1UIr4jYKUOj7CzTnj7Cz2Flj7Czw/j10DjYmQjYmU:oFYXlSwlwYTYLe+YKN76/76476i103YC |
| MD5: | 7721245E6877E0D68BEC1BC916A9304D |
| SHA1: | 6670438E7542CE839772AFA4D8453759FFE3A470 |
| SHA-256: | 169F5A1C716E0E05953EE3A62FCB67841B57262FF8B8B3ADFA7C6ADB81C0DEA4 |
| SHA-512: | A8714B4C6A5192A58F0252846F7FE519A8B0C67B57808768C276F1A4E2891F1A0A07FA1F4376EF449D0758030CEF86C92B5B3EAA7B7B554C34C16EC4D9568302 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.128140089008155 |
| Encrypted: | false |
| SSDEEP: | 24:oWhjYmadZR7zQ/jwhj4jwYhtjYmD1UIQAjYKWrj7CzYn4j1Ww4jYmMNjYm+35:oWNYXlzQLwhSwYhBYL32YKWv76Y+1Wwm |
| MD5: | 6D7A19CA049E57BEB59420CB0ECDE575 |
| SHA1: | 762217D5A35E1EF143EA3B98FF1CAB40268CA7AF |
| SHA-256: | 3201C13454C907E5CFEA67FE5D34CB0E39C44A4B7594078D3CE8188DA5D6FD4B |
| SHA-512: | 899E561304D9978A67922BDFBDBBB61D6F81C62EFBDB327CEC15901ED6062D363EFC6F367EDB223B84D1FEAC95CB7107C722310E0AD8EF9C5D95213F989AAD18 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1304 |
| Entropy (8bit): | 6.107043671016919 |
| Encrypted: | false |
| SSDEEP: | 24:opjYmadZR7iesjw0m/jwY+jYmD1UIhjYK2Szj7Cz8zj7CznCzj1GzjYmkzjYm+35:oFYXlieKw0mLwYUYLQYKJH768H76nCHc |
| MD5: | 861D4CDDF13717A2FE0CED1940CB6AB5 |
| SHA1: | 733B884835520285939A906B0E1959F930459608 |
| SHA-256: | 0C15462D5A16BFAF47AFDD291D025B2D3E684B24C76686A668F9638EA7259FF7 |
| SHA-512: | E484845DC63581E47F423FAADFD31997ED12AB51E37B9D6D61102845911A4F8A6CA5AE166122F2C19A8B8DDDFEE75048965A3E192417A47FEA7D0381325D6853 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1304 |
| Entropy (8bit): | 6.092002943593572 |
| Encrypted: | false |
| SSDEEP: | 24:oM/jYmadZR7//jwRU4jwYqj4jYmD1UIOWjYKAj7Cz87j7CzlDj1/DjYmlsjYm+35:o8YXlDwLwYqaYLSYK276k76h1/YiKYVJ |
| MD5: | 276A011CAA6573EEC535DC43A7FF5F71 |
| SHA1: | 2E301C50988544EE7E885AB85429A6A6EEABC0AE |
| SHA-256: | 93D8A85CFE0790CF7159F2B759811538CB92689C8125AAC41383E2291BF0F5F2 |
| SHA-512: | 54AD27EFC24CE644B735B447DFDBBA66724171644D14FFB4B0C232DC0B4FF85BC4C41B16109AB6BA77DE4B38BD135BD0DE67F34419B3BDC570039787F24B8C83 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1012 |
| Entropy (8bit): | 6.14521862922967 |
| Encrypted: | false |
| SSDEEP: | 24:odEjYmadZR7uVjwcu/jwYcSjYmD1UInjcjYKdtt4j1dRjYm7FjYm+35:oIYXlMwdLwYbYL4aYK7o1zYWYV35 |
| MD5: | D48952A620E747F109736297875B3E5A |
| SHA1: | 8FAF2CA53D18DBCD04DF296F54E4C74AB15394F9 |
| SHA-256: | 8287598203BCAA20316D8216DA820541121AC165B720BA5AF1CDA74AD437DD27 |
| SHA-512: | 010DCDFB3F83C004E5E0488DDBE64BB16DF5AB1DB5D8931679591A422449215883E2E8A5B07845C1B7326D167B4CA9B814456CA1A66294042C7D0E8BADF80979 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.142072172237401 |
| Encrypted: | false |
| SSDEEP: | 24:oKjYmadZR71jwtDjwYr/jYmD1UIajYKta4j7CzNj15jYmmjYm+35:ooYXlZwt3wYrLYLZYKtH76h11Y/YV35 |
| MD5: | EF9AE7D9C551FD087BAF4FAC7F08D01A |
| SHA1: | 70AA18E03EE10E59E7716E07B11C7356A258760D |
| SHA-256: | 3BEEEF0DB5E126C040FB23EF7233D3E508D20042C4B92E72EFBF0256F6BEF1B7 |
| SHA-512: | 0E6A66330D77692E14F14DC2410B686065DF9A0A2796F83884C00C6A7470ECC021A06481FEC0F4510AAF4C6E6ADCD150101A80AA69406F050149682108AE34A9 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1012 |
| Entropy (8bit): | 6.143066468490463 |
| Encrypted: | false |
| SSDEEP: | 24:oMjYmadZR7njw1jwYzjYmD1UI4jYKX/j1tjYmZ/jYm+35:oqYXljwZwYHYL7YKXL1BYMLYV35 |
| MD5: | C6BB8590F58393FEB730A9C638733BC8 |
| SHA1: | B73D5EB9E8A397AA7448C3BB52CCFE89A15D5678 |
| SHA-256: | AED89B9D8364FFCB897736A3FE17F74AA6A41221EF79BCEBDFFFB4E7A05BA532 |
| SHA-512: | ADD8432E487571470B4ECB4E72F63D2375A5FC79C647C9C61F81EF50B6D6037E5FE0A5AC1419657B3DA4C580BC6E9CC99E50442EAD535E5924624224B6021264 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 238 |
| Entropy (8bit): | 5.71934478108722 |
| Encrypted: | false |
| SSDEEP: | 6:o9QO1Xo8/BZf3tim6GQzGA3dZHxRSS0al6LmAMGbvZaJn:oRXowj3timZ0dZHx5BT |
| MD5: | 6F89CE12B2347E7FF1805CB85487BAE9 |
| SHA1: | 661BFEDDCD04FAC01FB48FB926E6AD183CEF5752 |
| SHA-256: | B9FD0E194C2CDB77244023FC06536B4AB52F23514281B4C700B2F151C6BF299C |
| SHA-512: | A4BE1EBDB47002DE31D69026D2907799EDBCF7D898151512381540BBBA9D7B2B824DC1C2A4660DBC0F0D98758B7BDDE484F86302F360ECCB662FD348979A74F4 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 774 |
| Entropy (8bit): | 6.097816079881012 |
| Encrypted: | false |
| SSDEEP: | 24:o2Djw9jwYQjYmD1UIbjYKCj1bz4DjYmj/jYm+35:o23wxwYmYLCYKQ1bz43YKLYV35 |
| MD5: | 6C3006B8662859D94E86B73382649485 |
| SHA1: | 7C9846E0A15AF9A91286359CC80076E13082DA16 |
| SHA-256: | 7D855CB46D5E4AF461B83F0FE91602CA92862950A35FC7125BD5A197A20D3D2A |
| SHA-512: | 4211C996E43C408508234D842FEBBEB6208CB94A5DB66BCFCE607DE12BB991CE2794ECC542DF1AF941697D0BB9D26A7AD1F5F4C929C404C7E57194D90813A79F |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1304 |
| Entropy (8bit): | 6.08319366607465 |
| Encrypted: | false |
| SSDEEP: | 24:obJa4jYmadZR7yssjwggjwYgx7jYmD1UI9Oo4jYKbAj7Cz3Aj7CzqLj1bSjYm5/c:oFHYXl2wvwY0YLtpYKi76m76M1MYyYVJ |
| MD5: | 45AC730B90C682FFF7C1A78F32DAFC65 |
| SHA1: | 2EF0B4169165B2A5B5C892AA05F1C3A831860874 |
| SHA-256: | 17A3E0EAD4D627B2217537D696CB27E6503D4D171085A338F9CD6062E71E7402 |
| SHA-512: | 4C1F6F2B2866AC53413E490694EF44C1415EE090C2CA3C13C0300B913C25902251C4051D89DACC928B9C61FCF01B97AE53961035D4385676B81BC38D87061DE8 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 343 |
| Entropy (8bit): | 5.915511981413108 |
| Encrypted: | false |
| SSDEEP: | 6:o9QONIlBZf3tim6GQzGA3dZHxRSS0al6LmAMGbvZaJrOnBZf37MStGiZIn:opIlj3timZ0dZHx5BSj37MaC |
| MD5: | 0E6114A30E69BD7945D9C7EE2CD17A30 |
| SHA1: | 881FB11A622F3EFCAB8E2A4EA206C2CFBAD7EED7 |
| SHA-256: | 9E30D5BDD48CE17263441C988B9AC2576E55135431FD41350385D626725FDFE0 |
| SHA-512: | 050258BC5886D3A59BD5C131740134791739DCCB3471C661BB38AFE051E96AA378B6DC6CA6096096C3FBF651206FC34627F6B8BAFB114E756990C4691803C631 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 961 |
| Entropy (8bit): | 5.993221760296832 |
| Encrypted: | false |
| SSDEEP: | 24:ow/jwYamjYmD1UI6JjYKK/j7CzVj7Cz4j1ZjYmp/jYm+35:owLwYjYLXlYKKL76576+1VYYLYV35 |
| MD5: | F42AF8E23FCC1E9EAC73246EC93DCB2A |
| SHA1: | 25C7D03C5548BCA6D0E4894E94A8DC7A0AB8862A |
| SHA-256: | 3D5622FCCC6B768104D06306647167F96C73B1D5AD19F49912719292FBEFCF38 |
| SHA-512: | F8FCF136874B055F9C7EF7E025066064716AF7E798C34671DEBF80F06DFB72D8F7D94017F17DA0F5D2CC616C4C73DDBE7C0BD9A00495863C9D7CABF864D18B7E |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.1199016217759175 |
| Encrypted: | false |
| SSDEEP: | 24:oVHjYmadZR7Ug5jwui/jwYufjYmD1UIzyM4jYKVyaj7CzSbj1n74jYmZjYm+35:otYXlbwrLwY4YLx1YKMY76S/1n7+YWY/ |
| MD5: | 9FE15F0270A32BD7730131280A964FE2 |
| SHA1: | 82A170080A67C9B76752E7DCA2CA70954000D6A8 |
| SHA-256: | EB4B7CF2ED5615AF6F2BD5D13EB914378C39A44B9B60C9C9525AF5F89F2C861B |
| SHA-512: | 57F5DF2555B3BCE35CD1E2E3DE970A41A16E5C260063DD28043E4D41B80CB5C12AE01CB25A8A10B4C4A7F30F320F16F0B1864D9E18C2751AB8EDF0873E8EF8D8 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 687 |
| Entropy (8bit): | 6.123958546599038 |
| Encrypted: | false |
| SSDEEP: | 12:orP/j3timZ0dZHx5B7Rj37MaWRj37MY0aRj3timZ9HdDUIBj3Ih:ob/jYmadZR77RjwZRjwYZRjYmD1UIBji |
| MD5: | AA9B9EB8AB8D916B9F74324D88DFD831 |
| SHA1: | FCDC6A14875EC3A7C8388AD9301EFDDEF4F86878 |
| SHA-256: | 1B4C718BFEE38931F67032E1561E4D8231CD2DFD9AF36197C9E0B794A430CF60 |
| SHA-512: | ADFC50075DF031D714E3CF0D4F96D7417CCF2A50925683189D26E9DE926D10361537A966F5CD16235F5C8F952C8B9E35E9C06A774E361B7EBC6C32700AC27BCC |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 763 |
| Entropy (8bit): | 5.744528714710981 |
| Encrypted: | false |
| SSDEEP: | 12:orAa4j3rCz3O0sj3rCz3OChyj3rCz3OCzsj3F+Dj3timZ+/Dj3timZAzzEK:oEa4j7CzVsj7Czryj7Czyj1+DjYmoDjo |
| MD5: | 03F8B511F99DB675ADEAA7A42E587262 |
| SHA1: | E9BECF568294FB1CC02A1CC0031401577B62DF34 |
| SHA-256: | 1BC8DB5E89E6202FA1BD2EA9206C0B93EDD6A724CE215FB6D65DC0C4E126D57D |
| SHA-512: | 217F8AFCC3794CCEBCDF97A5990F5D27E5801810D230B1AD239F5C01A58719943EEBD87C291A7715F24AB9BB29BD131B0CB3E8D70FF4B82B32381317AD4C8F36 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.1496538820922355 |
| Encrypted: | false |
| SSDEEP: | 24:oS/jYmadZR7BjwHjwYs4jYmD1UIFsjYKZDj7CzPrtj1ejYmnjYm+35:oSLYXltwDwYVYL9YKN76Pt10Y4YV35 |
| MD5: | 8CAD8C7D00D9B9B0E6CD1CB83D02CAE0 |
| SHA1: | FA660E7E62907A6AC0FCFFB9CAA2128C9F1996A7 |
| SHA-256: | 244D0DB591837DFF7599F6D92B770DAEC0119A7BF1473F5D886D053BCF66317F |
| SHA-512: | 6DECCA349F218D56565AE8A57F3548AE016B871ECA87BA80D16C46645B2770EF907398186A57A3A5B16F8766017F64BBAB72EDE9FCE24EA1F63895CE430D6B69 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.146448986535899 |
| Encrypted: | false |
| SSDEEP: | 24:oE4jYmadZR7ZjwycjwYycjYmD1UIvjYK5j7Cz5Uj1/jYmA4jYm+35:odYXlVwyawYyaYLmYK1765C1LYCYV35 |
| MD5: | ECD4B1A62AA5AE06C0DC41D807E4B597 |
| SHA1: | 46A7120E14B1B49DBA9A35BDE47458FD104CBD6D |
| SHA-256: | C170ACBBBB77B32F95E0D26A21E35F3E7AE0B6E5D16204C61DDAA70666AF8DA7 |
| SHA-512: | 809DE6AFDC602B3242B200EC51C304FC6A6009E68C9B2A520540BA0640557FB020EC4E37846C3D57540BB1A23C1EC4027EA60E2DA5DC195A59062559EE34878A |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1012 |
| Entropy (8bit): | 6.128614704487929 |
| Encrypted: | false |
| SSDEEP: | 24:otjYmadZR754jwGjwYRjYmD1UIGjYKfj14/jYmJjYm+35:oBYXlMwswYdYLtYKr1wYaYV35 |
| MD5: | E32515AEB0276BFEE5F447670AA5FE80 |
| SHA1: | 0121B1BAC064B59CE896EAC49110A4A0D880EEFA |
| SHA-256: | A5F66722A9891F123305237534B84B034C5AFD3B61DED57D20341709A57AF67E |
| SHA-512: | B864ACD5AA5F9C531DBD65C491209EBD3090902A3843F709CABF83974D19096C16810DFC13FBEAAD974E19ED6C3EBB287BCF86706AAA37B139650A689E044BCB |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1012 |
| Entropy (8bit): | 6.148322382432402 |
| Encrypted: | false |
| SSDEEP: | 24:oOnjYmadZR7jDjwLDjwYQjYmD1UIJjYKKj1IjYmLjYm+35:ogYXlj3wL3wYmYLAYKo1uYwYV35 |
| MD5: | B30B58B3C16F6B4929D5E404A02C1947 |
| SHA1: | 4E6A1B46684886488CAAA5AE7C909D97263D03C4 |
| SHA-256: | 22B7BA65D7BC79CDA3084EF061C1B3A57C39010BB74168B463AE395ADDE2648E |
| SHA-512: | 33D36FA3E1468A5941203D25C9B264BDF8EEFC6F0F177B15DB77C8E386DD485E900B4C664AC83EE2477E9BBD5D512C7CAD1626D3461752447B135DC4A3486AA5 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1450 |
| Entropy (8bit): | 6.059465282464285 |
| Encrypted: | false |
| SSDEEP: | 24:oHIjYmadZR7PjwCjwYEsjYmD1UI+/jYK5/j7Czp5j7Cz5j7Czdj15jYmNjYm+35:oHuYXl7wQwYFYLnYK5L76p176176R11i |
| MD5: | EAB28020660A645BA27FD2054AB9A616 |
| SHA1: | AACE9FB4157591FC0CD2D36339074A1AE739AD72 |
| SHA-256: | 9E6747D8964A1BBAA8C777AA3F97FA82D7870BBCA95B4EC87BFAC2CC36E81D58 |
| SHA-512: | DE354CEC2BCD7EFD35CD6DBE4B1DDE7F8F1342CD105B308C489B738A2CA867542C9F20D06A9C6416AF7F2470E4C52D62F85CB0EE0BDC4DCC1B98341980BBA019 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1304 |
| Entropy (8bit): | 6.107762506871221 |
| Encrypted: | false |
| SSDEEP: | 24:ocWsjYmadZR7CjwvzjwYhn4jYmD1UIQjYKej7Czmj7CzEmzj1G/jYm84jYm+35:ocWKYXlQwvHwYYYLnYK076M76FH1iYyo |
| MD5: | 1054AEF9A3515727922E0F738CF3F980 |
| SHA1: | 90B8D202836ADA8D2AC629CF20B22B1C62B726BB |
| SHA-256: | 6CF71EB4A5F30B3DFDEC4F415BB353A1323596CF9D5E48CD8378389B517E4552 |
| SHA-512: | 388C24F69A4AF5FD58573FDA48534B195F29812EED7314B8295388E4E474FCB343B1CD426679DF8664E3245F2F5F822C50A35CC5C7C6D3CCF6DEA2D19E739D5F |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.085601171066284 |
| Encrypted: | false |
| SSDEEP: | 24:o7jYmadZR704jwgjwYPjYmD1UINjYKPj7CzEQj1OjYmvbjYm+35:ofYXltwWwY7YLEYK776D1EYkYV35 |
| MD5: | 6752800DE16705F62EAF3C565A037C2E |
| SHA1: | C2AF8B1814C7F9D4B21FB93A610598D7C4534DFA |
| SHA-256: | 2C16CE42CD2678FA9AAB949E29189D676C03D06E56DDA6922DB3F487B63D9B41 |
| SHA-512: | 302D73314C270914D397EE70594306762DEE778B391E63E2B7FA225BC3B17F1B65A7A516724CE0DD449579320B145679A08727AE9895286BAE4B8BD713A0E6BE |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1012 |
| Entropy (8bit): | 6.147007196385167 |
| Encrypted: | false |
| SSDEEP: | 24:oaMjYmadZR7qjwQjwYLjYmD1UI94jYKnj1YjYmg/jYm+35:ojYXlIwmwYPYLpYKj1eYvLYV35 |
| MD5: | B12142BA00AB39105E464D114C4401B9 |
| SHA1: | 09ADDB2EC9128A51C39BBDF457E6B2FB940EA976 |
| SHA-256: | 9CA3343CBE2F5ED662DD1CB0219B802BD96434DF2A5FEC3C64204412101C8639 |
| SHA-512: | 98C85C10412E00EBC6536ED8DDB806407AA78A5E19A51054F75A1101C73F532AC8C03FAB919AF1B77376F6F57A3310F75878304E93AC0CE6AD296A845B72B0FA |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1304 |
| Entropy (8bit): | 6.083060497082767 |
| Encrypted: | false |
| SSDEEP: | 24:oEjYmadZR7m/jwijwYXjYmD1UIzjYKFwp4j7CzE6wp4j7CzEEZvHx4j1FPU/jYmG:oSYXlmLwwwYzYLuYKFn76tn76DvHU1Fd |
| MD5: | D3AA2FD1E2E617D454F55AF29D314676 |
| SHA1: | 2F578E293393EA21F20DC7424A3C75CADABCE5AF |
| SHA-256: | B944D0092C359572E9B37B27B81418D8EB03FD73DCBA21DA2C50C5BD834004FA |
| SHA-512: | 7A0179B9374D7F1FC8D247F114F2C3C6F00A5AFDCFF867D9CB14697411BA88DD79DD1D343AF9D0E4A10352A62E1440D08D9438C3C3302C2243A1C517C0BB94B5 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1012 |
| Entropy (8bit): | 6.162644930238984 |
| Encrypted: | false |
| SSDEEP: | 24:oG+DjYmadZR7DL4jwZ94jwYZljYmD1UIwT+p4jYKGT34j1GTXjYm0TijYm+35:oG+3YXlDqwZUwYZpYLvT+cYKGTu1GTzS |
| MD5: | D38A46051B792766E3B70F7B15C2392F |
| SHA1: | A6F961AEBE4198F74B9AC23C4485383C6B6B5192 |
| SHA-256: | CA8B9B16F4FED13852FCC74012F6622FFA227764B9233CC17E1FA31B54B7BA9F |
| SHA-512: | 5CA5954CB699517F416FB53394CE3A501BFA3E797B73DBC6DC7530CEDC871737DB888E322CE8A9B1C352F550F62326EE06CCDBAC20324ADEA3F0DE71293112BD |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 584 |
| Entropy (8bit): | 6.120102122032268 |
| Encrypted: | false |
| SSDEEP: | 12:o9ij3timZ0dZHx5Bmj37Macj37MY0n/j3timZ9HdDUn:o9ijYmadZR7mjwFjwYGjYmD1Un |
| MD5: | 0DE1CBD671719EBEC938DC7D503F6932 |
| SHA1: | D3346C70B7EE854395407DCABCE8568D30802AAC |
| SHA-256: | BCDC677B2DB733F3E761014E4943227FDC9189B408D6F1115CA9E6A9A1E69638 |
| SHA-512: | 0B95EA1327F7579CB0656DCC133B4590B4458E2E9255C23B6B080B84FBEE6C01E7B6DF9B16FA90867228F4BCF26B9EEE1E580BF1E77249F741D3B1FB64986FA4 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1012 |
| Entropy (8bit): | 5.809863921891492 |
| Encrypted: | false |
| SSDEEP: | 24:o6jYKvhj7Cz1dhj7Czwhj7CzOj7Czrj1Z/jYmD/jYm+35:o4YKvN76rN76wN76E76v1tYsYV35 |
| MD5: | 7FABE2C79CB6316B840A846ACCD43EF9 |
| SHA1: | 0E978AFE44E50C5A8BB1FEAB1036ADC2F657E85A |
| SHA-256: | B64268DB4A9E137C73465545656714A2716F37CCB8C23F4BDBCCF4CC631F5B5D |
| SHA-512: | 9620BBD771D333C120011D2079BE0FAB50F8AFA802131A129B82FEC2BEE37B04CDDB5004BA94CDFE5E645D5A3C58882A73FAAAFCB755FFD3E551686715457D56 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1012 |
| Entropy (8bit): | 6.159647531572747 |
| Encrypted: | false |
| SSDEEP: | 24:oG9jYmadZR7QijwiNjwYiBjYmD1UIZ/jYKfj1t/jYmgjYm+35:oGxYXlQwwihwYitYLULYKr1pYBYV35 |
| MD5: | 9C94CE3E1E630370D44B535DDF2894D0 |
| SHA1: | A561DEBD42BE6DA44F9790F49D445A7875230550 |
| SHA-256: | 1626AA3605AB969E3730BEFC0B13170A79418154E445D5458ACA0855D3BABF53 |
| SHA-512: | E93228CAE5B0C11AEFE2318B9435D691AED2ED9370474B95BC98D7D82EA760DBBEBD1DBA5A284B19F003C26C4EE058E30329663B958128C83C11C8C6D61D4A6F |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1012 |
| Entropy (8bit): | 6.183144130927717 |
| Encrypted: | false |
| SSDEEP: | 24:oCnjYmadZR7vjwvjwYEjYmD1UId4jYK7W4j1GjYm9jYm+35:oCjYXlbwbwYSYLBYKn1sYCYV35 |
| MD5: | 4AA746425F22C6F4FDAF4E12881E8727 |
| SHA1: | 1D44DBFC59818E3F5E450228CDA5F6679D99C1A5 |
| SHA-256: | 1CFBC9A4D8FE5190D243D27088BAC614F4C4EDEB0597DCDFFF942CAA1E8C0858 |
| SHA-512: | F42617F15684F401A254B070EA7121A5C84FE7E31E7D06CB5E17E5ACE475D3AB6E0A35327D35303739786E191DE803E739AB2F1BE44DF5B375A0862888D3E858 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1304 |
| Entropy (8bit): | 6.095993668873305 |
| Encrypted: | false |
| SSDEEP: | 24:oKjYmadZR7SjwfjwYRjYmD1UIujYK+j7Czha4j7CzcSj1mDjYmDDjYm+35:ooYXlAwrwYdYLZYKU76l76cA1m3YW3Y/ |
| MD5: | 054635CBB3AFBDCA0069A6CA7DD9BD08 |
| SHA1: | 56863FEA1947883844A27AACA26C0CEB6A204887 |
| SHA-256: | D75A3E18D44DFBCD06C176D2E0FB79AC3542EBACB3F24930695DB54864E5D872 |
| SHA-512: | 652D32A3E0967205EEA82D77CF13B9A12C67FBD6253606AFC033F3ACE3EFCA5674B4F3682FDD04F1F866590A939F185F4048463BEC69ECE4D3C68556F472C5F0 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1012 |
| Entropy (8bit): | 6.162930873443667 |
| Encrypted: | false |
| SSDEEP: | 24:o8jYmadZR7MCjwFjwYFjYmD1UIFjYKsj1ejYm8jYm+35:o6YXlfwJwYJYLsYKK10YpYV35 |
| MD5: | 5D1C6B0A9FC2B4D481629C0C36B790C5 |
| SHA1: | CF9B785F98A3DBE15E977D6078BDEBB2C5E2DCE8 |
| SHA-256: | 7CB6D0B7C0F8877F037DA3A392E173174775B97338DB6CB2A7D2E084ACEDA9B3 |
| SHA-512: | 863A5372D9F9F50FBD29E9A9AF33808FB9BB8821C8E13D4B1A0A1EB8F32DEF693D9318D9D17F74201397603328090322A05D719886705670F38C428BE1F7184F |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 584 |
| Entropy (8bit): | 6.120411700222892 |
| Encrypted: | false |
| SSDEEP: | 12:oao7sj3timZ0dZHx5Bt8/j37MawA4j37MY0sEDj3timZ9HdDUn:oRwjYmadZR7ajw44jwYsjYmD1Un |
| MD5: | 19D4C9E60F553186A1BA88FF40AE47D9 |
| SHA1: | 35C0B5E0DBB48D90FAAAAF46C9B32BDACA9E94D9 |
| SHA-256: | 84ED24D287D45F6C80D1D0341A690032AB363159D5B5A770293322F069BDAF22 |
| SHA-512: | 45A2AD68E9360F595E513384216E7B44F1DA38FEF9A5B4EF22C8DB408B3F2A269EED54B958E80447A929FE9D8FF859CCBE154893C643E8DA487B59F054402D7D |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 720 |
| Entropy (8bit): | 5.865335683448994 |
| Encrypted: | false |
| SSDEEP: | 12:oafEj3IKafj4Dj3rCz3OWfKsj3rCz3O8Ifs4j3Fafkj3timZ+lfwtj3timZAzzEK:oSEjYKScj7CzPLj7CzJgs4j1SkjYmEwG |
| MD5: | D5295D5F0C616A950EE3FBA07C39FCCD |
| SHA1: | 96F179DC6787B5C049E4485CF001AF8DA80E528A |
| SHA-256: | 6440C7E8993C0AAF75C8EDCCFA37A1F62BD596850E6D6D53AA25E83A43399883 |
| SHA-512: | CF78B2747A5833CFA11C193AC9322930795FEC1ED4CFB247EE790343B66F859B65D92568859121E291CBB489E421DC391B497EDC14206B8E77717F5B268C3A86 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1012 |
| Entropy (8bit): | 6.172858808698389 |
| Encrypted: | false |
| SSDEEP: | 24:oCjYmadZR7z4jwqjwYBjYmD1UIg4jYKA4j1GjYmLjYm+35:oQYXlCwIwYtYLYYKR1sY0YV35 |
| MD5: | C840E084F66FBBCC66DDB79AF8925133 |
| SHA1: | 9CCCD9473C0166159F2501C2CEE873D4D455C865 |
| SHA-256: | 0C96BC1EB00ACDE147310DE5C021F1FB383EEF131BBCB9C6795AAE7F5D60B42C |
| SHA-512: | 4395BB55316209808424454069ECB4BC9E8D120435866356B05CDE876635DB75A203DA7EF3C6CB079DB0A84ACCA5031108395AC567DC2A2DBAB978F6CBF8B049 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.136077403863774 |
| Encrypted: | false |
| SSDEEP: | 24:onjYmadZR76jwZ4jwYujYmD1UIAjYKFj7CztUj1UjYmUjYm+35:ojYXl4wswYkYLPYKJ76tC1CYJYV35 |
| MD5: | CA60ED8B558238D160FC2653953D07F2 |
| SHA1: | FA2FDDF3CCF7AF75EB3B483AFCDF1EE96EBEC0DD |
| SHA-256: | 719820B8F671FFEDA810D42E655C23BED4F7A7FF9E8A42C2B18D805264D9CE17 |
| SHA-512: | F7965DEDA872A7EBED41D538390D31BA712F19AF5FF0BFE99F3D99D7B41212E0CBE9CF514F7F3F059E91A58ED556B9DFF96BBC57487A7429736F882FE52BF0C9 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.132663012606122 |
| Encrypted: | false |
| SSDEEP: | 24:op4jYmadZR7mPjwsejwYsnjYmD1UIeAsjYKX4j7Cz14j1WJjYmsgjYm+35:op+YXlqwTwYgYL3AKYKO76s1eYwYV35 |
| MD5: | E4DC8737DFB91B16D3002A8CAD3DDEB6 |
| SHA1: | 78B4A5D2615E7B284951EF38AC88566C886A2741 |
| SHA-256: | 1D4C095BB841D7451BF84B4B9049DCFAF93EDC53082C6949873FE10C009E009F |
| SHA-512: | 1FFAD0AD60FFB57F83E0AFCBB8781359EA98A60761F59950F14928C4BCDF9F9BA4C9C6668A0CD9711817765A68A9E2559722CE59794569F832DADBD0370D4958 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1450 |
| Entropy (8bit): | 6.068303178377807 |
| Encrypted: | false |
| SSDEEP: | 24:o3jYmadZR774jwTDjwYTDjYmD1UIQ4jYKC4j7Cz04j7Czvj7CzSj1jsjYmNsjYmU:oTYXl6w7wY7YL4YKf760+76b76A1OYLo |
| MD5: | 7088F1B413BED86C6F54B5658183DF05 |
| SHA1: | 31ABDD4A1A883CF2EC415745F587074EFAA684B5 |
| SHA-256: | 04CDBAF86663AA6CF3014EAF5C2AFBA572C8B1C7424A4257BB1DD3B0952FEC5A |
| SHA-512: | 15D1F34E95448BEEDDFEC49EF93C50EE504C6B2D46FFF42DB7D5AC7202181173D9CA40E721DB174025DC207CC9018BDC9664D239429F25ACA14020ECE689F03A |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.151064548366365 |
| Encrypted: | false |
| SSDEEP: | 24:odljYmadZR7POjwTjwY8DjYmD1UIsa4jYKij7Cz0pj1gjYmXjYm+35:oXYXlcwnwY83YLzYKw76y1WY0YV35 |
| MD5: | BE69DB94B8715681C26FBD560F8B258E |
| SHA1: | CE73CB19DEE846E0344829D7FA37C53C7F4E35BF |
| SHA-256: | 5CD075C9CCE4BFB9213560EF2D62B83DE654A65A103201DB263A1D72231BAE25 |
| SHA-512: | F4D530E437AA7CE8782DCAA80385AE310C156833804B2BD058C508B0B523189B8E333224EA5BB6ED6AAD9808BD77A4EF9AAC2404C7168FA767E1383FEA51DF43 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1158 |
| Entropy (8bit): | 6.1268230575198475 |
| Encrypted: | false |
| SSDEEP: | 24:oii4jYmadZR7TwZjwdwHjwYdw8jYmD1UIIUCjYKi/j7CzJaj1is8jYmUs8jYm+35:oii+YXlTswdiwYdrYL3nYKiL76JY1isY |
| MD5: | 7E98E6A81EE67A1AE0E1ADE6C485F018 |
| SHA1: | CCCC508CEDA90886A818F56D5B2AE748286CA06E |
| SHA-256: | F186EECD3D6F97F85FE0C8298862C75DED22C0E241B49FC76769ED8BD342A89A |
| SHA-512: | 44B26D71303D6C5602874F2811C2FDB6D5C22B6FCE2284D6C3095DE2CF0181285A84AD9CDC46D2A3C8FA65D5E15CA45A2946DC7A64384C4F992E97F2A395816F |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1012 |
| Entropy (8bit): | 6.166404593320533 |
| Encrypted: | false |
| SSDEEP: | 24:oT4jYmadZR7PjwcjwYRsjYmD1UIKjYKIj1hjYm8M4jYm+35:oiYXl7wawYRKYLtYKu1NYLYV35 |
| MD5: | EBA70E1CF8371CA58E726673E8C7E881 |
| SHA1: | 0F0B7DE191658416959338E6FAF44704D78BD7D0 |
| SHA-256: | 19F2766096E01D884BEF962D5A78E23024C8C1D97B1BFF8492E2472EC08D4EC2 |
| SHA-512: | DD7EB2B59AD4EBBB96E4EE8309DC39E0D86776F11866C88361CA0A7E44C8388B7E9710EEA336ECF638A747DD4C344928B4262EB5268CB03C8F65B71677C70383 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 1304 |
| Entropy (8bit): | 6.088673505440702 |
| Encrypted: | false |
| SSDEEP: | 24:odjYmadZR7Kjwz4DjwYz4DjYmD1UIJ4TzjYK9j7Czkj7CzLuj10/jYmIDjYm+35:oRYXlowM3wYM3YLg4THYKx76y76Lk10V |
| MD5: | 2103FBE5DBA15145BF35D2260EB716C4 |
| SHA1: | 03361641DCCE55AE1D777DB4DB7A82721155E7FE |
| SHA-256: | F623AD66777FD06AD9F7B85311B280AEA10AB2847CB6BBE0769BDFAFE876F154 |
| SHA-512: | AE0FAE1A802DBFD73298A74318F79F5343F2215B52B54A386B503C6282D4F4EC49216D3AFA6EE2028DE8E2034F429A7AE07C20CB766440D69EC630C22BD847B7 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\user\Desktop\Browser.Daemon.exe |
| File Type: | |
| Category: | modified |
| Size (bytes): | 1012 |
| Entropy (8bit): | 6.158657117520622 |
| Encrypted: | false |
| SSDEEP: | 24:o4jYmadZR7asjw1jwYUjYmD1UI8jYKSj1CO/jYmQjYm+35:o+YXl/wZwYCYL/YKA1CKYtYV35 |
| MD5: | 2FFDCA0AACC032A9077D6CB12AFBD248 |
| SHA1: | 5FEB63A03629BA5D1C5AED939B2C64565CB780D3 |
| SHA-256: | 743DCF6394962CF89486B96038EAEE2FE83AC7798BA8466023C05B6727757CBE |
| SHA-512: | 133BF4717F509827F8539BA63CCB5FF0B9B6AA56842E5F32F1C79B7A50275B767125956ACFF970DE67CE520EC1C678CCDC78D23D005DBBD73E43B3FFFC676723 |
| Malicious: | false |
| Preview: |
| File type: | |
| Entropy (8bit): | 6.6444678952852865 |
| TrID: |
|
| File name: | Browser.Daemon.exe |
| File size: | 35'232 bytes |
| MD5: | 294a647f4efd42428dc119f961416b76 |
| SHA1: | bb39ff1d015ca479e9f9c1a78648ba8aa525e159 |
| SHA256: | bfd96babeb4eae22aa2ad642d036c1f57525cf709cf8481b930329f298f208ea |
| SHA512: | 50a9724c8bfb9778d5ee6bf593ada381c435eba8ca77ee7dc1a5100379774bc205953ffc1944ea49f93b74f225243411633eef91bd17a3fc3282b89bbba9994b |
| SSDEEP: | 384:WPGfaDdK2kfoIoUM1QvpAu7CsagfuHu9XKXAE2XS7uiHtEbMGBnqpwK3hBmIAjvV:WI0dK1f/oORAKy/uyOwKY1AC2EQ |
| TLSH: | 21F28E42ABB4464ADA5E4E3634F56E224AB0F343ED51C6CE1DC9C09D4F923C45614AFB |
| File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L...<Cd..........."...0..N..........bm... ........@.. ....................................`................................ |
 | |
| Icon Hash: | 90cececece8e8eb0 |
| Entrypoint: | 0x406d62 |
| Entrypoint Section: | .text |
| Digitally signed: | true |
| Imagebase: | 0x400000 |
| Subsystem: | windows gui |
| Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE |
| DLL Characteristics: | HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE |
| Time Stamp: | 0xD464433C [Tue Dec 1 08:50:04 2082 UTC] |
| TLS Callbacks: | |
| CLR (.Net) Version: | |
| OS Version Major: | 4 |
| OS Version Minor: | 0 |
| File Version Major: | 4 |
| File Version Minor: | 0 |
| Subsystem Version Major: | 4 |
| Subsystem Version Minor: | 0 |
| Import Hash: | f34d5f2d4577ed6d9ceec516c1f5a744 |
| Signature Valid: | true |
| Signature Issuer: | CN=Sectigo Public Code Signing CA EV R36, O=Sectigo Limited, C=GB |
| Signature Validation Error: | The operation completed successfully |
| Error Number: | 0 |
| Not Before, Not After |
|
| Subject Chain |
|
| Version: | 3 |
| Thumbprint MD5: | F787F139795472C630D545CC3030964D |
| Thumbprint SHA-1: | 5FD20CE2B39EC12FBEA5BB747161FA19F3D770CB |
| Thumbprint SHA-256: | 19B85BA879F762C8052F5B9E4934B59DD67CE6B583F273E5AA66AB390E054467 |
| Serial: | 1EF1CBEFEF67C3480F5EDBCB582C9BDE |
| Instruction |
|---|
| jmp dword ptr [00402000h] |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| add byte ptr [eax], al |
| Name | Virtual Address | Virtual Size | Is in Section |
|---|---|---|---|
| IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IMPORT | 0x6d10 | 0x4f | .text |
| IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x8000 | 0x5e8 | .rsrc |
| IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_SECURITY | 0x5800 | 0x31a0 | |
| IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xa000 | 0xc | .reloc |
| IMAGE_DIRECTORY_ENTRY_DEBUG | 0x6c58 | 0x38 | .text |
| IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IAT | 0x2000 | 0x8 | .text |
| IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x2008 | 0x48 | .text |
| IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
| Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
|---|---|---|---|---|---|---|---|---|---|
| .text | 0x2000 | 0x4d68 | 0x4e00 | 816cd1b45b258919e400f27156fb8d94 | False | 0.5317508012820513 | data | 5.9251757262189875 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
| .rsrc | 0x8000 | 0x5e8 | 0x600 | 244fe117e911f93553fd3c8a238fc4cb | False | 0.4329427083333333 | data | 4.193069141179276 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .reloc | 0xa000 | 0xc | 0x200 | 264e48a624d97f68bd9b9ef19531db21 | False | 0.044921875 | data | 0.08153941234324169 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
| Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
|---|---|---|---|---|---|---|
| RT_VERSION | 0x8090 | 0x358 | data | 0.4264018691588785 | ||
| RT_MANIFEST | 0x83f8 | 0x1ea | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | 0.5489795918367347 |
| DLL | Import |
|---|---|
| mscoree.dll | _CorExeMain |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node| Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2024-12-20T15:51:17.565673+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 49738 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:51:22.218684+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 49740 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:51:25.491574+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 49745 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:51:44.000115+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 49751 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:52:08.138686+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 49780 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:52:34.818054+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 49844 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:52:44.052675+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 49868 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:52:50.342714+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 49885 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:52:53.648319+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 49895 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:53:20.825223+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 49962 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:53:27.084053+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 49979 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:53:42.992284+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 50019 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:53:46.100950+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 50028 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:53:49.484922+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 50036 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:54:05.930525+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 50057 | 82.156.94.45 | 443 | TCP |
| 2024-12-20T15:54:15.861786+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 50060 | 82.156.94.47 | 443 | TCP |
| 2024-12-20T15:54:28.544429+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 50064 | 82.156.94.47 | 443 | TCP |
| 2024-12-20T15:54:31.664615+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 50065 | 82.156.94.47 | 443 | TCP |
| 2024-12-20T15:54:34.748676+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 50066 | 82.156.94.47 | 443 | TCP |
| 2024-12-20T15:54:37.828948+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 50067 | 82.156.94.47 | 443 | TCP |
| 2024-12-20T15:54:41.679090+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 50068 | 82.156.94.47 | 443 | TCP |
| 2024-12-20T15:55:02.204211+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 50074 | 82.156.94.47 | 443 | TCP |
| 2024-12-20T15:55:06.628181+0100 | 2803305 | ETPRO MALWARE Common Downloader Header Pattern H | 3 | 192.168.2.4 | 50075 | 82.156.94.47 | 443 | TCP |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Dec 20, 2024 15:51:00.122575045 CET | 49733 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:00.122678041 CET | 443 | 49733 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:00.122826099 CET | 49733 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:00.135816097 CET | 49733 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:00.135855913 CET | 443 | 49733 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:02.580946922 CET | 443 | 49733 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:02.581052065 CET | 49733 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:02.582524061 CET | 443 | 49733 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:02.582617998 CET | 49733 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:02.597103119 CET | 49733 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:02.597142935 CET | 443 | 49733 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:02.598207951 CET | 443 | 49733 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:02.644428968 CET | 49733 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:02.668745041 CET | 49733 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:02.715339899 CET | 443 | 49733 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:03.329869986 CET | 443 | 49733 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:03.329963923 CET | 443 | 49733 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:03.330156088 CET | 49733 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:03.340843916 CET | 49733 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:11.078013897 CET | 49737 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:11.078115940 CET | 443 | 49737 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:11.078213930 CET | 49737 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:11.078592062 CET | 49737 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:11.078623056 CET | 443 | 49737 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:13.339740038 CET | 443 | 49737 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:13.366691113 CET | 49737 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:13.366771936 CET | 443 | 49737 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:14.442553997 CET | 443 | 49737 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:14.461675882 CET | 443 | 49737 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:14.461752892 CET | 49737 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:14.462296963 CET | 49737 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:14.721302986 CET | 49738 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:14.721368074 CET | 443 | 49738 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:14.721544981 CET | 49738 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:14.722018003 CET | 49738 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:14.722033978 CET | 443 | 49738 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:16.967458963 CET | 443 | 49738 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:16.970592976 CET | 49738 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:16.970673084 CET | 443 | 49738 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:17.565778017 CET | 443 | 49738 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:17.566922903 CET | 443 | 49738 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:17.567378998 CET | 49738 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:17.568645954 CET | 49738 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:17.946641922 CET | 49740 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:17.946683884 CET | 443 | 49740 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:17.946849108 CET | 49740 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:17.947150946 CET | 49740 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:17.947169065 CET | 443 | 49740 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:21.634979963 CET | 443 | 49740 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:21.644867897 CET | 49740 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:21.644912958 CET | 443 | 49740 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:22.218811989 CET | 443 | 49740 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:22.219826937 CET | 443 | 49740 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:22.220098972 CET | 49740 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:22.220284939 CET | 49740 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:22.483635902 CET | 49745 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:22.483711004 CET | 443 | 49745 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:22.483819008 CET | 49745 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:22.484066010 CET | 49745 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:22.484100103 CET | 443 | 49745 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:24.897353888 CET | 443 | 49745 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:24.927104950 CET | 49745 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:24.927189112 CET | 443 | 49745 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:25.491715908 CET | 443 | 49745 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:25.491911888 CET | 443 | 49745 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:25.491987944 CET | 49745 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:25.492908955 CET | 49745 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:25.706841946 CET | 49747 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:25.706921101 CET | 443 | 49747 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:25.707000971 CET | 49747 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:25.707272053 CET | 49747 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:25.707307100 CET | 443 | 49747 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:30.944489956 CET | 443 | 49747 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:30.954011917 CET | 49747 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:30.954091072 CET | 443 | 49747 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:31.527492046 CET | 443 | 49747 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:31.528757095 CET | 443 | 49747 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:31.528835058 CET | 49747 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:31.529194117 CET | 49747 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:31.741759062 CET | 49748 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:31.741859913 CET | 443 | 49748 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:31.743724108 CET | 49748 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:31.743999004 CET | 49748 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:31.744048119 CET | 443 | 49748 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:33.964212894 CET | 443 | 49748 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:33.966337919 CET | 49748 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:33.966417074 CET | 443 | 49748 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:34.562361956 CET | 443 | 49748 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:34.562438011 CET | 443 | 49748 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:34.562536955 CET | 49748 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:34.563328981 CET | 49748 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:34.774811983 CET | 49749 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:34.774905920 CET | 443 | 49749 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:34.779715061 CET | 49749 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:34.780000925 CET | 49749 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:34.780038118 CET | 443 | 49749 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:37.255692959 CET | 443 | 49749 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:37.261404037 CET | 49749 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:37.261482000 CET | 443 | 49749 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:37.854490042 CET | 443 | 49749 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:37.854652882 CET | 443 | 49749 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:37.854871988 CET | 49749 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:37.855679035 CET | 49749 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:38.100569010 CET | 49750 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:38.100666046 CET | 443 | 49750 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:38.100753069 CET | 49750 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:38.100985050 CET | 49750 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:38.101006985 CET | 443 | 49750 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:40.383709908 CET | 443 | 49750 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:40.388822079 CET | 49750 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:40.388922930 CET | 443 | 49750 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:40.957045078 CET | 443 | 49750 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:40.957531929 CET | 443 | 49750 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:40.957611084 CET | 49750 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:40.958533049 CET | 49750 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:41.193357944 CET | 49751 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:41.193447113 CET | 443 | 49751 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:41.193546057 CET | 49751 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:41.193967104 CET | 49751 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:41.193999052 CET | 443 | 49751 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:43.422868013 CET | 443 | 49751 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:43.425225019 CET | 49751 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:43.425256968 CET | 443 | 49751 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:44.000191927 CET | 443 | 49751 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:44.001378059 CET | 443 | 49751 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:44.001490116 CET | 49751 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:44.001836061 CET | 49751 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:44.239583015 CET | 49752 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:44.239634991 CET | 443 | 49752 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:44.239727974 CET | 49752 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:44.240063906 CET | 49752 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:44.240078926 CET | 443 | 49752 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:46.663901091 CET | 443 | 49752 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:46.666207075 CET | 49752 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:46.666244984 CET | 443 | 49752 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:47.276523113 CET | 443 | 49752 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:47.276607990 CET | 443 | 49752 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:47.276698112 CET | 49752 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:47.277890921 CET | 49752 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:47.489849091 CET | 49753 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:47.489897013 CET | 443 | 49753 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:47.489988089 CET | 49753 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:47.490324974 CET | 49753 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:47.490338087 CET | 443 | 49753 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:49.970418930 CET | 443 | 49753 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:49.972768068 CET | 49753 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:49.972791910 CET | 443 | 49753 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:50.558271885 CET | 443 | 49753 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:50.559456110 CET | 443 | 49753 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:50.559566975 CET | 49753 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:50.559974909 CET | 49753 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:50.785255909 CET | 49754 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:50.785322905 CET | 443 | 49754 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:50.785413027 CET | 49754 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:50.785701990 CET | 49754 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:50.785716057 CET | 443 | 49754 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:53.234289885 CET | 443 | 49754 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:53.236304998 CET | 49754 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:53.236346006 CET | 443 | 49754 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:54.342896938 CET | 443 | 49754 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:54.343056917 CET | 443 | 49754 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:54.343713045 CET | 49754 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:54.344091892 CET | 49754 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:54.566133022 CET | 49755 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:54.566186905 CET | 443 | 49755 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:54.566267967 CET | 49755 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:54.566780090 CET | 49755 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:54.566796064 CET | 443 | 49755 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:56.824508905 CET | 443 | 49755 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:56.829364061 CET | 49755 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:56.829417944 CET | 443 | 49755 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:57.421595097 CET | 443 | 49755 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:57.422153950 CET | 443 | 49755 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:57.422209978 CET | 49755 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:57.422787905 CET | 49755 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:57.630645990 CET | 49757 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:57.630675077 CET | 443 | 49757 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:57.630759954 CET | 49757 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:57.631000996 CET | 49757 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:57.631012917 CET | 443 | 49757 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:59.901716948 CET | 443 | 49757 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:51:59.905675888 CET | 49757 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:51:59.905711889 CET | 443 | 49757 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:00.478494883 CET | 443 | 49757 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:00.478813887 CET | 443 | 49757 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:00.478884935 CET | 49757 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:00.479434967 CET | 49757 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:02.052488089 CET | 49769 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:02.052522898 CET | 443 | 49769 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:02.052613974 CET | 49769 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:02.052891016 CET | 49769 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:02.052896976 CET | 443 | 49769 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:04.467571020 CET | 443 | 49769 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:04.469896078 CET | 49769 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:04.469928026 CET | 443 | 49769 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:05.044068098 CET | 443 | 49769 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:05.044136047 CET | 443 | 49769 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:05.044332981 CET | 49769 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:05.045154095 CET | 49769 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:05.319852114 CET | 49780 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:05.319888115 CET | 443 | 49780 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:05.319967031 CET | 49780 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:05.320287943 CET | 49780 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:05.320302010 CET | 443 | 49780 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:07.551048994 CET | 443 | 49780 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:07.553088903 CET | 49780 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:07.553109884 CET | 443 | 49780 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:08.138683081 CET | 443 | 49780 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:08.139929056 CET | 443 | 49780 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:08.139983892 CET | 49780 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:08.205653906 CET | 49780 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:08.614113092 CET | 49786 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:08.614159107 CET | 443 | 49786 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:08.614242077 CET | 49786 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:08.614531994 CET | 49786 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:08.614542007 CET | 443 | 49786 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:13.843542099 CET | 443 | 49786 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:13.845765114 CET | 49786 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:13.845807076 CET | 443 | 49786 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:14.974742889 CET | 443 | 49786 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:14.974828959 CET | 443 | 49786 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:14.974917889 CET | 49786 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:14.976227999 CET | 49786 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:15.181533098 CET | 49800 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:15.181571960 CET | 443 | 49800 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:15.181668997 CET | 49800 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:15.181950092 CET | 49800 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:15.181968927 CET | 443 | 49800 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:17.490353107 CET | 443 | 49800 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:17.492433071 CET | 49800 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:17.492464066 CET | 443 | 49800 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:18.221102953 CET | 443 | 49800 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:18.221240044 CET | 443 | 49800 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:18.221489906 CET | 49800 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:18.225929022 CET | 49800 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:18.953830957 CET | 49810 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:18.953885078 CET | 443 | 49810 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:18.953978062 CET | 49810 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:18.954256058 CET | 49810 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:18.954268932 CET | 443 | 49810 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:21.169275045 CET | 443 | 49810 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:21.172240019 CET | 49810 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:21.172272921 CET | 443 | 49810 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:21.747143984 CET | 443 | 49810 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:21.748449087 CET | 443 | 49810 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:21.748513937 CET | 49810 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:21.749376059 CET | 49810 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:22.133014917 CET | 49821 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:22.133066893 CET | 443 | 49821 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:22.133157015 CET | 49821 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:22.133519888 CET | 49821 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:22.133538961 CET | 443 | 49821 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:24.365983009 CET | 443 | 49821 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:24.368439913 CET | 49821 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:24.368488073 CET | 443 | 49821 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:24.937030077 CET | 443 | 49821 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:24.937247038 CET | 443 | 49821 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:24.937321901 CET | 49821 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:24.938174963 CET | 49821 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:25.152795076 CET | 49827 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:25.152839899 CET | 443 | 49827 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:25.152920008 CET | 49827 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:25.153203964 CET | 49827 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:25.153228998 CET | 443 | 49827 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:27.563405037 CET | 443 | 49827 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:27.565732002 CET | 49827 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:27.565763950 CET | 443 | 49827 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:28.135791063 CET | 443 | 49827 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:28.137033939 CET | 443 | 49827 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:28.137228966 CET | 49827 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:28.137465954 CET | 49827 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:28.399899960 CET | 49837 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:28.399924040 CET | 443 | 49837 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:28.399987936 CET | 49837 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:28.400271893 CET | 49837 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:28.400290012 CET | 443 | 49837 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:31.182796001 CET | 443 | 49837 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:31.188198090 CET | 49837 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:31.188241005 CET | 443 | 49837 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:31.761035919 CET | 443 | 49837 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:31.762303114 CET | 443 | 49837 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:31.762394905 CET | 49837 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:31.763278008 CET | 49837 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:32.009442091 CET | 49844 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:32.009499073 CET | 443 | 49844 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:32.009568930 CET | 49844 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:32.009876966 CET | 49844 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:32.009896994 CET | 443 | 49844 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:34.231115103 CET | 443 | 49844 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:34.233155966 CET | 49844 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:34.233191967 CET | 443 | 49844 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:34.818015099 CET | 443 | 49844 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:34.818130970 CET | 443 | 49844 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:34.818188906 CET | 49844 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:34.819201946 CET | 49844 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:35.137134075 CET | 49855 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:35.137192011 CET | 443 | 49855 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:35.139904022 CET | 49855 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:35.140259027 CET | 49855 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:35.140274048 CET | 443 | 49855 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:37.364099026 CET | 443 | 49855 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:37.369729042 CET | 49855 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:37.369777918 CET | 443 | 49855 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:37.941689968 CET | 443 | 49855 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:37.941888094 CET | 443 | 49855 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:37.945988894 CET | 49855 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:37.946345091 CET | 49855 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:38.176460028 CET | 49861 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:38.176511049 CET | 443 | 49861 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:38.176721096 CET | 49861 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:38.177040100 CET | 49861 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:38.177059889 CET | 443 | 49861 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:40.383122921 CET | 443 | 49861 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:40.386117935 CET | 49861 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:40.386137962 CET | 443 | 49861 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:40.949578047 CET | 443 | 49861 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:40.950510025 CET | 443 | 49861 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:40.950612068 CET | 49861 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:40.951137066 CET | 49861 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:41.217164993 CET | 49868 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:41.217221975 CET | 443 | 49868 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:41.217308044 CET | 49868 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:41.217654943 CET | 49868 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:41.217672110 CET | 443 | 49868 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:43.452975035 CET | 443 | 49868 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:43.455897093 CET | 49868 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:43.455991983 CET | 443 | 49868 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:44.052686930 CET | 443 | 49868 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:44.052773952 CET | 443 | 49868 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:44.053390026 CET | 49868 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:44.054239988 CET | 49868 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:44.424721003 CET | 49878 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:44.424776077 CET | 443 | 49878 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:44.424859047 CET | 49878 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:44.425278902 CET | 49878 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:44.425295115 CET | 443 | 49878 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:46.653012991 CET | 443 | 49878 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:46.655175924 CET | 49878 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:46.655201912 CET | 443 | 49878 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:47.231925964 CET | 443 | 49878 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:47.232012033 CET | 443 | 49878 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:47.232064962 CET | 49878 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:47.232878923 CET | 49878 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:47.557835102 CET | 49885 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:47.557883024 CET | 443 | 49885 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:47.558183908 CET | 49885 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:47.558269978 CET | 49885 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:47.558279037 CET | 443 | 49885 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:49.769812107 CET | 443 | 49885 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:49.771722078 CET | 49885 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:49.771774054 CET | 443 | 49885 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:50.342747927 CET | 443 | 49885 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:50.342855930 CET | 443 | 49885 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:50.342911005 CET | 49885 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:50.343591928 CET | 49885 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:50.592217922 CET | 49895 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:50.592242956 CET | 443 | 49895 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:50.592308998 CET | 49895 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:50.592684031 CET | 49895 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:50.592695951 CET | 443 | 49895 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:53.016244888 CET | 443 | 49895 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:53.037219048 CET | 49895 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:53.037250042 CET | 443 | 49895 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:53.648344040 CET | 443 | 49895 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:53.648441076 CET | 443 | 49895 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:53.648518085 CET | 49895 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:53.649283886 CET | 49895 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:53.919478893 CET | 49901 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:53.919514894 CET | 443 | 49901 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:53.919581890 CET | 49901 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:53.919955969 CET | 49901 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:53.919972897 CET | 443 | 49901 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:56.134192944 CET | 443 | 49901 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:56.138123035 CET | 49901 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:56.138153076 CET | 443 | 49901 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:56.715440989 CET | 443 | 49901 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:56.716582060 CET | 443 | 49901 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:56.716634035 CET | 49901 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:56.717063904 CET | 49901 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:57.003838062 CET | 49912 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:57.003881931 CET | 443 | 49912 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:57.003966093 CET | 49912 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:57.004303932 CET | 49912 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:57.004321098 CET | 443 | 49912 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:59.217813015 CET | 443 | 49912 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:59.219523907 CET | 49912 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:59.219547033 CET | 443 | 49912 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:59.789118052 CET | 443 | 49912 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:59.790302992 CET | 443 | 49912 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:52:59.792011976 CET | 49912 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:52:59.792429924 CET | 49912 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:00.151951075 CET | 49918 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:00.151983023 CET | 443 | 49918 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:00.156101942 CET | 49918 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:00.159969091 CET | 49918 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:00.159986019 CET | 443 | 49918 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:02.387497902 CET | 443 | 49918 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:02.441776991 CET | 49918 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:02.468381882 CET | 49918 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:02.468405008 CET | 443 | 49918 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:03.540890932 CET | 443 | 49918 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:03.542257071 CET | 443 | 49918 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:03.542339087 CET | 49918 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:03.542854071 CET | 49918 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:04.769493103 CET | 49929 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:04.769517899 CET | 443 | 49929 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:04.769594908 CET | 49929 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:04.770514965 CET | 49929 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:04.770529985 CET | 443 | 49929 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:10.190131903 CET | 443 | 49929 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:10.192347050 CET | 49929 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:10.192399025 CET | 443 | 49929 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:10.771048069 CET | 443 | 49929 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:10.771135092 CET | 443 | 49929 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:10.771190882 CET | 49929 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:10.772866964 CET | 49929 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:11.108835936 CET | 49945 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:11.108871937 CET | 443 | 49945 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:11.108944893 CET | 49945 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:11.109237909 CET | 49945 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:11.109256029 CET | 443 | 49945 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:13.320621967 CET | 443 | 49945 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:13.322897911 CET | 49945 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:13.322938919 CET | 443 | 49945 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:13.904057980 CET | 443 | 49945 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:13.905379057 CET | 443 | 49945 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:13.906579971 CET | 49945 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:13.907686949 CET | 49945 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:14.284219980 CET | 49952 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:14.284267902 CET | 443 | 49952 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:14.284487963 CET | 49952 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:14.285986900 CET | 49952 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:14.286003113 CET | 443 | 49952 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:16.534646034 CET | 443 | 49952 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:16.536952019 CET | 49952 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:16.536995888 CET | 443 | 49952 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:17.130865097 CET | 443 | 49952 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:17.132184982 CET | 443 | 49952 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:17.132291079 CET | 49952 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:17.145603895 CET | 49952 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:17.735358000 CET | 49962 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:17.735408068 CET | 443 | 49962 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:17.735749960 CET | 49962 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:17.736165047 CET | 49962 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:17.736180067 CET | 443 | 49962 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:20.188656092 CET | 443 | 49962 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:20.228023052 CET | 49962 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:20.228045940 CET | 443 | 49962 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:20.825434923 CET | 443 | 49962 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:20.825603962 CET | 443 | 49962 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:20.825655937 CET | 49962 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:20.826436043 CET | 49962 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:21.083280087 CET | 49969 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:21.083322048 CET | 443 | 49969 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:21.083409071 CET | 49969 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:21.083816051 CET | 49969 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:21.083838940 CET | 443 | 49969 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:23.310647964 CET | 443 | 49969 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:23.312393904 CET | 49969 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:23.312427044 CET | 443 | 49969 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:23.907551050 CET | 443 | 49969 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:23.908617973 CET | 443 | 49969 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:23.912137985 CET | 49969 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:23.912559032 CET | 49969 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:24.217480898 CET | 49979 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:24.217516899 CET | 443 | 49979 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:24.217744112 CET | 49979 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:24.218090057 CET | 49979 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:24.218103886 CET | 443 | 49979 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:26.479903936 CET | 443 | 49979 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:26.482620955 CET | 49979 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:26.482661009 CET | 443 | 49979 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:27.084114075 CET | 443 | 49979 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:27.085489988 CET | 443 | 49979 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:27.085551023 CET | 49979 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:27.085982084 CET | 49979 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:27.382402897 CET | 49985 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:27.382474899 CET | 443 | 49985 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:27.382545948 CET | 49985 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:27.382982969 CET | 49985 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:27.382996082 CET | 443 | 49985 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:29.613857985 CET | 443 | 49985 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:29.615948915 CET | 49985 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:29.615988970 CET | 443 | 49985 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:30.193701982 CET | 443 | 49985 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:30.194310904 CET | 443 | 49985 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:30.198338985 CET | 49985 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:30.198947906 CET | 49985 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:30.562181950 CET | 49994 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:30.562216997 CET | 443 | 49994 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:30.562287092 CET | 49994 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:30.562593937 CET | 49994 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:30.562609911 CET | 443 | 49994 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:32.793231010 CET | 443 | 49994 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:32.795564890 CET | 49994 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:32.795578003 CET | 443 | 49994 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:33.375575066 CET | 443 | 49994 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:33.375761032 CET | 443 | 49994 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:33.375818014 CET | 49994 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:33.376833916 CET | 49994 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:33.727360010 CET | 50002 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:33.727427959 CET | 443 | 50002 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:33.727534056 CET | 50002 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:33.728075027 CET | 50002 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:33.728094101 CET | 443 | 50002 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:35.949042082 CET | 443 | 50002 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:35.951075077 CET | 50002 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:35.951112986 CET | 443 | 50002 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:36.520804882 CET | 443 | 50002 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:36.522005081 CET | 443 | 50002 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:36.522056103 CET | 50002 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:36.522538900 CET | 50002 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:36.814948082 CET | 50011 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:36.814964056 CET | 443 | 50011 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:36.815072060 CET | 50011 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:36.815407038 CET | 50011 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:36.815418959 CET | 443 | 50011 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:39.273968935 CET | 443 | 50011 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:39.276173115 CET | 50011 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:39.276190996 CET | 443 | 50011 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:39.868211985 CET | 443 | 50011 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:39.868294954 CET | 443 | 50011 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:39.868403912 CET | 50011 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:39.869590998 CET | 50011 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:40.187057018 CET | 50019 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:40.187088966 CET | 443 | 50019 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:40.187339067 CET | 50019 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:40.187705040 CET | 50019 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:40.187721014 CET | 443 | 50019 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:42.412283897 CET | 443 | 50019 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:42.414536953 CET | 50019 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:42.414557934 CET | 443 | 50019 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:42.992398024 CET | 443 | 50019 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:42.992616892 CET | 443 | 50019 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:42.992713928 CET | 50019 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:42.998081923 CET | 50019 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:43.313519955 CET | 50028 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:43.313539982 CET | 443 | 50028 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:43.313620090 CET | 50028 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:43.313927889 CET | 50028 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:43.313945055 CET | 443 | 50028 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:45.533555031 CET | 443 | 50028 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:45.535748959 CET | 50028 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:45.535779953 CET | 443 | 50028 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:46.101008892 CET | 443 | 50028 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:46.102521896 CET | 443 | 50028 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:46.103843927 CET | 50028 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:46.124083996 CET | 50028 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:46.602210999 CET | 50036 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:46.602252007 CET | 443 | 50036 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:46.602328062 CET | 50036 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:46.602652073 CET | 50036 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:46.602668047 CET | 443 | 50036 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:48.854455948 CET | 443 | 50036 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:48.884833097 CET | 50036 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:48.884876013 CET | 443 | 50036 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:49.485055923 CET | 443 | 50036 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:49.485234976 CET | 443 | 50036 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:49.485507965 CET | 50036 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:49.486217022 CET | 50036 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:49.752167940 CET | 50043 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:49.752214909 CET | 443 | 50043 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:49.752480984 CET | 50043 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:49.752722979 CET | 50043 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:49.752737045 CET | 443 | 50043 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:52.150567055 CET | 443 | 50043 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:52.154149055 CET | 50043 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:52.154191017 CET | 443 | 50043 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:52.725562096 CET | 443 | 50043 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:52.725723028 CET | 443 | 50043 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:52.725776911 CET | 50043 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:52.726533890 CET | 50043 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:53.055622101 CET | 50053 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:53.055658102 CET | 443 | 50053 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:53.055727005 CET | 50053 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:53.056103945 CET | 50053 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:53.056121111 CET | 443 | 50053 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:55.815989017 CET | 443 | 50053 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:55.821983099 CET | 50053 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:55.822021008 CET | 443 | 50053 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:56.397922039 CET | 443 | 50053 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:56.398101091 CET | 443 | 50053 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:56.398241043 CET | 50053 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:56.399523973 CET | 50053 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:56.746157885 CET | 50056 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:56.746177912 CET | 443 | 50056 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:53:56.746244907 CET | 50056 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:56.746582985 CET | 50056 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:53:56.746596098 CET | 443 | 50056 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:54:02.024866104 CET | 443 | 50056 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:54:02.026731968 CET | 50056 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:54:02.026752949 CET | 443 | 50056 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:54:02.600059986 CET | 443 | 50056 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:54:02.601385117 CET | 443 | 50056 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:54:02.601452112 CET | 50056 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:54:02.601805925 CET | 50056 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:54:02.904423952 CET | 50057 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:54:02.904510975 CET | 443 | 50057 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:54:02.904623032 CET | 50057 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:54:02.905030966 CET | 50057 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:54:02.905047894 CET | 443 | 50057 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:54:05.340748072 CET | 443 | 50057 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:54:05.343013048 CET | 50057 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:54:05.343044043 CET | 443 | 50057 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:54:05.930596113 CET | 443 | 50057 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:54:05.931811094 CET | 443 | 50057 | 82.156.94.45 | 192.168.2.4 |
| Dec 20, 2024 15:54:05.931924105 CET | 50057 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:54:05.932374001 CET | 50057 | 443 | 192.168.2.4 | 82.156.94.45 |
| Dec 20, 2024 15:54:06.731492996 CET | 50058 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:06.731537104 CET | 443 | 50058 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:06.731672049 CET | 50058 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:06.731945992 CET | 50058 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:06.731960058 CET | 443 | 50058 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:09.131023884 CET | 443 | 50058 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:09.134052038 CET | 50058 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:09.134085894 CET | 443 | 50058 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:09.691520929 CET | 443 | 50058 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:09.691608906 CET | 443 | 50058 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:09.691670895 CET | 50058 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:09.692533970 CET | 50058 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:10.021101952 CET | 50059 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:10.021142960 CET | 443 | 50059 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:10.021325111 CET | 50059 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:10.021578074 CET | 50059 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:10.021595001 CET | 443 | 50059 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:12.242172956 CET | 443 | 50059 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:12.246577978 CET | 50059 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:12.246598005 CET | 443 | 50059 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:12.821785927 CET | 443 | 50059 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:12.822926998 CET | 443 | 50059 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:12.822988987 CET | 50059 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:12.823420048 CET | 50059 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:13.037950039 CET | 50060 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:13.037987947 CET | 443 | 50060 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:13.038108110 CET | 50060 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:13.038517952 CET | 50060 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:13.038539886 CET | 443 | 50060 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:15.272758007 CET | 443 | 50060 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:15.275158882 CET | 50060 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:15.275185108 CET | 443 | 50060 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:15.861867905 CET | 443 | 50060 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:15.863178015 CET | 443 | 50060 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:15.863420010 CET | 50060 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:15.864478111 CET | 50060 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:16.226593018 CET | 50061 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:16.226638079 CET | 443 | 50061 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:16.226897955 CET | 50061 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:16.227111101 CET | 50061 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:16.227130890 CET | 443 | 50061 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:18.648325920 CET | 443 | 50061 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:18.650944948 CET | 50061 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:18.650979042 CET | 443 | 50061 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:19.223306894 CET | 443 | 50061 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:19.223545074 CET | 443 | 50061 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:19.223617077 CET | 50061 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:19.224632025 CET | 50061 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:19.452708960 CET | 50062 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:19.452729940 CET | 443 | 50062 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:19.452887058 CET | 50062 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:19.453208923 CET | 50062 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:19.453217983 CET | 443 | 50062 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:21.676631927 CET | 443 | 50062 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:21.680955887 CET | 50062 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:21.680994034 CET | 443 | 50062 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:22.260035992 CET | 443 | 50062 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:22.260140896 CET | 443 | 50062 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:22.260279894 CET | 50062 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:22.261641979 CET | 50062 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:22.619786978 CET | 50063 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:22.619822979 CET | 443 | 50063 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:22.620035887 CET | 50063 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:22.620275974 CET | 50063 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:22.620296955 CET | 443 | 50063 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:24.844546080 CET | 443 | 50063 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:24.846759081 CET | 50063 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:24.846807003 CET | 443 | 50063 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:25.417457104 CET | 443 | 50063 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:25.418601036 CET | 443 | 50063 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:25.418778896 CET | 50063 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:25.419189930 CET | 50063 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:25.757841110 CET | 50064 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:25.757868052 CET | 443 | 50064 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:25.757958889 CET | 50064 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:25.760230064 CET | 50064 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:25.760246038 CET | 443 | 50064 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:27.978550911 CET | 443 | 50064 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:27.980803013 CET | 50064 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:27.980819941 CET | 443 | 50064 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:28.544441938 CET | 443 | 50064 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:28.545726061 CET | 443 | 50064 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:28.545835018 CET | 50064 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:28.546411037 CET | 50064 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:28.852130890 CET | 50065 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:28.852170944 CET | 443 | 50065 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:28.852252960 CET | 50065 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:28.852552891 CET | 50065 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:28.852569103 CET | 443 | 50065 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:31.074050903 CET | 443 | 50065 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:31.076283932 CET | 50065 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:31.076327085 CET | 443 | 50065 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:31.664625883 CET | 443 | 50065 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:31.665895939 CET | 443 | 50065 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:31.666115046 CET | 50065 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:31.666451931 CET | 50065 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:31.922291040 CET | 50066 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:31.922317028 CET | 443 | 50066 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:31.922446012 CET | 50066 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:31.924310923 CET | 50066 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:31.924323082 CET | 443 | 50066 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:34.155114889 CET | 443 | 50066 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:34.160269976 CET | 50066 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:34.160304070 CET | 443 | 50066 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:34.748804092 CET | 443 | 50066 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:34.750195026 CET | 443 | 50066 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:34.750277996 CET | 50066 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:34.750735998 CET | 50066 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:35.028037071 CET | 50067 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:35.028083086 CET | 443 | 50067 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:35.028167009 CET | 50067 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:35.029128075 CET | 50067 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:35.029145956 CET | 443 | 50067 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:37.248415947 CET | 443 | 50067 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:37.250449896 CET | 50067 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:37.250490904 CET | 443 | 50067 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:37.828973055 CET | 443 | 50067 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:37.830224991 CET | 443 | 50067 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:37.830342054 CET | 50067 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:37.830693007 CET | 50067 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:38.109661102 CET | 50068 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:38.109702110 CET | 443 | 50068 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:38.109829903 CET | 50068 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:38.110104084 CET | 50068 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:38.110121965 CET | 443 | 50068 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:40.517052889 CET | 443 | 50068 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:40.518960953 CET | 50068 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:40.518985987 CET | 443 | 50068 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:41.679116964 CET | 443 | 50068 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:41.679208040 CET | 443 | 50068 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:41.679336071 CET | 50068 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:41.680136919 CET | 50068 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:41.984637976 CET | 50069 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:41.984695911 CET | 443 | 50069 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:41.984810114 CET | 50069 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:41.985112906 CET | 50069 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:41.985131979 CET | 443 | 50069 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:45.278161049 CET | 443 | 50069 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:45.279953003 CET | 50069 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:45.279977083 CET | 443 | 50069 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:45.853118896 CET | 443 | 50069 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:45.854935884 CET | 443 | 50069 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:45.855010986 CET | 50069 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:45.855401039 CET | 50069 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:46.143805981 CET | 50070 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:46.143853903 CET | 443 | 50070 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:46.143971920 CET | 50070 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:46.144387960 CET | 50070 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:46.144407988 CET | 443 | 50070 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:48.370496988 CET | 443 | 50070 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:48.372720957 CET | 50070 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:48.372754097 CET | 443 | 50070 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:48.947542906 CET | 443 | 50070 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:48.948678970 CET | 443 | 50070 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:48.948829889 CET | 50070 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:48.949297905 CET | 50070 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:49.225909948 CET | 50071 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:49.225960970 CET | 443 | 50071 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:49.226149082 CET | 50071 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:49.226434946 CET | 50071 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:49.226447105 CET | 443 | 50071 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:51.489300966 CET | 443 | 50071 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:51.492923021 CET | 50071 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:51.492944956 CET | 443 | 50071 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:52.082223892 CET | 443 | 50071 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:52.083456039 CET | 443 | 50071 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:52.083520889 CET | 50071 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:52.084108114 CET | 50071 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:52.386328936 CET | 50072 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:52.386384010 CET | 443 | 50072 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:52.386557102 CET | 50072 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:52.386760950 CET | 50072 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:52.386780024 CET | 443 | 50072 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:54.608805895 CET | 443 | 50072 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:54.616317034 CET | 50072 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:54.616336107 CET | 443 | 50072 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:55.200629950 CET | 443 | 50072 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:55.200809956 CET | 443 | 50072 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:55.201031923 CET | 50072 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:55.201873064 CET | 50072 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:55.501493931 CET | 50073 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:55.501529932 CET | 443 | 50073 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:55.501672983 CET | 50073 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:55.502520084 CET | 50073 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:55.502541065 CET | 443 | 50073 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:58.488886118 CET | 443 | 50073 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:58.491367102 CET | 50073 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:58.491403103 CET | 443 | 50073 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:59.070594072 CET | 443 | 50073 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:59.071835995 CET | 443 | 50073 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:59.071926117 CET | 50073 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:59.072590113 CET | 50073 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:59.423698902 CET | 50074 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:59.423738003 CET | 443 | 50074 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:54:59.423903942 CET | 50074 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:59.426173925 CET | 50074 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:54:59.426187992 CET | 443 | 50074 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:55:01.641021013 CET | 443 | 50074 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:55:01.643299103 CET | 50074 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:55:01.643326044 CET | 443 | 50074 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:55:02.204297066 CET | 443 | 50074 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:55:02.205519915 CET | 443 | 50074 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:55:02.205647945 CET | 50074 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:55:02.314408064 CET | 50074 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:55:03.680174112 CET | 50075 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:55:03.680247068 CET | 443 | 50075 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:55:03.680486917 CET | 50075 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:55:03.681040049 CET | 50075 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:55:03.681057930 CET | 443 | 50075 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:55:05.920742035 CET | 443 | 50075 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:55:06.004662037 CET | 50075 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:55:06.040034056 CET | 50075 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:55:06.040051937 CET | 443 | 50075 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:55:06.628185987 CET | 443 | 50075 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:55:06.629450083 CET | 443 | 50075 | 82.156.94.47 | 192.168.2.4 |
| Dec 20, 2024 15:55:06.629507065 CET | 50075 | 443 | 192.168.2.4 | 82.156.94.47 |
| Dec 20, 2024 15:55:06.629849911 CET | 50075 | 443 | 192.168.2.4 | 82.156.94.47 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Dec 20, 2024 15:50:59.656857014 CET | 53366 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 20, 2024 15:51:00.114727974 CET | 53 | 53366 | 1.1.1.1 | 192.168.2.4 |
| Dec 20, 2024 15:52:00.676393032 CET | 50908 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 20, 2024 15:52:01.677072048 CET | 50908 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 20, 2024 15:52:02.050995111 CET | 53 | 50908 | 1.1.1.1 | 192.168.2.4 |
| Dec 20, 2024 15:52:02.051903009 CET | 53 | 50908 | 1.1.1.1 | 192.168.2.4 |
| Dec 20, 2024 15:53:03.891694069 CET | 59598 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 20, 2024 15:53:04.767590046 CET | 53 | 59598 | 1.1.1.1 | 192.168.2.4 |
| Dec 20, 2024 15:54:06.273274899 CET | 57073 | 53 | 192.168.2.4 | 1.1.1.1 |
| Dec 20, 2024 15:54:06.730097055 CET | 53 | 57073 | 1.1.1.1 | 192.168.2.4 |
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|
| Dec 20, 2024 15:50:59.656857014 CET | 192.168.2.4 | 1.1.1.1 | 0x5d3e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Dec 20, 2024 15:52:00.676393032 CET | 192.168.2.4 | 1.1.1.1 | 0x6a8e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Dec 20, 2024 15:52:01.677072048 CET | 192.168.2.4 | 1.1.1.1 | 0x6a8e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Dec 20, 2024 15:53:03.891694069 CET | 192.168.2.4 | 1.1.1.1 | 0x6d3c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Dec 20, 2024 15:54:06.273274899 CET | 192.168.2.4 | 1.1.1.1 | 0x1482 | Standard query (0) | A (IP address) | IN (0x0001) | false |
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|---|---|
| Dec 20, 2024 15:51:00.114727974 CET | 1.1.1.1 | 192.168.2.4 | 0x5d3e | No error (0) | bj.file.myqcloud.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 20, 2024 15:51:00.114727974 CET | 1.1.1.1 | 192.168.2.4 | 0x5d3e | No error (0) | 82.156.94.45 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:51:00.114727974 CET | 1.1.1.1 | 192.168.2.4 | 0x5d3e | No error (0) | 82.156.94.47 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:51:00.114727974 CET | 1.1.1.1 | 192.168.2.4 | 0x5d3e | No error (0) | 82.156.94.48 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:51:00.114727974 CET | 1.1.1.1 | 192.168.2.4 | 0x5d3e | No error (0) | 82.156.94.13 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:51:00.114727974 CET | 1.1.1.1 | 192.168.2.4 | 0x5d3e | No error (0) | 82.156.94.17 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:52:02.050995111 CET | 1.1.1.1 | 192.168.2.4 | 0x6a8e | No error (0) | bj.file.myqcloud.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 20, 2024 15:52:02.050995111 CET | 1.1.1.1 | 192.168.2.4 | 0x6a8e | No error (0) | 82.156.94.45 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:52:02.050995111 CET | 1.1.1.1 | 192.168.2.4 | 0x6a8e | No error (0) | 82.156.94.47 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:52:02.050995111 CET | 1.1.1.1 | 192.168.2.4 | 0x6a8e | No error (0) | 82.156.94.48 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:52:02.050995111 CET | 1.1.1.1 | 192.168.2.4 | 0x6a8e | No error (0) | 82.156.94.13 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:52:02.050995111 CET | 1.1.1.1 | 192.168.2.4 | 0x6a8e | No error (0) | 82.156.94.17 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:52:02.051903009 CET | 1.1.1.1 | 192.168.2.4 | 0x6a8e | No error (0) | bj.file.myqcloud.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 20, 2024 15:52:02.051903009 CET | 1.1.1.1 | 192.168.2.4 | 0x6a8e | No error (0) | 82.156.94.45 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:52:02.051903009 CET | 1.1.1.1 | 192.168.2.4 | 0x6a8e | No error (0) | 82.156.94.47 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:52:02.051903009 CET | 1.1.1.1 | 192.168.2.4 | 0x6a8e | No error (0) | 82.156.94.48 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:52:02.051903009 CET | 1.1.1.1 | 192.168.2.4 | 0x6a8e | No error (0) | 82.156.94.13 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:52:02.051903009 CET | 1.1.1.1 | 192.168.2.4 | 0x6a8e | No error (0) | 82.156.94.17 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:53:04.767590046 CET | 1.1.1.1 | 192.168.2.4 | 0x6d3c | No error (0) | bj.file.myqcloud.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 20, 2024 15:53:04.767590046 CET | 1.1.1.1 | 192.168.2.4 | 0x6d3c | No error (0) | 82.156.94.45 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:53:04.767590046 CET | 1.1.1.1 | 192.168.2.4 | 0x6d3c | No error (0) | 82.156.94.47 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:53:04.767590046 CET | 1.1.1.1 | 192.168.2.4 | 0x6d3c | No error (0) | 82.156.94.48 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:53:04.767590046 CET | 1.1.1.1 | 192.168.2.4 | 0x6d3c | No error (0) | 82.156.94.13 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:53:04.767590046 CET | 1.1.1.1 | 192.168.2.4 | 0x6d3c | No error (0) | 82.156.94.17 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:54:06.730097055 CET | 1.1.1.1 | 192.168.2.4 | 0x1482 | No error (0) | bj.file.myqcloud.com | CNAME (Canonical name) | IN (0x0001) | false | ||
| Dec 20, 2024 15:54:06.730097055 CET | 1.1.1.1 | 192.168.2.4 | 0x1482 | No error (0) | 82.156.94.47 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:54:06.730097055 CET | 1.1.1.1 | 192.168.2.4 | 0x1482 | No error (0) | 82.156.94.48 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:54:06.730097055 CET | 1.1.1.1 | 192.168.2.4 | 0x1482 | No error (0) | 82.156.94.13 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:54:06.730097055 CET | 1.1.1.1 | 192.168.2.4 | 0x1482 | No error (0) | 82.156.94.17 | A (IP address) | IN (0x0001) | false | ||
| Dec 20, 2024 15:54:06.730097055 CET | 1.1.1.1 | 192.168.2.4 | 0x1482 | No error (0) | 82.156.94.45 | A (IP address) | IN (0x0001) | false |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 0 | 192.168.2.4 | 49733 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:02 UTC | 131 | OUT | |
| 2024-12-20 14:51:03 UTC | 422 | IN | |
| 2024-12-20 14:51:03 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 1 | 192.168.2.4 | 49737 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:13 UTC | 131 | OUT | |
| 2024-12-20 14:51:14 UTC | 422 | IN | |
| 2024-12-20 14:51:14 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 2 | 192.168.2.4 | 49738 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:16 UTC | 107 | OUT | |
| 2024-12-20 14:51:17 UTC | 418 | IN | |
| 2024-12-20 14:51:17 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 3 | 192.168.2.4 | 49740 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:21 UTC | 107 | OUT | |
| 2024-12-20 14:51:22 UTC | 418 | IN | |
| 2024-12-20 14:51:22 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 4 | 192.168.2.4 | 49745 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:24 UTC | 107 | OUT | |
| 2024-12-20 14:51:25 UTC | 418 | IN | |
| 2024-12-20 14:51:25 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 5 | 192.168.2.4 | 49747 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:30 UTC | 131 | OUT | |
| 2024-12-20 14:51:31 UTC | 422 | IN | |
| 2024-12-20 14:51:31 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 6 | 192.168.2.4 | 49748 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:33 UTC | 131 | OUT | |
| 2024-12-20 14:51:34 UTC | 418 | IN | |
| 2024-12-20 14:51:34 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 7 | 192.168.2.4 | 49749 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:37 UTC | 131 | OUT | |
| 2024-12-20 14:51:37 UTC | 418 | IN | |
| 2024-12-20 14:51:37 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 8 | 192.168.2.4 | 49750 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:40 UTC | 131 | OUT | |
| 2024-12-20 14:51:40 UTC | 418 | IN | |
| 2024-12-20 14:51:40 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 9 | 192.168.2.4 | 49751 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:43 UTC | 107 | OUT | |
| 2024-12-20 14:51:43 UTC | 418 | IN | |
| 2024-12-20 14:51:43 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 10 | 192.168.2.4 | 49752 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:46 UTC | 131 | OUT | |
| 2024-12-20 14:51:47 UTC | 418 | IN | |
| 2024-12-20 14:51:47 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 11 | 192.168.2.4 | 49753 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:49 UTC | 131 | OUT | |
| 2024-12-20 14:51:50 UTC | 422 | IN | |
| 2024-12-20 14:51:50 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 12 | 192.168.2.4 | 49754 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:53 UTC | 131 | OUT | |
| 2024-12-20 14:51:54 UTC | 418 | IN | |
| 2024-12-20 14:51:54 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 13 | 192.168.2.4 | 49755 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:56 UTC | 131 | OUT | |
| 2024-12-20 14:51:57 UTC | 418 | IN | |
| 2024-12-20 14:51:57 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 14 | 192.168.2.4 | 49757 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:51:59 UTC | 131 | OUT | |
| 2024-12-20 14:52:00 UTC | 418 | IN | |
| 2024-12-20 14:52:00 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 15 | 192.168.2.4 | 49769 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:04 UTC | 131 | OUT | |
| 2024-12-20 14:52:05 UTC | 418 | IN | |
| 2024-12-20 14:52:05 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 16 | 192.168.2.4 | 49780 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:07 UTC | 107 | OUT | |
| 2024-12-20 14:52:08 UTC | 418 | IN | |
| 2024-12-20 14:52:08 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 17 | 192.168.2.4 | 49786 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:13 UTC | 131 | OUT | |
| 2024-12-20 14:52:14 UTC | 418 | IN | |
| 2024-12-20 14:52:14 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 18 | 192.168.2.4 | 49800 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:17 UTC | 131 | OUT | |
| 2024-12-20 14:52:18 UTC | 418 | IN | |
| 2024-12-20 14:52:18 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 19 | 192.168.2.4 | 49810 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:21 UTC | 131 | OUT | |
| 2024-12-20 14:52:21 UTC | 418 | IN | |
| 2024-12-20 14:52:21 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 20 | 192.168.2.4 | 49821 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:24 UTC | 131 | OUT | |
| 2024-12-20 14:52:24 UTC | 418 | IN | |
| 2024-12-20 14:52:24 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 21 | 192.168.2.4 | 49827 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:27 UTC | 131 | OUT | |
| 2024-12-20 14:52:28 UTC | 418 | IN | |
| 2024-12-20 14:52:28 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 22 | 192.168.2.4 | 49837 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:31 UTC | 131 | OUT | |
| 2024-12-20 14:52:31 UTC | 418 | IN | |
| 2024-12-20 14:52:31 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 23 | 192.168.2.4 | 49844 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:34 UTC | 107 | OUT | |
| 2024-12-20 14:52:34 UTC | 418 | IN | |
| 2024-12-20 14:52:34 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 24 | 192.168.2.4 | 49855 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:37 UTC | 131 | OUT | |
| 2024-12-20 14:52:37 UTC | 418 | IN | |
| 2024-12-20 14:52:37 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 25 | 192.168.2.4 | 49861 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:40 UTC | 131 | OUT | |
| 2024-12-20 14:52:40 UTC | 422 | IN | |
| 2024-12-20 14:52:40 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 26 | 192.168.2.4 | 49868 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:43 UTC | 107 | OUT | |
| 2024-12-20 14:52:44 UTC | 422 | IN | |
| 2024-12-20 14:52:44 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 27 | 192.168.2.4 | 49878 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:46 UTC | 131 | OUT | |
| 2024-12-20 14:52:47 UTC | 418 | IN | |
| 2024-12-20 14:52:47 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 28 | 192.168.2.4 | 49885 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:49 UTC | 107 | OUT | |
| 2024-12-20 14:52:50 UTC | 418 | IN | |
| 2024-12-20 14:52:50 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 29 | 192.168.2.4 | 49895 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:53 UTC | 107 | OUT | |
| 2024-12-20 14:52:53 UTC | 418 | IN | |
| 2024-12-20 14:52:53 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 30 | 192.168.2.4 | 49901 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:56 UTC | 131 | OUT | |
| 2024-12-20 14:52:56 UTC | 418 | IN | |
| 2024-12-20 14:52:56 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 31 | 192.168.2.4 | 49912 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:52:59 UTC | 131 | OUT | |
| 2024-12-20 14:52:59 UTC | 418 | IN | |
| 2024-12-20 14:52:59 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 32 | 192.168.2.4 | 49918 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:02 UTC | 131 | OUT | |
| 2024-12-20 14:53:03 UTC | 418 | IN | |
| 2024-12-20 14:53:03 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 33 | 192.168.2.4 | 49929 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:10 UTC | 131 | OUT | |
| 2024-12-20 14:53:10 UTC | 422 | IN | |
| 2024-12-20 14:53:10 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 34 | 192.168.2.4 | 49945 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:13 UTC | 131 | OUT | |
| 2024-12-20 14:53:13 UTC | 418 | IN | |
| 2024-12-20 14:53:13 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 35 | 192.168.2.4 | 49952 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:16 UTC | 131 | OUT | |
| 2024-12-20 14:53:17 UTC | 418 | IN | |
| 2024-12-20 14:53:17 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 36 | 192.168.2.4 | 49962 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:20 UTC | 107 | OUT | |
| 2024-12-20 14:53:20 UTC | 418 | IN | |
| 2024-12-20 14:53:20 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 37 | 192.168.2.4 | 49969 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:23 UTC | 131 | OUT | |
| 2024-12-20 14:53:23 UTC | 418 | IN | |
| 2024-12-20 14:53:23 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 38 | 192.168.2.4 | 49979 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:26 UTC | 107 | OUT | |
| 2024-12-20 14:53:27 UTC | 418 | IN | |
| 2024-12-20 14:53:27 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 39 | 192.168.2.4 | 49985 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:29 UTC | 131 | OUT | |
| 2024-12-20 14:53:30 UTC | 422 | IN | |
| 2024-12-20 14:53:30 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 40 | 192.168.2.4 | 49994 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:32 UTC | 131 | OUT | |
| 2024-12-20 14:53:33 UTC | 418 | IN | |
| 2024-12-20 14:53:33 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 41 | 192.168.2.4 | 50002 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:35 UTC | 131 | OUT | |
| 2024-12-20 14:53:36 UTC | 422 | IN | |
| 2024-12-20 14:53:36 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 42 | 192.168.2.4 | 50011 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:39 UTC | 131 | OUT | |
| 2024-12-20 14:53:39 UTC | 418 | IN | |
| 2024-12-20 14:53:39 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 43 | 192.168.2.4 | 50019 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:42 UTC | 107 | OUT | |
| 2024-12-20 14:53:42 UTC | 418 | IN | |
| 2024-12-20 14:53:42 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 44 | 192.168.2.4 | 50028 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:45 UTC | 107 | OUT | |
| 2024-12-20 14:53:46 UTC | 418 | IN | |
| 2024-12-20 14:53:46 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 45 | 192.168.2.4 | 50036 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:48 UTC | 107 | OUT | |
| 2024-12-20 14:53:49 UTC | 418 | IN | |
| 2024-12-20 14:53:49 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 46 | 192.168.2.4 | 50043 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:52 UTC | 131 | OUT | |
| 2024-12-20 14:53:52 UTC | 422 | IN | |
| 2024-12-20 14:53:52 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 47 | 192.168.2.4 | 50053 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:53:55 UTC | 131 | OUT | |
| 2024-12-20 14:53:56 UTC | 422 | IN | |
| 2024-12-20 14:53:56 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 48 | 192.168.2.4 | 50056 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:02 UTC | 131 | OUT | |
| 2024-12-20 14:54:02 UTC | 418 | IN | |
| 2024-12-20 14:54:02 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 49 | 192.168.2.4 | 50057 | 82.156.94.45 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:05 UTC | 107 | OUT | |
| 2024-12-20 14:54:05 UTC | 422 | IN | |
| 2024-12-20 14:54:05 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 50 | 192.168.2.4 | 50058 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:09 UTC | 131 | OUT | |
| 2024-12-20 14:54:09 UTC | 418 | IN | |
| 2024-12-20 14:54:09 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 51 | 192.168.2.4 | 50059 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:12 UTC | 131 | OUT | |
| 2024-12-20 14:54:12 UTC | 418 | IN | |
| 2024-12-20 14:54:12 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 52 | 192.168.2.4 | 50060 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:15 UTC | 107 | OUT | |
| 2024-12-20 14:54:15 UTC | 418 | IN | |
| 2024-12-20 14:54:15 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 53 | 192.168.2.4 | 50061 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:18 UTC | 131 | OUT | |
| 2024-12-20 14:54:19 UTC | 418 | IN | |
| 2024-12-20 14:54:19 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 54 | 192.168.2.4 | 50062 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:21 UTC | 131 | OUT | |
| 2024-12-20 14:54:22 UTC | 422 | IN | |
| 2024-12-20 14:54:22 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 55 | 192.168.2.4 | 50063 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:24 UTC | 131 | OUT | |
| 2024-12-20 14:54:25 UTC | 422 | IN | |
| 2024-12-20 14:54:25 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 56 | 192.168.2.4 | 50064 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:27 UTC | 107 | OUT | |
| 2024-12-20 14:54:28 UTC | 418 | IN | |
| 2024-12-20 14:54:28 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 57 | 192.168.2.4 | 50065 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:31 UTC | 107 | OUT | |
| 2024-12-20 14:54:31 UTC | 418 | IN | |
| 2024-12-20 14:54:31 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 58 | 192.168.2.4 | 50066 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:34 UTC | 107 | OUT | |
| 2024-12-20 14:54:34 UTC | 418 | IN | |
| 2024-12-20 14:54:34 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 59 | 192.168.2.4 | 50067 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:37 UTC | 107 | OUT | |
| 2024-12-20 14:54:37 UTC | 418 | IN | |
| 2024-12-20 14:54:37 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 60 | 192.168.2.4 | 50068 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:40 UTC | 107 | OUT | |
| 2024-12-20 14:54:41 UTC | 418 | IN | |
| 2024-12-20 14:54:41 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 61 | 192.168.2.4 | 50069 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:45 UTC | 131 | OUT | |
| 2024-12-20 14:54:45 UTC | 418 | IN | |
| 2024-12-20 14:54:45 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 62 | 192.168.2.4 | 50070 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:48 UTC | 131 | OUT | |
| 2024-12-20 14:54:48 UTC | 422 | IN | |
| 2024-12-20 14:54:48 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 63 | 192.168.2.4 | 50071 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:51 UTC | 131 | OUT | |
| 2024-12-20 14:54:52 UTC | 418 | IN | |
| 2024-12-20 14:54:52 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 64 | 192.168.2.4 | 50072 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:54 UTC | 131 | OUT | |
| 2024-12-20 14:54:55 UTC | 418 | IN | |
| 2024-12-20 14:54:55 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 65 | 192.168.2.4 | 50073 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:54:58 UTC | 131 | OUT | |
| 2024-12-20 14:54:59 UTC | 422 | IN | |
| 2024-12-20 14:54:59 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 66 | 192.168.2.4 | 50074 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:55:01 UTC | 107 | OUT | |
| 2024-12-20 14:55:02 UTC | 422 | IN | |
| 2024-12-20 14:55:02 UTC | 359 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 67 | 192.168.2.4 | 50075 | 82.156.94.47 | 443 | 7260 | C:\Users\user\Desktop\Browser.Daemon.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-12-20 14:55:06 UTC | 107 | OUT | |
| 2024-12-20 14:55:06 UTC | 418 | IN | |
| 2024-12-20 14:55:06 UTC | 359 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
| Target ID: | 0 |
| Start time: | 09:50:58 |
| Start date: | 20/12/2024 |
| Path: | C:\Users\user\Desktop\Browser.Daemon.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x910000 |
| File size: | 35'232 bytes |
| MD5 hash: | 294A647F4EFD42428DC119F961416B76 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Has exited: | false |
| Target ID: | 3 |
| Start time: | 09:51:12 |
| Start date: | 20/12/2024 |
| Path: | C:\Users\user\Desktop\Browser.Daemon.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0xa80000 |
| File size: | 35'232 bytes |
| MD5 hash: | 294A647F4EFD42428DC119F961416B76 |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Has exited: | true |
Function 01265C80 Relevance: 1.5, Strings: 1, Instructions: 238COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01262E40 Relevance: .5, Instructions: 486COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01266898 Relevance: .3, Instructions: 266COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01266610 Relevance: 2.7, Strings: 2, Instructions: 180COMMON
Download Yara Rule
| Strings |
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01266604 Relevance: 2.7, Strings: 2, Instructions: 179COMMON
Download Yara Rule
| Strings |
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01265C74 Relevance: 1.5, Strings: 1, Instructions: 234COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01260EA7 Relevance: 1.3, Strings: 1, Instructions: 38COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01260EB8 Relevance: 1.3, Strings: 1, Instructions: 33COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0126688C Relevance: .3, Instructions: 261COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01261E48 Relevance: .2, Instructions: 241COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01261E38 Relevance: .2, Instructions: 222COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 012621BA Relevance: .1, Instructions: 127COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01261440 Relevance: .1, Instructions: 122COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 012634B1 Relevance: .1, Instructions: 109COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 012615EA Relevance: .1, Instructions: 104COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 012635F0 Relevance: .1, Instructions: 101COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 012615F8 Relevance: .1, Instructions: 98COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 012640D5 Relevance: .1, Instructions: 95COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01263608 Relevance: .1, Instructions: 95COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 012624F8 Relevance: .1, Instructions: 93COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01260F39 Relevance: .1, Instructions: 93COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01261889 Relevance: .1, Instructions: 90COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 012640E0 Relevance: .1, Instructions: 90COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01260D78 Relevance: .1, Instructions: 86COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01260D68 Relevance: .1, Instructions: 85COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01266D88 Relevance: .1, Instructions: 85COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01266D98 Relevance: .1, Instructions: 81COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01261730 Relevance: .1, Instructions: 77COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0120D06C Relevance: .1, Instructions: 77COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0121D01C Relevance: .1, Instructions: 72COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01261740 Relevance: .1, Instructions: 71COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 012607FF Relevance: .1, Instructions: 66COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01262378 Relevance: .1, Instructions: 65COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01266EC4 Relevance: .1, Instructions: 62COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0120D067 Relevance: .1, Instructions: 58COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01262388 Relevance: .1, Instructions: 57COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01260848 Relevance: .1, Instructions: 53COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0121D017 Relevance: .1, Instructions: 53COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0120D7C9 Relevance: .0, Instructions: 45COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01262460 Relevance: .0, Instructions: 43COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01262470 Relevance: .0, Instructions: 37COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0120D7C8 Relevance: .0, Instructions: 36COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01260920 Relevance: .0, Instructions: 23COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01261DD0 Relevance: .0, Instructions: 19COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01260930 Relevance: .0, Instructions: 17COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01261DE0 Relevance: .0, Instructions: 16COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 012608F8 Relevance: .0, Instructions: 13COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 01265FC8 Relevance: 1.5, Strings: 1, Instructions: 281COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 013F0EA7 Relevance: 1.3, Strings: 1, Instructions: 38COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 013F0EB8 Relevance: 1.3, Strings: 1, Instructions: 33COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 013F1098 Relevance: 1.0, Instructions: 988COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 013F0CAD Relevance: .1, Instructions: 118COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 013F0D30 Relevance: .1, Instructions: 108COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 013F0D15 Relevance: .1, Instructions: 95COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 013F0D78 Relevance: .1, Instructions: 86COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0107D06C Relevance: .1, Instructions: 77COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 013F1730 Relevance: .1, Instructions: 76COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0108D01C Relevance: .1, Instructions: 72COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 013F07FF Relevance: .1, Instructions: 72COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 013F1740 Relevance: .1, Instructions: 71COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0107D067 Relevance: .1, Instructions: 58COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0108D017 Relevance: .1, Instructions: 53COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 013F0848 Relevance: .1, Instructions: 53COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0107D7C9 Relevance: .0, Instructions: 45COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 0107D7C8 Relevance: .0, Instructions: 36COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 013F0920 Relevance: .0, Instructions: 23COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 013F0930 Relevance: .0, Instructions: 17COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 013F08F8 Relevance: .0, Instructions: 13COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|