Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
boatnet.m68k.elf

Overview

General Information

Sample name:boatnet.m68k.elf
Analysis ID:1579160
MD5:0e1206df9c7f87c0ec86cf885816d434
SHA1:991eb6d8db4f302ed5d47f523bebc8f6d4e96978
SHA256:c7ab8cb4f88c4b8e36363477f6d7c0cffc4edf8bddbdbec94155bf4963417196
Tags:elfuser-abuse_ch
Infos:

Detection

Mirai
Score:76
Range:0 - 100
Whitelisted:false

Signatures

Antivirus / Scanner detection for submitted sample
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Yara detected Mirai
Sample tries to kill multiple processes (SIGKILL)
Creates hidden files and/or directories
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Sample has stripped symbol table
Sample tries to kill a process (SIGKILL)
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Uses the "uname" system call to query kernel version information (possible evasion)
Yara signature match

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1579160
Start date and time:2024-12-20 23:15:39 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 5m 24s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:boatnet.m68k.elf
Detection:MAL
Classification:mal76.spre.troj.linELF@0/0@0/0

Warnings

  • VT rate limit hit for: boatnet.m68k.elf

Runtime Messages

Command:/tmp/boatnet.m68k.elf
PID:6261
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
lzrd cock fest"/proc/"/exe
Standard Error:

Process Tree

  • system is lnxubuntu20
  • wrapper-2.0 (PID: 6273, Parent: 2063, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray "Notification Area" "Area where notification icons appear"
  • wrapper-2.0 (PID: 6274, Parent: 2063, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921 statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
  • wrapper-2.0 (PID: 6275, Parent: 2063, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8 12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
  • wrapper-2.0 (PID: 6276, Parent: 2063, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9 12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness of your display"
    • xfpm-power-backlight-helper (PID: 6291, Parent: 6276, MD5: 3d221ad23f28ca3259f599b1664e2427) Arguments: /usr/sbin/xfpm-power-backlight-helper --get-max-brightness
  • wrapper-2.0 (PID: 6277, Parent: 2063, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so 10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
  • wrapper-2.0 (PID: 6278, Parent: 2063, MD5: ac0b8a906f359a8ae102244738682e76) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925 actions "Action Buttons" "Log out, lock or other system actions"
  • xfconfd (PID: 6290, Parent: 6289, MD5: 4c7a0d6d258bb970905b19b84abcd8e9) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
  • systemd New Fork (PID: 6297, Parent: 1860)
  • xfce4-notifyd (PID: 6297, Parent: 1860, MD5: eee956f1b227c1d5031f9c61223255d1) Arguments: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd
  • cleanup

Malware Threat Intel

Provided by

NameDescriptionAttributionBlogpost URLsLink
MiraiMirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world.No Attributionhttps://malpedia.caad.fkie.fraunhofer.de/details/elf.mirai

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
boatnet.m68k.elfJoeSecurity_Mirai_8Yara detected MiraiJoe Security
    boatnet.m68k.elfLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
    • 0x10828:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x1083c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x10850:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x10864:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x10878:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x1088c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x108a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x108b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x108c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x108dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x108f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x10904:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x10918:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x1092c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x10940:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x10954:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x10968:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x1097c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x10990:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x109a4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    • 0x109b8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
    boatnet.m68k.elfLinux_Trojan_Gafgyt_ea92cca8unknownunknown
    • 0x10d79:$a: 53 65 6C 66 20 52 65 70 20 46 75 63 6B 69 6E 67 20 4E 65 54 69 53 20 61 6E 64

    Memory Dumps

    SourceRuleDescriptionAuthorStrings
    6261.1.00007f57ec001000.00007f57ec013000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
      6261.1.00007f57ec001000.00007f57ec013000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
      • 0x10828:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x1083c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x10850:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x10864:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x10878:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x1088c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x108a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x108b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x108c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x108dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x108f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x10904:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x10918:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x1092c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x10940:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x10954:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x10968:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x1097c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x10990:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x109a4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      • 0x109b8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
      6261.1.00007f57ec001000.00007f57ec013000.r-x.sdmpLinux_Trojan_Gafgyt_ea92cca8unknownunknown
      • 0x10d79:$a: 53 65 6C 66 20 52 65 70 20 46 75 63 6B 69 6E 67 20 4E 65 54 69 53 20 61 6E 64
      6264.1.00007f57ec001000.00007f57ec013000.r-x.sdmpJoeSecurity_Mirai_8Yara detected MiraiJoe Security
        6264.1.00007f57ec001000.00007f57ec013000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
        • 0x10828:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x1083c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x10850:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x10864:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x10878:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x1088c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x108a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x108b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x108c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x108dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x108f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x10904:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x10918:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x1092c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x10940:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x10954:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x10968:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x1097c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x10990:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x109a4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        • 0x109b8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
        Click to see the 7 entries

        Suricata Signatures

        No Suricata rule has matched

        Joe Sandbox Signatures

        Click to jump to signature section

        Show All Signature Results

        AV Detection

        barindex
        Antivirus / Scanner detection for submitted sample
        Source: boatnet.m68k.elfAvira: detected
        Multi AV Scanner detection for submitted file
        Source: boatnet.m68k.elfReversingLabs: Detection: 65%
        Source: global trafficTCP traffic: 192.168.2.23:46318 -> 178.215.238.74:3778
        Source: global trafficTCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80
        Source: global trafficTCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443
        Source: global trafficTCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
        Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
        Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 178.215.238.74
        Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
        Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
        Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443

        System Summary

        barindex
        Malicious sample detected (through community Yara rule)
        Source: boatnet.m68k.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
        Source: boatnet.m68k.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
        Source: 6261.1.00007f57ec001000.00007f57ec013000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
        Source: 6261.1.00007f57ec001000.00007f57ec013000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
        Source: 6264.1.00007f57ec001000.00007f57ec013000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
        Source: 6264.1.00007f57ec001000.00007f57ec013000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
        Source: Process Memory Space: boatnet.m68k.elf PID: 6261, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
        Source: Process Memory Space: boatnet.m68k.elf PID: 6261, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
        Source: Process Memory Space: boatnet.m68k.elf PID: 6264, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
        Source: Process Memory Space: boatnet.m68k.elf PID: 6264, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 Author: unknown
        Sample tries to kill multiple processes (SIGKILL)
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2018, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2077, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2078, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2079, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2080, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2083, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2084, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2114, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2156, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6273, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6274, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6275, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6276, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6277, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6278, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6290, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6297, result: successfulJump to behavior
        Source: ELF static info symbol of initial sample.symtab present: no
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2018, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2077, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2078, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2079, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2080, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2083, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2084, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2114, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 2156, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6273, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6274, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6275, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6276, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6277, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6278, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6290, result: successfulJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)SIGKILL sent: pid: 6297, result: successfulJump to behavior
        Source: boatnet.m68k.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
        Source: boatnet.m68k.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
        Source: 6261.1.00007f57ec001000.00007f57ec013000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
        Source: 6261.1.00007f57ec001000.00007f57ec013000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
        Source: 6264.1.00007f57ec001000.00007f57ec013000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
        Source: 6264.1.00007f57ec001000.00007f57ec013000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
        Source: Process Memory Space: boatnet.m68k.elf PID: 6261, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
        Source: Process Memory Space: boatnet.m68k.elf PID: 6261, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
        Source: Process Memory Space: boatnet.m68k.elf PID: 6264, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
        Source: Process Memory Space: boatnet.m68k.elf PID: 6264, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_ea92cca8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = aa4aee9f3d6bedd8234eaf8778895a0f5d71c42b21f2a428f01f121e85704e8e, id = ea92cca8-bba7-4a1c-9b88-a2d051ad0021, last_modified = 2021-09-16
        Source: classification engineClassification label: mal76.spre.troj.linELF@0/0@0/0
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /home/saturnino/.fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/X11/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /home/saturnino/.fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/X11/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /home/saturnino/.fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/X11/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /home/saturnino/.cacheJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /home/saturnino/.localJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Directory: /home/saturnino/.configJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /home/saturnino/.local/share/fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /home/saturnino/.fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/X11/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/cMap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/cmap/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/opentype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/X11/Type1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/X11/encodings/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/X11/misc/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/X11/util/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/cmap/adobe-cns1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/cmap/adobe-gb1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/cmap/adobe-japan1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/cmap/adobe-japan2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/cmap/adobe-korea1/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/opentype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/opentype/mathjax/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/opentype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/opentype/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/Gargi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/Gubbi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/Nakula/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/Navilu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/Sahadeva/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/Sarai/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/abyssinica/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/ancient-scripts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/dejavu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/droid/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/fonts-beng-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/fonts-deva-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/fonts-gujr-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/fonts-guru-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/fonts-kalapi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/fonts-orya-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/fonts-telu-extra/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/fonts-yrsa-rasa/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/freefont/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/kacst/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/kacst-one/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/lao/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/lato/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/liberation/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/liberation2/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/lohit-assamese/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/lohit-bengali/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/lohit-devanagari/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/lohit-gujarati/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/lohit-kannada/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/lohit-malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/lohit-oriya/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/lohit-punjabi/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/lohit-tamil/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/lohit-tamil-classical/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/lohit-telugu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/malayalam/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/noto/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/openoffice/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/padauk/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/pagul/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/samyak/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/samyak-fonts/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/sinhala/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/tibetan-machine/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/tlwg/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/ttf-khmeros-core/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/truetype/ubuntu/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/type1/urw-base35/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Directory: /usr/share/fonts/X11/encodings/large/.uuidJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 6290)Directory: /home/saturnino/.cacheJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 6290)Directory: /home/saturnino/.localJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 6290)Directory: /home/saturnino/.configJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd (PID: 6290)Directory: /home/saturnino/.configJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 6297)Directory: /home/saturnino/.Xdefaults-galassiaJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 6297)Directory: /home/saturnino/.cacheJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 6297)Directory: /home/saturnino/.localJump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 6297)Directory: /home/saturnino/.configJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1582/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2033/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2275/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/3088/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1612/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1579/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1699/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1335/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1698/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2028/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1334/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1576/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2302/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/3236/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2025/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2146/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/910/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/4444/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/4445/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/912/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/4446/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/517/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/759/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/4447/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2307/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/918/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/6243/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/6242/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1594/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2285/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2281/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1349/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1623/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/761/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1622/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/884/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1983/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2038/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1344/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1465/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1586/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1463/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2156/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/800/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/801/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/6358/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1629/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1627/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1900/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/3021/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/491/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2294/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/6093/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2050/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1877/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/4508/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/772/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1633/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1599/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1632/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/774/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1477/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/654/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/896/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1476/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1872/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2048/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/655/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1475/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2289/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/656/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/777/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/657/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/658/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/419/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/936/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1639/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1638/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2208/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2180/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/6266/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1809/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1494/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1890/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2063/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/2062/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1888/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/4518/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1886/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/420/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1489/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/785/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1642/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/788/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/667/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/789/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/4512/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/4514/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/1648/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/6274/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/6273/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/6276/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/6275/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/6278/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6263)File opened: /proc/6311/cmdlineJump to behavior
        Source: /tmp/boatnet.m68k.elf (PID: 6261)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6275)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6276)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6277)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 (PID: 6278)Queries kernel information via 'uname': Jump to behavior
        Source: /usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd (PID: 6297)Queries kernel information via 'uname': Jump to behavior
        Source: boatnet.m68k.elf, 6261.1.00007ffc1aed9000.00007ffc1aefa000.rw-.sdmp, boatnet.m68k.elf, 6264.1.00007ffc1aed9000.00007ffc1aefa000.rw-.sdmpBinary or memory string: 7x86_64/usr/bin/qemu-m68k/tmp/boatnet.m68k.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/boatnet.m68k.elf
        Source: boatnet.m68k.elf, 6261.1.00007ffc1aed9000.00007ffc1aefa000.rw-.sdmp, boatnet.m68k.elf, 6264.1.00007ffc1aed9000.00007ffc1aefa000.rw-.sdmpBinary or memory string: /usr/bin/qemu-m68k
        Source: boatnet.m68k.elf, 6261.1.0000555c65649000.0000555c656cf000.rw-.sdmp, boatnet.m68k.elf, 6264.1.0000555c65649000.0000555c656cf000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/m68k
        Source: boatnet.m68k.elf, 6261.1.0000555c65649000.0000555c656cf000.rw-.sdmp, boatnet.m68k.elf, 6264.1.0000555c65649000.0000555c656cf000.rw-.sdmpBinary or memory string: de\U!/etc/qemu-binfmt/m68k

        Stealing of Sensitive Information

        barindex
        Yara detected Mirai
        Source: Yara matchFile source: boatnet.m68k.elf, type: SAMPLE
        Source: Yara matchFile source: 6261.1.00007f57ec001000.00007f57ec013000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: 6264.1.00007f57ec001000.00007f57ec013000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: Process Memory Space: boatnet.m68k.elf PID: 6261, type: MEMORYSTR
        Source: Yara matchFile source: Process Memory Space: boatnet.m68k.elf PID: 6264, type: MEMORYSTR

        Remote Access Functionality

        barindex
        Yara detected Mirai
        Source: Yara matchFile source: boatnet.m68k.elf, type: SAMPLE
        Source: Yara matchFile source: 6261.1.00007f57ec001000.00007f57ec013000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: 6264.1.00007f57ec001000.00007f57ec013000.r-x.sdmp, type: MEMORY
        Source: Yara matchFile source: Process Memory Space: boatnet.m68k.elf PID: 6261, type: MEMORYSTR
        Source: Yara matchFile source: Process Memory Space: boatnet.m68k.elf PID: 6264, type: MEMORYSTR

        Mitre Att&ck Matrix

        ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
        Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath InterceptionPath Interception1
        Hidden Files and Directories        		1
        OS Credential Dumping        		11
        Security Software Discovery        		Remote ServicesData from Local System1
        Encrypted Channel        		Exfiltration Over Other Network Medium1
        Service Stop
        CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
        Non-Standard Port        		Exfiltration Over BluetoothNetwork Denial of Service
        Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive1
        Application Layer Protocol        		Automated ExfiltrationData Encrypted for Impact

        Malware Configuration

        No configs have been found

        Behavior Graph

        Hide Legend

        Legend:

        • Process
        • Signature
        • Created File
        • DNS/IP Info
        • Is Dropped
        • Number of created Files
        • Is malicious
        • Internet
        behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1579160 Sample: boatnet.m68k.elf Startdate: 20/12/2024 Architecture: LINUX Score: 76 24 178.215.238.74, 3778, 46318, 46320 LVLT-10753US Germany 2->24 26 109.202.202.202, 80 INIT7CH Switzerland 2->26 28 2 other IPs or domains 2->28 30 Malicious sample detected (through community Yara rule) 2->30 32 Antivirus / Scanner detection for submitted sample 2->32 34 Multi AV Scanner detection for submitted file 2->34 36 Yara detected Mirai 2->36 7 boatnet.m68k.elf 2->7         started        9 xfce4-panel wrapper-2.0 2->9         started        11 xfce4-panel wrapper-2.0 2->11         started        13 6 other processes 2->13 signatures3 process4 process5 15 boatnet.m68k.elf 7->15         started        18 boatnet.m68k.elf 7->18         started        20 boatnet.m68k.elf 7->20         started        22 wrapper-2.0 xfpm-power-backlight-helper 9->22         started        signatures6 38 Sample tries to kill multiple processes (SIGKILL) 15->38

        Screenshots

        Thumbnails

        This section contains all screenshots as thumbnails, including those not shown in the slideshow.


        windows-stand

        Antivirus, Machine Learning and Genetic Malware Detection

        Initial Sample

        SourceDetectionScannerLabelLink
        boatnet.m68k.elf66%ReversingLabsLinux.Trojan.Mirai
        boatnet.m68k.elf100%AviraEXP/ELF.Gafgyt.D

        Dropped Files

        No Antivirus matches

        Domains

        No Antivirus matches

        URLs

        No Antivirus matches

        Domains and IPs

        Contacted Domains

        No contacted domains info

        World Map of Contacted IPs

        • No. of IPs < 25%
        • 25% < No. of IPs < 50%
        • 50% < No. of IPs < 75%
        • 75% < No. of IPs

        Public IPs

        IPDomainCountryFlagASNASN NameMalicious
        109.202.202.202
        		unknownSwitzerland
        		13030INIT7CHfalse
        91.189.91.43
        		unknownUnited Kingdom
        		41231CANONICAL-ASGBfalse
        91.189.91.42
        		unknownUnited Kingdom
        		41231CANONICAL-ASGBfalse
        178.215.238.74
        		unknownGermany
        		10753LVLT-10753USfalse

        Joe Sandbox View / Context

        IPs

        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
        109.202.202.202kpLwzBouH4.elfGet hashmaliciousUnknownBrowse
        • ch.archive.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_92.0%2bbuild3-0ubuntu0.20.04.1_amd64.deb
        91.189.91.43boatnet.arm.elfGet hashmaliciousMiraiBrowse
          arm6.elfGet hashmaliciousMiraiBrowse
            dbus.elfGet hashmaliciousUnknownBrowse
              fenty.arm4.elfGet hashmaliciousMiraiBrowse
                CONSTANT_STRATEGY.elfGet hashmaliciousSliverBrowse
                  10000.elfGet hashmaliciousUnknownBrowse
                    la.bot.arc.elfGet hashmaliciousMiraiBrowse
                      gnjqwpc.elfGet hashmaliciousMiraiBrowse
                        copy_netaddr.elfGet hashmaliciousXmrigBrowse
                          wiewa64.elfGet hashmaliciousMiraiBrowse

                            Domains

                            No context

                            ASNs

                            MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                            CANONICAL-ASGBboatnet.arm.elfGet hashmaliciousMiraiBrowse
                            • 91.189.91.42
                            arm6.elfGet hashmaliciousMiraiBrowse
                            • 91.189.91.42
                            dbus.elfGet hashmaliciousUnknownBrowse
                            • 91.189.91.42
                            fenty.arm4.elfGet hashmaliciousMiraiBrowse
                            • 91.189.91.42
                            CONSTANT_STRATEGY.elfGet hashmaliciousSliverBrowse
                            • 91.189.91.42
                            10000.elfGet hashmaliciousUnknownBrowse
                            • 91.189.91.42
                            la.bot.arc.elfGet hashmaliciousMiraiBrowse
                            • 91.189.91.42
                            gnjqwpc.elfGet hashmaliciousMiraiBrowse
                            • 91.189.91.42
                            copy_netaddr.elfGet hashmaliciousXmrigBrowse
                            • 91.189.91.42
                            wiewa64.elfGet hashmaliciousMiraiBrowse
                            • 91.189.91.42
                            INIT7CHboatnet.arm.elfGet hashmaliciousMiraiBrowse
                            • 109.202.202.202
                            arm6.elfGet hashmaliciousMiraiBrowse
                            • 109.202.202.202
                            dbus.elfGet hashmaliciousUnknownBrowse
                            • 109.202.202.202
                            fenty.arm4.elfGet hashmaliciousMiraiBrowse
                            • 109.202.202.202
                            CONSTANT_STRATEGY.elfGet hashmaliciousSliverBrowse
                            • 109.202.202.202
                            10000.elfGet hashmaliciousUnknownBrowse
                            • 109.202.202.202
                            la.bot.arc.elfGet hashmaliciousMiraiBrowse
                            • 109.202.202.202
                            gnjqwpc.elfGet hashmaliciousMiraiBrowse
                            • 109.202.202.202
                            copy_netaddr.elfGet hashmaliciousXmrigBrowse
                            • 109.202.202.202
                            wiewa64.elfGet hashmaliciousMiraiBrowse
                            • 109.202.202.202

                            JA3 Fingerprints

                            No context

                            Dropped Files

                            No context

                            Created / dropped Files

                            No created / dropped files found

                            Static File Info

                            General

                            File type:ELF 32-bit MSB executable, Motorola m68k, 68020, version 1 (SYSV), statically linked, stripped
                            Entropy (8bit):6.235787697093049
                            TrID:
                            • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                            File name:boatnet.m68k.elf
                            File size:73'084 bytes
                            MD5:0e1206df9c7f87c0ec86cf885816d434
                            SHA1:991eb6d8db4f302ed5d47f523bebc8f6d4e96978
                            SHA256:c7ab8cb4f88c4b8e36363477f6d7c0cffc4edf8bddbdbec94155bf4963417196
                            SHA512:a8b2d6eeac2772c638f14d5281a92a3fd9595a98836d86b8a3ebfccd805c7511a7929faec0cedd80a6ccf213244220acfd4866bd6312dcda8833bae7927c49da
                            SSDEEP:1536:23Z8R8M1OQkn+i8QDralQeuacWjcW0JcWcBASqh2R5ykNQJBR:23Z8R82OQk+lQeuacWjcW0JcWcBLqhmW
                            TLSH:6C632BCAF401DE7DF84BD6774C560E1CBA71B3D016831A2B67A7BEA7AD72158180AC81
                            File Content Preview:.ELF.......................D...4.........4. ...(.......................4...4...... ........8..98..98...t..'....... .dt.Q............................NV..a....da....HN^NuNV..J9..;.f>"y..9P QJ.g.X.#...9PN."y..9P QJ.f.A.....J.g.Hy..94N.X.......;.N^NuNV..N^NuN

                            Static ELF Info

                            ELF header

                            Class:ELF32
                            Data:2's complement, big endian
                            Version:1 (current)
                            Machine:MC68000
                            Version Number:0x1
                            Type:EXEC (Executable file)
                            OS/ABI:UNIX - System V
                            ABI Version:0
                            Entry Point Address:0x80000144
                            Flags:0x0
                            ELF Header Size:52
                            Program Header Offset:52
                            Program Header Size:32
                            Number of Program Headers:3
                            Section Header Offset:72684
                            Section Header Size:40
                            Number of Section Headers:10
                            Header String Table Index:9

                            Sections

                            NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
                            NULL0x00x00x00x00x0000
                            .initPROGBITS0x800000940x940x140x00x6AX002
                            .textPROGBITS0x800000a80xa80x107720x00x6AX004
                            .finiPROGBITS0x8001081a0x1081a0xe0x00x6AX002
                            .rodataPROGBITS0x800108280x108280x110c0x00x2A002
                            .ctorsPROGBITS0x800139380x119380x80x00x3WA004
                            .dtorsPROGBITS0x800139400x119400x80x00x3WA004
                            .dataPROGBITS0x8001394c0x1194c0x2600x00x3WA004
                            .bssNOBITS0x80013bac0x11bac0x25740x00x3WA004
                            .shstrtabSTRTAB0x00x11bac0x3e0x00x0001

                            Program Segments

                            TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                            LOAD0x00x800000000x800000000x119340x119346.25700x5R E0x2000.init .text .fini .rodata
                            LOAD0x119380x800139380x800139380x2740x27e83.67800x6RW 0x2000.ctors .dtors .data .bss
                            GNU_STACK0x00x00x00x00x00.00000x6RW 0x4

                            Network Behavior

                            Network Port Distribution

                            TCP Packets

                            TimestampSource PortDest PortSource IPDest IP
                            Dec 20, 2024 23:16:41.006284952 CET4251680192.168.2.23109.202.202.202
                            Dec 20, 2024 23:16:41.774139881 CET43928443192.168.2.2391.189.91.42
                            Dec 20, 2024 23:16:41.882577896 CET463183778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:42.002177000 CET377846318178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:42.002286911 CET463183778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:42.007491112 CET463183778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:42.127456903 CET377846318178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:42.127511024 CET463183778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:42.247004986 CET377846318178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:44.178683043 CET377846318178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:44.179114103 CET463183778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:44.298702955 CET377846318178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:45.181468010 CET463203778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:45.301235914 CET377846320178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:45.301321030 CET463203778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:45.302270889 CET463203778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:45.421863079 CET377846320178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:45.422025919 CET463203778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:45.541913033 CET377846320178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:47.149382114 CET42836443192.168.2.2391.189.91.43
                            Dec 20, 2024 23:16:47.476831913 CET377846320178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:47.476948023 CET463203778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:47.596482992 CET377846320178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:48.486789942 CET463223778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:48.606538057 CET377846322178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:48.606616020 CET463223778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:48.613668919 CET463223778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:48.733127117 CET377846322178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:48.733184099 CET463223778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:48.852700949 CET377846322178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:50.788114071 CET377846322178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:50.788229942 CET463223778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:50.907772064 CET377846322178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:51.795557976 CET463243778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:51.965056896 CET377846324178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:51.965135098 CET463243778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:51.976236105 CET463243778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:52.095793962 CET377846324178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:52.095846891 CET463243778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:52.215326071 CET377846324178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:54.147629023 CET377846324178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:54.147727966 CET463243778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:54.267381907 CET377846324178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:55.155601025 CET463263778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:55.275171995 CET377846326178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:55.275248051 CET463263778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:55.280922890 CET463263778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:55.400465012 CET377846326178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:55.400517941 CET463263778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:55.519980907 CET377846326178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:57.444783926 CET377846326178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:57.444902897 CET463263778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:57.564512968 CET377846326178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:58.451116085 CET463283778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:58.570719004 CET377846328178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:58.570795059 CET463283778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:58.574177980 CET463283778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:58.693653107 CET377846328178.215.238.74192.168.2.23
                            Dec 20, 2024 23:16:58.693700075 CET463283778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:16:58.813211918 CET377846328178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:00.741589069 CET377846328178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:00.741728067 CET463283778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:00.861674070 CET377846328178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:01.743650913 CET463303778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:01.863230944 CET377846330178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:01.863339901 CET463303778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:01.864311934 CET463303778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:01.983834982 CET377846330178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:01.983982086 CET463303778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:02.103471041 CET377846330178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:02.763366938 CET43928443192.168.2.2391.189.91.42
                            Dec 20, 2024 23:17:04.038367987 CET377846330178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:04.038634062 CET463303778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:04.158216953 CET377846330178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:05.040134907 CET463323778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:05.161286116 CET377846332178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:05.161417007 CET463323778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:05.162523031 CET463323778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:05.282062054 CET377846332178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:05.282195091 CET463323778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:05.401808023 CET377846332178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:07.335639954 CET377846332178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:07.335864067 CET463323778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:07.455602884 CET377846332178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:08.337430954 CET463343778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:08.457199097 CET377846334178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:08.457314014 CET463343778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:08.458369017 CET463343778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:08.577907085 CET377846334178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:08.578027964 CET463343778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:08.697717905 CET377846334178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:10.651839018 CET377846334178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:10.652062893 CET463343778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:10.771797895 CET377846334178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:10.954150915 CET4251680192.168.2.23109.202.202.202
                            Dec 20, 2024 23:17:11.653696060 CET463363778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:11.773572922 CET377846336178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:11.773802996 CET463363778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:11.774630070 CET463363778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:11.894232988 CET377846336178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:11.894397974 CET463363778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:12.015163898 CET377846336178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:13.001910925 CET42836443192.168.2.2391.189.91.43
                            Dec 20, 2024 23:17:13.944787979 CET377846336178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:13.945207119 CET463363778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:14.064832926 CET377846336178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:14.947725058 CET463383778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:15.067493916 CET377846338178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:15.067780018 CET463383778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:15.068947077 CET463383778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:15.188421965 CET377846338178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:15.188697100 CET463383778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:15.308259964 CET377846338178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:17.242567062 CET377846338178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:17.242959976 CET463383778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:17.362529993 CET377846338178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:18.245234013 CET463403778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:18.365005016 CET377846340178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:18.365106106 CET463403778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:18.366189957 CET463403778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:18.485708952 CET377846340178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:18.485888004 CET463403778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:18.605422020 CET377846340178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:20.554117918 CET377846340178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:20.554431915 CET463403778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:20.674035072 CET377846340178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:21.556277990 CET463423778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:21.676105022 CET377846342178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:21.676223040 CET463423778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:21.677495003 CET463423778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:21.797014952 CET377846342178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:21.797135115 CET463423778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:21.917759895 CET377846342178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:23.851746082 CET377846342178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:23.851963997 CET463423778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:23.972045898 CET377846342178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:24.854671001 CET463443778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:24.974683046 CET377846344178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:24.974960089 CET463443778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:24.976970911 CET463443778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:25.096508026 CET377846344178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:25.096782923 CET463443778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:25.216346025 CET377846344178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:27.149918079 CET377846344178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:27.150154114 CET463443778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:27.269963980 CET377846344178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:28.153248072 CET463463778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:28.272959948 CET377846346178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:28.273173094 CET463463778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:28.274954081 CET463463778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:28.394726992 CET377846346178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:28.394865036 CET463463778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:28.514662027 CET377846346178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:30.445458889 CET377846346178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:30.445673943 CET463463778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:30.565308094 CET377846346178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:31.447652102 CET463483778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:31.569221020 CET377846348178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:31.569447041 CET463483778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:31.571997881 CET463483778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:31.692800999 CET377846348178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:31.693056107 CET463483778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:31.813905954 CET377846348178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:33.742228031 CET377846348178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:33.742595911 CET463483778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:33.862257957 CET377846348178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:34.745260000 CET463503778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:34.865147114 CET377846350178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:34.865288973 CET463503778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:34.866544962 CET463503778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:34.986233950 CET377846350178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:34.986479044 CET463503778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:35.106225014 CET377846350178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:37.039453983 CET377846350178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:37.039887905 CET463503778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:37.160018921 CET377846350178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:38.042170048 CET463523778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:38.162247896 CET377846352178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:38.162406921 CET463523778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:38.163856983 CET463523778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:38.283371925 CET377846352178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:38.283489943 CET463523778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:38.403294086 CET377846352178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:40.382843971 CET377846352178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:40.383069992 CET463523778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:40.502913952 CET377846352178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:41.385608912 CET463543778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:41.505362034 CET377846354178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:41.505654097 CET463543778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:41.507204056 CET463543778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:41.626835108 CET377846354178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:41.627115965 CET463543778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:41.746695995 CET377846354178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:43.717626095 CET43928443192.168.2.2391.189.91.42
                            Dec 20, 2024 23:17:43.852859974 CET377846354178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:43.853125095 CET463543778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:43.972776890 CET377846354178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:44.855829000 CET463563778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:44.976162910 CET377846356178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:44.976321936 CET463563778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:44.977958918 CET463563778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:45.097775936 CET377846356178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:45.097919941 CET463563778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:45.217602968 CET377846356178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:47.149240971 CET377846356178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:47.149455070 CET463563778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:47.269154072 CET377846356178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:48.152126074 CET463583778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:48.273474932 CET377846358178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:48.273891926 CET463583778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:48.275248051 CET463583778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:48.397277117 CET377846358178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:48.397372007 CET463583778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:48.517066002 CET377846358178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:50.445807934 CET377846358178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:50.446043015 CET463583778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:50.565787077 CET377846358178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:51.448144913 CET463603778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:51.568037987 CET377846360178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:51.568208933 CET463603778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:51.569786072 CET463603778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:51.689410925 CET377846360178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:51.689640045 CET463603778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:51.809385061 CET377846360178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:53.742908955 CET377846360178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:53.743138075 CET463603778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:53.863066912 CET377846360178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:54.745234966 CET463623778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:54.864917040 CET377846362178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:54.865183115 CET463623778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:54.866605043 CET463623778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:54.986932993 CET377846362178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:54.987190962 CET463623778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:55.107425928 CET377846362178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:57.041034937 CET377846362178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:57.041291952 CET463623778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:57.161549091 CET377846362178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:58.043870926 CET463643778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:58.166140079 CET377846364178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:58.166412115 CET463643778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:58.168457985 CET463643778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:58.288290024 CET377846364178.215.238.74192.168.2.23
                            Dec 20, 2024 23:17:58.288461924 CET463643778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:17:58.408277035 CET377846364178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:00.367906094 CET377846364178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:00.368172884 CET463643778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:00.487911940 CET377846364178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:01.371093988 CET463663778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:01.490895987 CET377846366178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:01.491002083 CET463663778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:01.491880894 CET463663778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:01.611525059 CET377846366178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:01.611706972 CET463663778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:01.731388092 CET377846366178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:03.680628061 CET377846366178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:03.681050062 CET463663778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:03.803415060 CET377846366178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:04.194938898 CET42836443192.168.2.2391.189.91.43
                            Dec 20, 2024 23:18:04.683558941 CET463683778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:04.803498983 CET377846368178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:04.803829908 CET463683778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:04.805327892 CET463683778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:04.925173044 CET377846368178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:04.925400019 CET463683778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:05.045277119 CET377846368178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:06.978718996 CET377846368178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:06.978986025 CET463683778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:07.099462986 CET377846368178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:07.981547117 CET463703778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:08.101438046 CET377846370178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:08.101596117 CET463703778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:08.103585958 CET463703778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:08.223275900 CET377846370178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:08.223551989 CET463703778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:08.343439102 CET377846370178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:10.275681973 CET377846370178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:10.275950909 CET463703778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:10.395945072 CET377846370178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:11.278361082 CET463723778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:11.398623943 CET377846372178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:11.398888111 CET463723778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:11.400224924 CET463723778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:11.520030975 CET377846372178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:11.520217896 CET463723778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:11.639970064 CET377846372178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:13.633865118 CET377846372178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:13.634089947 CET463723778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:13.754262924 CET377846372178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:14.635849953 CET463743778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:14.755964041 CET377846374178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:14.756264925 CET463743778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:14.757375002 CET463743778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:14.877307892 CET377846374178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:14.877610922 CET463743778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:14.997469902 CET377846374178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:16.931164980 CET377846374178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:16.931482077 CET463743778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:17.051568985 CET377846374178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:17.933423996 CET463763778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:18.053396940 CET377846376178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:18.053592920 CET463763778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:18.054794073 CET463763778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:18.174380064 CET377846376178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:18.174531937 CET463763778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:18.294397116 CET377846376178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:20.260571957 CET377846376178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:20.260926008 CET463763778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:20.380773067 CET377846376178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:21.262844086 CET463783778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:21.382921934 CET377846378178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:21.383274078 CET463783778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:21.384619951 CET463783778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:21.504539967 CET377846378178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:21.504770994 CET463783778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:21.625103951 CET377846378178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:23.556159019 CET377846378178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:23.556500912 CET463783778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:23.676652908 CET377846378178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:24.558162928 CET463803778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:24.679510117 CET377846380178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:24.679959059 CET463803778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:24.680902958 CET463803778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:24.801285982 CET377846380178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:24.801562071 CET463803778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:24.921796083 CET377846380178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:26.852816105 CET377846380178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:26.853084087 CET463803778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:26.973170996 CET377846380178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:27.855223894 CET463823778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:27.975351095 CET377846382178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:27.975521088 CET463823778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:27.977577925 CET463823778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:28.097394943 CET377846382178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:28.097676992 CET463823778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:28.217601061 CET377846382178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:30.150109053 CET377846382178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:30.150324106 CET463823778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:30.270649910 CET377846382178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:31.152813911 CET463843778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:31.274549007 CET377846384178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:31.274936914 CET463843778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:31.275998116 CET463843778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:31.396611929 CET377846384178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:31.397026062 CET463843778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:31.517178059 CET377846384178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:33.446846962 CET377846384178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:33.447300911 CET463843778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:33.567147017 CET377846384178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:34.449238062 CET463863778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:34.570344925 CET377846386178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:34.570518017 CET463863778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:34.571562052 CET463863778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:34.691781044 CET377846386178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:34.692054033 CET463863778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:34.812122107 CET377846386178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:36.747179031 CET377846386178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:36.747684956 CET463863778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:36.867728949 CET377846386178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:37.749115944 CET463883778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:37.869374037 CET377846388178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:37.869530916 CET463883778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:37.870918036 CET463883778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:37.990706921 CET377846388178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:37.991013050 CET463883778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:38.111524105 CET377846388178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:40.056157112 CET377846388178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:40.056375027 CET463883778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:40.176294088 CET377846388178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:41.057898045 CET463903778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:41.177896023 CET377846390178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:41.177997112 CET463903778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:41.178674936 CET463903778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:41.298665047 CET377846390178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:41.298779964 CET463903778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:41.418698072 CET377846390178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:43.353090048 CET377846390178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:43.353262901 CET463903778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:43.473139048 CET377846390178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:44.355134964 CET463923778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:44.477653980 CET377846392178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:44.477893114 CET463923778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:44.479231119 CET463923778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:44.599443913 CET377846392178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:44.599694014 CET463923778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:44.719779015 CET377846392178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:46.650274038 CET377846392178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:46.650779963 CET463923778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:46.770823956 CET377846392178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:47.652394056 CET463943778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:47.772665024 CET377846394178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:47.772794962 CET463943778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:47.774034977 CET463943778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:47.893696070 CET377846394178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:47.893961906 CET463943778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:48.016616106 CET377846394178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:49.947134972 CET377846394178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:49.947679043 CET463943778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:50.068238020 CET377846394178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:50.949848890 CET463963778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:51.070091009 CET377846396178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:51.070213079 CET463963778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:51.071466923 CET463963778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:51.191579103 CET377846396178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:51.191822052 CET463963778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:51.312001944 CET377846396178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:53.243830919 CET377846396178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:53.244249105 CET463963778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:53.364466906 CET377846396178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:54.246550083 CET463983778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:54.366661072 CET377846398178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:54.366811991 CET463983778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:54.368318081 CET463983778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:54.488555908 CET377846398178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:54.488671064 CET463983778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:54.608588934 CET377846398178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:56.603610992 CET377846398178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:56.603967905 CET463983778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:56.724013090 CET377846398178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:57.606122017 CET464003778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:57.726427078 CET377846400178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:57.726893902 CET464003778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:57.728168011 CET464003778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:57.849030018 CET377846400178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:57.849395037 CET464003778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:18:57.969434023 CET377846400178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:59.900460958 CET377846400178.215.238.74192.168.2.23
                            Dec 20, 2024 23:18:59.900949955 CET464003778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:00.021234989 CET377846400178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:00.902895927 CET464023778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:01.023139954 CET377846402178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:01.023332119 CET464023778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:01.024544954 CET464023778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:01.144645929 CET377846402178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:01.145131111 CET464023778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:01.265146017 CET377846402178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:03.213227034 CET377846402178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:03.213521004 CET464023778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:03.333748102 CET377846402178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:04.215689898 CET464043778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:04.335948944 CET377846404178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:04.336026907 CET464043778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:04.337023973 CET464043778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:04.456794024 CET377846404178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:04.457005024 CET464043778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:04.576992035 CET377846404178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:06.509696007 CET377846404178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:06.509959936 CET464043778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:06.629945993 CET377846404178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:07.512123108 CET464063778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:07.631922007 CET377846406178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:07.632066965 CET464063778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:07.633354902 CET464063778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:07.752933025 CET377846406178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:07.753087044 CET464063778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:07.872800112 CET377846406178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:09.806967020 CET377846406178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:09.807121038 CET464063778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:09.927064896 CET377846406178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:10.809042931 CET464083778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:10.929358006 CET377846408178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:10.929583073 CET464083778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:10.930480003 CET464083778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:11.050354958 CET377846408178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:11.050622940 CET464083778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:11.170865059 CET377846408178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:13.104188919 CET377846408178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:13.104381084 CET464083778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:13.224371910 CET377846408178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:14.106955051 CET464103778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:14.227422953 CET377846410178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:14.227622986 CET464103778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:14.228682995 CET464103778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:14.348671913 CET377846410178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:14.348958969 CET464103778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:14.469372034 CET377846410178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:16.401102066 CET377846410178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:16.401416063 CET464103778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:16.521822929 CET377846410178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:17.403328896 CET464123778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:17.523828983 CET377846412178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:17.524002075 CET464123778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:17.525134087 CET464123778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:17.645308971 CET377846412178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:17.645390987 CET464123778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:17.765506983 CET377846412178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:19.697968960 CET377846412178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:19.698290110 CET464123778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:19.818109035 CET377846412178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:20.700184107 CET464143778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:20.820167065 CET377846414178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:20.820322990 CET464143778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:20.821448088 CET464143778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:20.941050053 CET377846414178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:20.941272974 CET464143778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:21.061245918 CET377846414178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:22.994539976 CET377846414178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:22.994935989 CET464143778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:23.114830971 CET377846414178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:23.996752024 CET464163778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:24.116472960 CET377846416178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:24.116700888 CET464163778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:24.117917061 CET464163778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:24.237497091 CET377846416178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:24.237683058 CET464163778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:24.357203960 CET377846416178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:26.291229010 CET377846416178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:26.291332960 CET464163778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:26.411648989 CET377846416178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:27.293407917 CET464183778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:27.413427114 CET377846418178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:27.413513899 CET464183778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:27.415327072 CET464183778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:27.535546064 CET377846418178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:27.535717964 CET464183778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:27.655899048 CET377846418178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:29.604079008 CET377846418178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:29.604314089 CET464183778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:29.724380016 CET377846418178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:30.605752945 CET464203778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:30.725724936 CET377846420178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:30.726106882 CET464203778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:30.726809025 CET464203778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:30.846774101 CET377846420178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:30.846972942 CET464203778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:30.967103004 CET377846420178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:32.900774002 CET377846420178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:32.901194096 CET464203778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:33.021291971 CET377846420178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:33.902661085 CET464223778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:34.022747993 CET377846422178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:34.022830009 CET464223778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:34.023746967 CET464223778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:34.143552065 CET377846422178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:34.143757105 CET464223778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:34.263946056 CET377846422178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:36.229085922 CET377846422178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:36.229207039 CET464223778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:36.349112034 CET377846422178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:37.230748892 CET464243778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:37.350949049 CET377846424178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:37.351233959 CET464243778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:37.352041960 CET464243778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:37.471915960 CET377846424178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:37.472007036 CET464243778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:37.591932058 CET377846424178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:39.527894020 CET377846424178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:39.528431892 CET464243778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:39.648494959 CET377846424178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:40.530457020 CET464263778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:40.650651932 CET377846426178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:40.650793076 CET464263778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:40.651763916 CET464263778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:40.771826982 CET377846426178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:40.772325993 CET464263778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:40.892447948 CET377846426178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:42.823916912 CET377846426178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:42.824132919 CET464263778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:42.944118977 CET377846426178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:43.826076984 CET464283778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:43.946234941 CET377846428178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:43.946542978 CET464283778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:43.948272943 CET464283778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:44.068253994 CET377846428178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:44.068459034 CET464283778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:44.188441038 CET377846428178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:46.136666059 CET377846428178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:46.137463093 CET464283778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:46.257579088 CET377846428178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:47.140094995 CET464303778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:47.260338068 CET377846430178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:47.260693073 CET464303778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:47.262052059 CET464303778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:47.382019043 CET377846430178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:47.382392883 CET464303778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:47.502306938 CET377846430178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:49.433682919 CET377846430178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:49.434011936 CET464303778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:49.554032087 CET377846430178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:50.436424017 CET464323778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:50.556659937 CET377846432178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:50.556839943 CET464323778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:50.558202982 CET464323778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:50.678015947 CET377846432178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:50.678215027 CET464323778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:50.797993898 CET377846432178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:52.729258060 CET377846432178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:52.729396105 CET464323778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:52.849293947 CET377846432178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:53.731029034 CET464343778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:53.851032019 CET377846434178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:53.851198912 CET464343778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:53.852664948 CET464343778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:53.972800016 CET377846434178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:53.972929955 CET464343778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:54.093101978 CET377846434178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:56.026457071 CET377846434178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:56.026644945 CET464343778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:56.146644115 CET377846434178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:57.028717995 CET464363778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:57.149173021 CET377846436178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:57.149343014 CET464363778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:57.150631905 CET464363778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:57.270600080 CET377846436178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:57.270893097 CET464363778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:57.391001940 CET377846436178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:59.324528933 CET377846436178.215.238.74192.168.2.23
                            Dec 20, 2024 23:19:59.324876070 CET464363778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:19:59.445235968 CET377846436178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:00.326674938 CET464383778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:00.447084904 CET377846438178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:00.447263956 CET464383778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:00.448252916 CET464383778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:00.568164110 CET377846438178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:00.568444014 CET464383778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:00.688539028 CET377846438178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:02.620353937 CET377846438178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:02.620819092 CET464383778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:02.741122961 CET377846438178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:03.622812033 CET464403778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:03.742897034 CET377846440178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:03.743094921 CET464403778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:03.744291067 CET464403778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:03.864005089 CET377846440178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:03.864223957 CET464403778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:03.984416962 CET377846440178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:05.917510033 CET377846440178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:05.917967081 CET464403778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:06.037899971 CET377846440178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:06.920089960 CET464423778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:07.040158033 CET377846442178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:07.040321112 CET464423778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:07.041657925 CET464423778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:07.161631107 CET377846442178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:07.161726952 CET464423778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:07.281626940 CET377846442178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:09.245378017 CET377846442178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:09.245572090 CET464423778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:09.365549088 CET377846442178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:10.248012066 CET464443778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:10.368356943 CET377846444178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:10.368616104 CET464443778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:10.370709896 CET464443778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:10.490458012 CET377846444178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:10.490650892 CET464443778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:10.610336065 CET377846444178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:12.541943073 CET377846444178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:12.542131901 CET464443778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:12.661961079 CET377846444178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:13.544878960 CET464463778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:13.664752007 CET377846446178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:13.664977074 CET464463778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:13.665632963 CET464463778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:13.785410881 CET377846446178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:13.785667896 CET464463778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:13.907711983 CET377846446178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:15.854609013 CET377846446178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:15.854753017 CET464463778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:15.974596024 CET377846446178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:16.856249094 CET464483778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:16.976372957 CET377846448178.215.238.74192.168.2.23
                            Dec 20, 2024 23:20:16.976455927 CET464483778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:16.977521896 CET464483778192.168.2.23178.215.238.74
                            Dec 20, 2024 23:20:17.097618103 CET377846448178.215.238.74192.168.2.23

                            System Behavior

                            General

                            Start time (UTC):22:16:41
                            Start date (UTC):20/12/2024
                            Path:/tmp/boatnet.m68k.elf
                            Arguments:/tmp/boatnet.m68k.elf
                            File size:4463432 bytes
                            MD5 hash:cd177594338c77b895ae27c33f8f86cc

                            Chronological Activities


                            General

                            Start time (UTC):22:16:41
                            Start date (UTC):20/12/2024
                            Path:/tmp/boatnet.m68k.elf
                            Arguments:-
                            File size:4463432 bytes
                            MD5 hash:cd177594338c77b895ae27c33f8f86cc

                            Chronological Activities


                            General

                            Start time (UTC):22:16:41
                            Start date (UTC):20/12/2024
                            Path:/tmp/boatnet.m68k.elf
                            Arguments:-
                            File size:4463432 bytes
                            MD5 hash:cd177594338c77b895ae27c33f8f86cc

                            Chronological Activities


                            General

                            Start time (UTC):22:16:41
                            Start date (UTC):20/12/2024
                            Path:/tmp/boatnet.m68k.elf
                            Arguments:-
                            File size:4463432 bytes
                            MD5 hash:cd177594338c77b895ae27c33f8f86cc

                            Chronological Activities


                            General

                            Start time (UTC):22:16:46
                            Start date (UTC):20/12/2024
                            Path:/usr/bin/xfce4-panel
                            Arguments:-
                            File size:375768 bytes
                            MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                            Chronological Activities


                            General

                            Start time (UTC):22:16:46
                            Start date (UTC):20/12/2024
                            Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                            Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libsystray.so 6 12582920 systray "Notification Area" "Area where notification icons appear"
                            File size:35136 bytes
                            MD5 hash:ac0b8a906f359a8ae102244738682e76

                            Chronological Activities


                            General

                            Start time (UTC):22:16:46
                            Start date (UTC):20/12/2024
                            Path:/usr/bin/xfce4-panel
                            Arguments:-
                            File size:375768 bytes
                            MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                            Chronological Activities


                            General

                            Start time (UTC):22:16:46
                            Start date (UTC):20/12/2024
                            Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                            Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libstatusnotifier.so 7 12582921 statusnotifier "Status Notifier Plugin" "Provides a panel area for status notifier items (application indicators)"
                            File size:35136 bytes
                            MD5 hash:ac0b8a906f359a8ae102244738682e76

                            Chronological Activities


                            General

                            Start time (UTC):22:16:46
                            Start date (UTC):20/12/2024
                            Path:/usr/bin/xfce4-panel
                            Arguments:-
                            File size:375768 bytes
                            MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                            Chronological Activities


                            General

                            Start time (UTC):22:16:46
                            Start date (UTC):20/12/2024
                            Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                            Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libpulseaudio-plugin.so 8 12582922 pulseaudio "PulseAudio Plugin" "Adjust the audio volume of the PulseAudio sound system"
                            File size:35136 bytes
                            MD5 hash:ac0b8a906f359a8ae102244738682e76

                            Chronological Activities


                            General

                            Start time (UTC):22:16:46
                            Start date (UTC):20/12/2024
                            Path:/usr/bin/xfce4-panel
                            Arguments:-
                            File size:375768 bytes
                            MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                            Chronological Activities


                            General

                            Start time (UTC):22:16:46
                            Start date (UTC):20/12/2024
                            Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                            Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libxfce4powermanager.so 9 12582923 power-manager-plugin "Power Manager Plugin" "Display the battery levels of your devices and control the brightness of your display"
                            File size:35136 bytes
                            MD5 hash:ac0b8a906f359a8ae102244738682e76

                            Chronological Activities


                            General

                            Start time (UTC):22:16:51
                            Start date (UTC):20/12/2024
                            Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                            Arguments:-
                            File size:35136 bytes
                            MD5 hash:ac0b8a906f359a8ae102244738682e76

                            Chronological Activities


                            General

                            Start time (UTC):22:16:51
                            Start date (UTC):20/12/2024
                            Path:/usr/sbin/xfpm-power-backlight-helper
                            Arguments:/usr/sbin/xfpm-power-backlight-helper --get-max-brightness
                            File size:14656 bytes
                            MD5 hash:3d221ad23f28ca3259f599b1664e2427

                            Chronological Activities


                            General

                            Start time (UTC):22:16:46
                            Start date (UTC):20/12/2024
                            Path:/usr/bin/xfce4-panel
                            Arguments:-
                            File size:375768 bytes
                            MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                            Chronological Activities


                            General

                            Start time (UTC):22:16:46
                            Start date (UTC):20/12/2024
                            Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                            Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libnotification-plugin.so 10 12582924 notification-plugin "Notification Plugin" "Notification plugin for the Xfce panel"
                            File size:35136 bytes
                            MD5 hash:ac0b8a906f359a8ae102244738682e76

                            Chronological Activities


                            General

                            Start time (UTC):22:16:47
                            Start date (UTC):20/12/2024
                            Path:/usr/bin/xfce4-panel
                            Arguments:-
                            File size:375768 bytes
                            MD5 hash:a15b657c7d54ac1385f1f15004ea6784

                            Chronological Activities


                            General

                            Start time (UTC):22:16:47
                            Start date (UTC):20/12/2024
                            Path:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0
                            Arguments:/usr/lib/x86_64-linux-gnu/xfce4/panel/wrapper-2.0 /usr/lib/x86_64-linux-gnu/xfce4/panel/plugins/libactions.so 14 12582925 actions "Action Buttons" "Log out, lock or other system actions"
                            File size:35136 bytes
                            MD5 hash:ac0b8a906f359a8ae102244738682e76

                            Chronological Activities


                            General

                            Start time (UTC):22:16:51
                            Start date (UTC):20/12/2024
                            Path:/usr/bin/dbus-daemon
                            Arguments:-
                            File size:249032 bytes
                            MD5 hash:3089d47e3f3ab84cd81c48fd406d7a8c

                            Chronological Activities


                            General

                            Start time (UTC):22:16:51
                            Start date (UTC):20/12/2024
                            Path:/usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
                            Arguments:/usr/lib/x86_64-linux-gnu/xfce4/xfconf/xfconfd
                            File size:112880 bytes
                            MD5 hash:4c7a0d6d258bb970905b19b84abcd8e9

                            Chronological Activities


                            General

                            Start time (UTC):22:16:53
                            Start date (UTC):20/12/2024
                            Path:/usr/lib/systemd/systemd
                            Arguments:-
                            File size:1620224 bytes
                            MD5 hash:9b2bec7092a40488108543f9334aab75

                            Chronological Activities


                            General

                            Start time (UTC):22:16:53
                            Start date (UTC):20/12/2024
                            Path:/usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd
                            Arguments:/usr/lib/x86_64-linux-gnu/xfce4/notifyd/xfce4-notifyd
                            File size:112872 bytes
                            MD5 hash:eee956f1b227c1d5031f9c61223255d1

                            Chronological Activities