Windows
Analysis Report
Hh8hqqbu9X.exe
Overview
General Information
Sample name: | Hh8hqqbu9X.exerenamed because original name is a hash value |
Original sample name: | f4c0448c427e926b0d3c0d1fbc1a866e.exe |
Analysis ID: | 1579462 |
MD5: | f4c0448c427e926b0d3c0d1fbc1a866e |
SHA1: | 273aa64fd2523237acde7d342a09a259a3c5499a |
SHA256: | cee3904c1eb0245328cbbe8770f69417d56218ba9ed6ded95d60183264557fef |
Tags: | exeLokiuser-abuse_ch |
Infos: | |
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- Hh8hqqbu9X.exe (PID: 7064 cmdline:
"C:\Users\ user\Deskt op\Hh8hqqb u9X.exe" MD5: F4C0448C427E926B0D3C0D1FBC1A866E) - vbc.exe (PID: 3292 cmdline:
"C:\Window s\Microsof t.NET\Fram ework\v2.0 .50727\vbc .exe" MD5: D881DE17AA8F2E2C08CBB7B265F928F9)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
Loki Password Stealer (PWS), LokiBot | "Loki Bot is a commodity malware sold on underground sites which is designed to steal private data from infected machines, and then submit that info to a command and control host via HTTP POST. This private data includes stored passwords, login credential information from Web browsers, and a variety of cryptocurrency wallets." - PhishMeLoki-Bot employs function hashing to obfuscate the libraries utilized. While not all functions are hashed, a vast majority of them are.Loki-Bot accepts a single argument/switch of -u that simply delays execution (sleeps) for 10 seconds. This is used when Loki-Bot is upgrading itself.The Mutex generated is the result of MD5 hashing the Machine GUID and trimming to 24-characters. For example: B7E1C2CC98066B250DDB2123.Loki-Bot creates a hidden folder within the %APPDATA% directory whose name is supplied by the 8th thru 13th characters of the Mutex. For example: %APPDATA%\ C98066\.There can be four files within the hidden %APPDATA% directory at any given time: .exe, .lck, .hdb and .kdb. They will be named after characters 13 thru 18 of the Mutex. For example: 6B250D. Below is the explanation of their purpose:FILE EXTENSIONFILE DESCRIPTION.exeA copy of the malware that will execute every time the user account is logged into.lckA lock file created when either decrypting Windows Credentials or Keylogging to prevent resource conflicts.hdbA database of hashes for data that has already been exfiltrated to the C2 server.kdbA database of keylogger data that has yet to be sent to the C2 serverIf the user is privileged, Loki-Bot sets up persistence within the registry under HKEY_LOCAL_MACHINE. If not, it sets up persistence under HKEY_CURRENT_USER.The first packet transmitted by Loki-Bot contains application data.The second packet transmitted by Loki-Bot contains decrypted Windows credentials.The third packet transmitted by Loki-Bot is the malware requesting C2 commands from the C2 server. By default, Loki-Bot will send this request out every 10 minutes after the initial packet it sent.Communications to the C2 server from the compromised host contain information about the user and system including the username, hostname, domain, screen resolution, privilege level, system architecture, and Operating System.The first WORD of the HTTP Payload represents the Loki-Bot version.The second WORD of the HTTP Payload is the Payload Type. Below is the table of identified payload types:BYTEPAYLOAD TYPE0x26Stolen Cryptocurrency Wallet0x27Stolen Application Data0x28Get C2 Commands from C2 Server0x29Stolen File0x2APOS (Point of Sale?)0x2BKeylogger Data0x2CScreenshotThe 11th byte of the HTTP Payload begins the Binary ID. This might be useful in tracking campaigns or specific threat actors. This value value is typically ckav.ru. If you come across a Binary ID that is different from this, take note!Loki-Bot encrypts both the URL and the registry key used for persistence using Triple DES encryption.The Content-Key HTTP Header value is the result of hashing the HTTP Header values that precede it. This is likely used as a protection against researchers who wish to poke and prod at Loki-Bots C2 infrastructure.Loki-Bot can accept the following instructions from the C2 Server:BYTEINSTRUCTION DESCRIPTION0x00Download EXE & Execute0x01Download DLL & Load #10x02Download DLL & Load #20x08Delete HDB File0x09Start Keylogger0x0AMine & Steal Data0x0EExit Loki-Bot0x0FUpgrade Loki-Bot0x10Change C2 Polling Frequency0x11Delete Executables & ExitSuricata SignaturesRULE SIDRULE NAME2024311ET TROJAN Loki Bot Cryptocurrency Wallet Exfiltration Detected2024312ET TROJAN Loki Bot Application/Credential Data Exfiltration Detected M12024313ET TROJAN Loki Bot Request for C2 Commands Detected M12024314ET TROJAN Loki Bot File Exfiltration Detected2024315ET TROJAN Loki Bot Keylogger Data Exfiltration Detected M12024316ET TROJAN Loki Bot Screenshot Exfiltration Detected2024317ET TROJAN Loki Bot Application/Credential Data Exfiltration Detected M22024318ET TROJAN Loki Bot Request for C2 Commands Detected M22024319ET TROJAN Loki Bot Keylogger Data Exfiltration Detected M2 |
{"C2 list": ["http://kbfvzoboss.bid/alien/fre.php", "http://alphastand.trade/alien/fre.php", "http://alphastand.win/alien/fre.php", "http://alphastand.top/alien/fre.php"]}
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Lokibot_1 | Yara detected Lokibot | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Lokibot_1 | Yara detected Lokibot | Joe Security | ||
JoeSecurity_Lokibot | Yara detected Lokibot | Joe Security | ||
JoeSecurity_aPLib_compressed_binary | Yara detected aPLib compressed binary | Joe Security | ||
JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
Windows_Trojan_Lokibot_1f885282 | unknown | unknown |
| |
Click to see the 24 entries |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Lokibot | Yara detected Lokibot | Joe Security | ||
JoeSecurity_aPLib_compressed_binary | Yara detected aPLib compressed binary | Joe Security | ||
JoeSecurity_CredentialStealer | Yara detected Credential Stealer | Joe Security | ||
Windows_Trojan_Lokibot_1f885282 | unknown | unknown |
| |
Windows_Trojan_Lokibot_0f421617 | unknown | unknown |
| |
Click to see the 40 entries |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-12-22T14:12:10.261798+0100 | 2024312 | 1 | A Network Trojan was detected | 192.168.2.5 | 49704 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:12.114201+0100 | 2024312 | 1 | A Network Trojan was detected | 192.168.2.5 | 49705 | 92.113.16.63 | 80 | TCP |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-12-22T14:12:08.679463+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:10.630928+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49705 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:12.555175+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49706 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:14.486390+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49707 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:16.506905+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49709 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:18.490175+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49715 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:20.454277+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49716 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:22.413385+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49723 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:24.298560+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49730 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:26.270738+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49737 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:28.206249+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49744 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:30.193986+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49750 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:32.170808+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49756 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:34.048387+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49762 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:35.977485+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49768 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:37.922549+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49771 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:39.913797+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49774 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:41.792852+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49779 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:43.778745+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49785 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:45.725102+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49791 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:47.702297+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49797 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:49.654095+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49803 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:51.781467+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49808 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:53.776209+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49813 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:55.748800+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49819 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:57.639002+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49825 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:59.653024+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49828 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:01.607262+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49834 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:03.485305+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49841 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:05.648440+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49847 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:07.852654+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49853 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:09.825571+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49859 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:11.829832+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49864 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:13.746542+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49870 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:15.701197+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49875 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:17.691250+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49879 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:19.580922+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49885 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:21.563411+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49889 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:23.430650+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49895 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:25.406832+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49901 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:27.394770+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49907 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:29.361059+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49913 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:31.366487+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49919 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:33.340412+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49925 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:35.225031+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49930 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:37.184150+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49934 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:39.191137+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49940 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:41.217229+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49944 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:43.173669+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49950 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:45.134599+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49955 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:47.131865+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49959 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:49.082293+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49964 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:50.975180+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49970 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:52.942630+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49976 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:55.208169+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49982 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:57.115154+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49988 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:59.078913+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49993 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:01.034852+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49998 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:02.984416+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50002 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:04.984506+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50008 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:07.223056+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50014 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:09.389083+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50020 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:11.258701+0100 | 2025381 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50026 | 92.113.16.67 | 80 | TCP |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-12-22T14:12:14.102015+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49706 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:16.123769+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49707 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:18.090018+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49709 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:20.071784+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49715 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:22.015203+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49716 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:23.904363+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49723 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:25.864302+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49730 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:27.824506+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49737 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:29.795605+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49744 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:31.769591+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49750 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:33.666583+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49756 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:35.540017+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49762 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:37.539487+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49768 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:39.530868+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49771 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:41.400417+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49774 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:43.380560+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49779 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:45.336914+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49785 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:47.298735+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49791 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:49.264336+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49797 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:51.145466+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49803 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:53.385422+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49808 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:55.346077+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49813 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:57.219949+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49819 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:59.252987+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49825 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:01.214492+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49828 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:03.081093+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49834 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:05.050729+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49841 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:07.230683+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49847 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:09.430877+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49853 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:11.446115+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49859 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:13.345038+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49864 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:15.306696+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49870 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:17.174002+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49875 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:19.186341+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49879 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:21.159824+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49885 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:23.045578+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49889 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:25.017097+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49895 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:27.012094+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49901 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:28.961341+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49907 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:30.980596+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49913 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:32.953227+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49919 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:34.840080+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49925 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:36.786857+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49930 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:38.783948+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49934 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:40.664036+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49940 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:42.776806+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49944 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:44.748036+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49950 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:46.742499+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49955 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:48.702998+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49959 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:50.576775+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49964 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:52.558386+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49970 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:54.532204+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49976 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:56.719927+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49982 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:58.701138+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49988 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:00.640245+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49993 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:02.599810+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49998 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:04.589436+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50002 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:06.546732+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50008 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:08.782719+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50014 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:10.859231+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50020 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:12.817010+0100 | 2024313 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50026 | 92.113.16.67 | 80 | TCP |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-12-22T14:12:14.102015+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49706 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:16.123769+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49707 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:18.090018+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49709 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:20.071784+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49715 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:22.015203+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49716 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:23.904363+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49723 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:25.864302+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49730 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:27.824506+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49737 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:29.795605+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49744 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:31.769591+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49750 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:33.666583+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49756 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:35.540017+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49762 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:37.539487+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49768 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:39.530868+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49771 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:41.400417+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49774 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:43.380560+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49779 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:45.336914+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49785 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:47.298735+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49791 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:49.264336+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49797 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:51.145466+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49803 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:53.385422+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49808 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:55.346077+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49813 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:57.219949+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49819 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:59.252987+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49825 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:01.214492+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49828 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:03.081093+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49834 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:05.050729+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49841 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:07.230683+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49847 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:09.430877+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49853 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:11.446115+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49859 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:13.345038+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49864 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:15.306696+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49870 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:17.174002+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49875 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:19.186341+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49879 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:21.159824+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49885 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:23.045578+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49889 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:25.017097+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49895 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:27.012094+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49901 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:28.961341+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49907 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:30.980596+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49913 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:32.953227+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49919 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:34.840080+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49925 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:36.786857+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49930 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:38.783948+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49934 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:40.664036+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49940 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:42.776806+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49944 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:44.748036+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49950 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:46.742499+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49955 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:48.702998+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49959 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:50.576775+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49964 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:52.558386+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49970 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:54.532204+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49976 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:56.719927+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49982 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:58.701138+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49988 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:00.640245+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49993 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:02.599810+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49998 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:04.589436+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50002 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:06.546732+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50008 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:08.782719+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50014 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:10.859231+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50020 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:12.817010+0100 | 2024318 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50026 | 92.113.16.67 | 80 | TCP |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-12-22T14:12:08.679463+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49704 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:10.630928+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49705 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:12.555175+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49706 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:14.486390+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49707 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:16.506905+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49709 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:18.490175+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49715 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:20.454277+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49716 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:22.413385+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49723 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:24.298560+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49730 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:26.270738+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49737 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:28.206249+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49744 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:30.193986+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49750 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:32.170808+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49756 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:34.048387+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49762 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:35.977485+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49768 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:37.922549+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49771 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:39.913797+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49774 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:41.792852+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49779 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:43.778745+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49785 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:45.725102+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49791 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:47.702297+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49797 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:49.654095+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49803 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:51.781467+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49808 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:53.776209+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49813 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:55.748800+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49819 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:57.639002+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49825 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:59.653024+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49828 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:01.607262+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49834 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:03.485305+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49841 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:05.648440+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49847 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:07.852654+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49853 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:09.825571+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49859 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:11.829832+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49864 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:13.746542+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49870 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:15.701197+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49875 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:17.691250+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49879 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:19.580922+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49885 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:21.563411+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49889 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:23.430650+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49895 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:25.406832+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49901 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:27.394770+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49907 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:29.361059+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49913 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:31.366487+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49919 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:33.340412+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49925 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:35.225031+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49930 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:37.184150+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49934 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:39.191137+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49940 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:41.217229+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49944 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:43.173669+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49950 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:45.134599+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49955 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:47.131865+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49959 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:49.082293+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49964 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:50.975180+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49970 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:52.942630+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49976 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:55.208169+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49982 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:57.115154+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49988 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:59.078913+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49993 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:01.034852+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 49998 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:02.984416+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 50002 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:04.984506+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 50008 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:07.223056+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 50014 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:09.389083+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 50020 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:11.258701+0100 | 2021641 | 1 | A Network Trojan was detected | 192.168.2.5 | 50026 | 92.113.16.67 | 80 | TCP |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-12-22T14:12:08.679463+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:10.630928+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49705 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:12.555175+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49706 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:14.486390+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49707 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:16.506905+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49709 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:18.490175+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49715 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:20.454277+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49716 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:22.413385+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49723 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:24.298560+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49730 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:26.270738+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49737 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:28.206249+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49744 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:30.193986+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49750 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:32.170808+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49756 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:34.048387+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49762 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:35.977485+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49768 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:37.922549+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49771 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:39.913797+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49774 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:41.792852+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49779 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:43.778745+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49785 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:45.725102+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49791 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:47.702297+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49797 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:49.654095+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49803 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:51.781467+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49808 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:53.776209+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49813 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:55.748800+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49819 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:57.639002+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49825 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:59.653024+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49828 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:01.607262+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49834 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:03.485305+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49841 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:05.648440+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49847 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:07.852654+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49853 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:09.825571+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49859 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:11.829832+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49864 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:13.746542+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49870 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:15.701197+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49875 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:17.691250+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49879 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:19.580922+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49885 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:21.563411+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49889 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:23.430650+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49895 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:25.406832+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49901 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:27.394770+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49907 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:29.361059+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49913 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:31.366487+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49919 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:33.340412+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49925 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:35.225031+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49930 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:37.184150+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49934 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:39.191137+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49940 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:41.217229+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49944 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:43.173669+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49950 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:45.134599+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49955 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:47.131865+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49959 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:49.082293+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49964 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:50.975180+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49970 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:52.942630+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49976 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:55.208169+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49982 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:57.115154+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49988 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:59.078913+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49993 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:01.034852+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49998 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:02.984416+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50002 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:04.984506+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50008 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:07.223056+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50014 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:09.389083+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50020 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:11.258701+0100 | 2825766 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50026 | 92.113.16.67 | 80 | TCP |
Click to jump to signature section
AV Detection |
---|
Source: | Avira: |
Source: | Malware Configuration Extractor: |
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link |
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: |
Source: | Code function: | 1_2_00403D74 |
Networking |
---|
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: |
Source: | URLs: | ||
Source: | URLs: | ||
Source: | URLs: | ||
Source: | URLs: |
Source: | ASN Name: | ||
Source: | ASN Name: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | Code function: | 1_2_00404ED4 |
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Long String: |
Source: | Code function: | 0_2_05906E58 | |
Source: | Code function: | 0_2_05906E50 |
Source: | Code function: | 0_2_0182D324 | |
Source: | Code function: | 0_2_058A1C51 | |
Source: | Code function: | 0_2_058ABE44 | |
Source: | Code function: | 0_2_058A0006 | |
Source: | Code function: | 0_2_058A0040 | |
Source: | Code function: | 0_2_058ACC39 | |
Source: | Code function: | 0_2_05908128 | |
Source: | Code function: | 0_2_05902020 | |
Source: | Code function: | 1_2_0040549C | |
Source: | Code function: | 1_2_004029D4 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: |
Source: | Classification label: |
Source: | Code function: | 1_2_0040650A |
Source: | Code function: | 1_2_0040434D |
Source: | File created: | Jump to behavior |
Source: | Mutant created: | ||
Source: | Mutant created: | ||
Source: | Mutant created: |
Source: | Static PE information: |
Source: | Static file information: |
Source: | Key opened: | Jump to behavior |
Source: | ReversingLabs: | ||
Source: | Virustotal: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Binary string: | ||
Source: | Binary string: |
Data Obfuscation |
---|
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Code function: | 1_2_00402AD4 | |
Source: | Code function: | 1_2_00402AFC |
Source: | High entropy of concatenated method names: |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | File source: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | Code function: | 1_2_00403D74 |
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior |
Source: | Binary or memory string: |
Source: | Process information queried: | Jump to behavior |
Source: | Code function: | 1_2_0040317B |
Source: | Code function: | 1_2_00402B7C |
Source: | Process token adjusted: | Jump to behavior | ||
Source: | Process token adjusted: | Jump to behavior |
Source: | Memory allocated: | Jump to behavior |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | Reference to suspicious API methods: | ||
Source: | Reference to suspicious API methods: | ||
Source: | Reference to suspicious API methods: |
Source: | Memory allocated: | Jump to behavior |
Source: | Memory written: | Jump to behavior |
Source: | Section unmapped: | Jump to behavior |
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior | ||
Source: | Memory written: | Jump to behavior |
Source: | Process created: | Jump to behavior |
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior |
Source: | Code function: | 1_2_00406069 |
Source: | Key value queried: | Jump to behavior |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior | ||
Source: | Key opened: | Jump to behavior |
Source: | Code function: | 1_2_0040D069 | |
Source: | Code function: | 1_2_0040D069 |
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 1 Native API | 1 DLL Side-Loading | 1 DLL Side-Loading | 1 Disable or Modify Tools | 2 OS Credential Dumping | 1 Account Discovery | Remote Services | 11 Archive Collected Data | 1 Ingress Tool Transfer | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | 1 Shared Modules | Boot or Logon Initialization Scripts | 1 Access Token Manipulation | 11 Deobfuscate/Decode Files or Information | 2 Credentials in Registry | 1 File and Directory Discovery | Remote Desktop Protocol | 2 Data from Local System | 1 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 411 Process Injection | 2 Obfuscated Files or Information | Security Account Manager | 13 System Information Discovery | SMB/Windows Admin Shares | 1 Email Collection | 2 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 Software Packing | NTDS | 111 Security Software Discovery | Distributed Component Object Model | Input Capture | 112 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 1 DLL Side-Loading | LSA Secrets | 1 Process Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 Masquerading | Cached Domain Credentials | 31 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 31 Virtualization/Sandbox Evasion | DCSync | 1 System Owner/User Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 1 Access Token Manipulation | Proc Filesystem | System Owner/User Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | 411 Process Injection | /etc/passwd and /etc/shadow | Network Sniffing | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
82% | ReversingLabs | ByteCode-MSIL.Trojan.AgentTesla | ||
79% | Virustotal | Browse | ||
100% | Avira | TR/AD.LokiBot.sbeoo | ||
100% | Joe Sandbox ML |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
publicspeaking.co.id | 92.113.16.63 | true | true | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true | unknown | ||
false | high | ||
false | high | ||
false | high | ||
false | high |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | unknown | |||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
92.113.16.63 | publicspeaking.co.id | Ukraine | 6849 | UKRTELNETUA | true | |
92.113.16.67 | unknown | Ukraine | 6849 | UKRTELNETUA | true |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1579462 |
Start date and time: | 2024-12-22 14:11:05 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 10s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 5 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | Hh8hqqbu9X.exerenamed because original name is a hash value |
Original Sample Name: | f4c0448c427e926b0d3c0d1fbc1a866e.exe |
Detection: | MAL |
Classification: | mal100.troj.spyw.evad.winEXE@3/3@5/2 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe
- Excluded IPs from analysis (whitelisted): 13.107.246.63, 20.109.210.53
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, otelrules.azureedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
Time | Type | Description |
---|---|---|
08:12:13 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
publicspeaking.co.id | Get hash | malicious | Lokibot | Browse |
| |
Get hash | malicious | Lokibot | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
UKRTELNETUA | Get hash | malicious | Mirai, Moobot | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
UKRTELNETUA | Get hash | malicious | Mirai, Moobot | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
|
Process: | C:\Users\user\Desktop\Hh8hqqbu9X.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1216 |
Entropy (8bit): | 5.34331486778365 |
Encrypted: | false |
SSDEEP: | 24:MLUE4K5E4KH1qE4qXKDE4KhKiKhPKIE4oKNzKoZAE4Kze0E4x84j:MIHK5HKH1qHiYHKh3oPtHo6hAHKze0HJ |
MD5: | 1330C80CAAC9A0FB172F202485E9B1E8 |
SHA1: | 86BAFDA4E4AE68C7C3012714A33D85D2B6E1A492 |
SHA-256: | B6C63ECE799A8F7E497C2A158B1FFC2F5CB4F745A2F8E585F794572B7CF03560 |
SHA-512: | 75A17AB129FE97BBAB36AA2BD66D59F41DB5AFF44A705EF3E4D094EC5FCD056A3ED59992A0AC96C9D0D40E490F8596B07DCA9B60E606B67223867B061D9D0EB2 |
Malicious: | true |
Reputation: | high, very likely benign file |
Preview: |
Process: | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:U:U |
MD5: | C4CA4238A0B923820DCC509A6F75849B |
SHA1: | 356A192B7913B04C54574D18C28D46E6395428AB |
SHA-256: | 6B86B273FF34FCE19D6B804EFF5A3F5747ADA4EAA22F1D49C01E52DDB7875B4B |
SHA-512: | 4DFF4EA340F0A823F15D3F4F01AB62EAE0E5DA579CCB851F8DB9DFE84C58B2B37B89903A740E1EE172DA793A6E79D560E5F7F9BD058A12A280433ED6FA46510A |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Crypto\RSA\S-1-5-21-2246122658-3693405117-2476756634-1003\89dad5d484a9f889a3a8dfca823edc3e_9e146be9-c76a-4720-bcdb-53011b87bd06
Download File
Process: | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 47 |
Entropy (8bit): | 1.168829563685559 |
Encrypted: | false |
SSDEEP: | 3:/lSll2DQi:AoMi |
MD5: | DAB633BEBCCE13575989DCFA4E2203D6 |
SHA1: | 33186D50F04C5B5196C1FCC1FAD17894B35AC6C7 |
SHA-256: | 1C00FBA1B82CD386E866547F33E1526B03F59E577449792D99C882DEF05A1D17 |
SHA-512: | EDDBB22D9FC6065B8F5376EC95E316E7569530EFAA9EA9BC641881D763B91084DCCC05BC793E8E29131D20946392A31BD943E8FC632D91EE13ABA7B0CD1C626F |
Malicious: | false |
Reputation: | moderate, very likely benign file |
Preview: |
File type: | |
Entropy (8bit): | 5.013018117930209 |
TrID: |
|
File name: | Hh8hqqbu9X.exe |
File size: | 577'536 bytes |
MD5: | f4c0448c427e926b0d3c0d1fbc1a866e |
SHA1: | 273aa64fd2523237acde7d342a09a259a3c5499a |
SHA256: | cee3904c1eb0245328cbbe8770f69417d56218ba9ed6ded95d60183264557fef |
SHA512: | 605665259a268ccf31d01c6332693d259f37efa72e517dc6bc09c5fc66b53b274bfd9f111607499f9aad64c87aa70b8c9c21fe69a6c532b193e2704f1ce9fd1c |
SSDEEP: | 12288:qVAsGfYtKR7zmF4WdwGexfoAu9kcNuuh5:qVAsGfYtKR7yFjdwGexf5u9kcNuuh5 |
TLSH: | 6FC400C6DE4909E7D805A2FC18719446FF8EED3EA17C4941F25BB85C80B8EED5898BC1 |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L....<.[.................H...........f... ........@.. .......................@............@................................ |
Icon Hash: | 0f3152707071330f |
Entrypoint: | 0x46669e |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x5BF13C88 [Sun Nov 18 10:18:48 2018 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | f34d5f2d4577ed6d9ceec516c1f5a744 |
Instruction |
---|
jmp dword ptr [00402000h] |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x66650 | 0x4b | .text |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x6a000 | 0x27e60 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x92000 | 0xc | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x665f8 | 0x1c | .text |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x2000 | 0x8 | .text |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x2008 | 0x48 | .text |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x2000 | 0x646a4 | 0x64800 | f02e9ea7fdf7838916b31e4c42c6b4d1 | False | 0.3737683652052239 | data | 4.070627356787008 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.sdata | 0x68000 | 0x1e8 | 0x200 | ba1a51c546597b8fdcb7d0154e4ab651 | False | 0.857421875 | data | 6.638446248926509 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0x6a000 | 0x27e60 | 0x28000 | 1802a9f454a5d4c9976184044129fda0 | False | 0.14769287109375 | data | 5.240359504242061 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0x92000 | 0xc | 0x200 | 57bc7cabfdf0b8c9037a61a230d48313 | False | 0.044921875 | data | 0.10191042566270775 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0x6a280 | 0x10828 | Device independent bitmap graphic, 128 x 256 x 32, image size 67584 | English | United States | 0.09331006743168106 |
RT_ICON | 0x7aaa8 | 0x94a8 | Device independent bitmap graphic, 96 x 192 x 32, image size 38016 | English | United States | 0.1538259407189405 |
RT_ICON | 0x83f50 | 0x5488 | Device independent bitmap graphic, 72 x 144 x 32, image size 21600 | English | United States | 0.18904805914972272 |
RT_ICON | 0x893d8 | 0x4228 | Device independent bitmap graphic, 64 x 128 x 32, image size 16896 | English | United States | 0.1531058101086443 |
RT_ICON | 0x8d600 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 9600 | English | United States | 0.23817427385892115 |
RT_ICON | 0x8fba8 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 4224 | English | United States | 0.2732176360225141 |
RT_ICON | 0x90c50 | 0x988 | Device independent bitmap graphic, 24 x 48 x 32, image size 2400 | English | United States | 0.4057377049180328 |
RT_ICON | 0x915d8 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 1088 | English | United States | 0.4920212765957447 |
RT_GROUP_ICON | 0x91a40 | 0x76 | data | English | United States | 0.7457627118644068 |
RT_VERSION | 0x91ab8 | 0x1bc | data | English | United States | 0.5247747747747747 |
RT_MANIFEST | 0x91c74 | 0x1ea | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | 0.5469387755102041 |
DLL | Import |
---|---|
mscoree.dll | _CorExeMain |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | United States |
Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-12-22T14:12:08.679463+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49704 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:08.679463+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49704 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:08.679463+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49704 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:10.261798+0100 | 2024312 | ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 | 1 | 192.168.2.5 | 49704 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:10.630928+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49705 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:10.630928+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49705 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:10.630928+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49705 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:12.114201+0100 | 2024312 | ET MALWARE LokiBot Application/Credential Data Exfiltration Detected M1 | 1 | 192.168.2.5 | 49705 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:12.555175+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49706 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:12.555175+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49706 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:12.555175+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49706 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:14.102015+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49706 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:14.102015+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49706 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:14.486390+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49707 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:14.486390+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49707 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:14.486390+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49707 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:16.123769+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49707 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:16.123769+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49707 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:16.506905+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49709 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:16.506905+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49709 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:16.506905+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49709 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:18.090018+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49709 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:18.090018+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49709 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:18.490175+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49715 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:18.490175+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49715 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:18.490175+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49715 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:20.071784+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49715 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:20.071784+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49715 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:20.454277+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49716 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:20.454277+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49716 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:20.454277+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49716 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:22.015203+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49716 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:22.015203+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49716 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:22.413385+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49723 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:22.413385+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49723 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:22.413385+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49723 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:23.904363+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49723 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:23.904363+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49723 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:24.298560+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49730 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:24.298560+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49730 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:24.298560+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49730 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:25.864302+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49730 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:25.864302+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49730 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:26.270738+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49737 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:26.270738+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49737 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:26.270738+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49737 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:27.824506+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49737 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:27.824506+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49737 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:28.206249+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49744 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:28.206249+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49744 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:28.206249+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49744 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:29.795605+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49744 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:29.795605+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49744 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:30.193986+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49750 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:30.193986+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49750 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:30.193986+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49750 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:31.769591+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49750 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:31.769591+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49750 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:32.170808+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49756 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:32.170808+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49756 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:32.170808+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49756 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:33.666583+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49756 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:33.666583+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49756 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:34.048387+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49762 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:34.048387+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49762 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:34.048387+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49762 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:35.540017+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49762 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:35.540017+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49762 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:35.977485+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49768 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:35.977485+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49768 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:35.977485+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49768 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:37.539487+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49768 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:37.539487+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49768 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:37.922549+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49771 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:37.922549+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49771 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:37.922549+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49771 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:39.530868+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49771 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:39.530868+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49771 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:39.913797+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49774 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:39.913797+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49774 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:39.913797+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49774 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:41.400417+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49774 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:41.400417+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49774 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:41.792852+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49779 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:41.792852+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49779 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:41.792852+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49779 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:43.380560+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49779 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:43.380560+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49779 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:43.778745+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49785 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:43.778745+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49785 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:43.778745+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49785 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:45.336914+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49785 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:45.336914+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49785 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:45.725102+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49791 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:45.725102+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49791 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:45.725102+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49791 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:47.298735+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49791 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:47.298735+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49791 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:47.702297+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49797 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:47.702297+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49797 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:47.702297+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49797 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:49.264336+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49797 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:49.264336+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49797 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:49.654095+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49803 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:49.654095+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49803 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:49.654095+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49803 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:51.145466+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49803 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:51.145466+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49803 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:51.781467+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49808 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:51.781467+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49808 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:51.781467+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49808 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:53.385422+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49808 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:53.385422+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49808 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:53.776209+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49813 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:53.776209+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49813 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:53.776209+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49813 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:55.346077+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49813 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:55.346077+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49813 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:55.748800+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49819 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:55.748800+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49819 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:55.748800+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49819 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:57.219949+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49819 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:57.219949+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49819 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:57.639002+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49825 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:57.639002+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49825 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:57.639002+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49825 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:59.252987+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49825 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:59.252987+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49825 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:59.653024+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49828 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:59.653024+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49828 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:12:59.653024+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49828 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:01.214492+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49828 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:01.214492+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49828 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:01.607262+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49834 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:01.607262+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49834 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:01.607262+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49834 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:03.081093+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49834 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:03.081093+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49834 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:03.485305+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49841 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:03.485305+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49841 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:03.485305+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49841 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:05.050729+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49841 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:05.050729+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49841 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:05.648440+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49847 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:05.648440+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49847 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:05.648440+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49847 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:07.230683+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49847 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:07.230683+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49847 | 92.113.16.63 | 80 | TCP |
2024-12-22T14:13:07.852654+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49853 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:07.852654+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49853 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:07.852654+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49853 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:09.430877+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49853 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:09.430877+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49853 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:09.825571+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49859 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:09.825571+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49859 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:09.825571+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49859 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:11.446115+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49859 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:11.446115+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49859 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:11.829832+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49864 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:11.829832+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49864 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:11.829832+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49864 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:13.345038+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49864 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:13.345038+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49864 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:13.746542+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49870 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:13.746542+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49870 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:13.746542+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49870 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:15.306696+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49870 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:15.306696+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49870 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:15.701197+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49875 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:15.701197+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49875 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:15.701197+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49875 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:17.174002+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49875 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:17.174002+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49875 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:17.691250+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49879 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:17.691250+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49879 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:17.691250+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49879 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:19.186341+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49879 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:19.186341+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49879 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:19.580922+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49885 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:19.580922+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49885 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:19.580922+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49885 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:21.159824+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49885 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:21.159824+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49885 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:21.563411+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49889 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:21.563411+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49889 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:21.563411+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49889 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:23.045578+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49889 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:23.045578+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49889 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:23.430650+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49895 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:23.430650+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49895 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:23.430650+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49895 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:25.017097+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49895 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:25.017097+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49895 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:25.406832+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49901 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:25.406832+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49901 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:25.406832+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49901 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:27.012094+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49901 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:27.012094+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49901 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:27.394770+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49907 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:27.394770+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49907 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:27.394770+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49907 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:28.961341+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49907 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:28.961341+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49907 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:29.361059+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49913 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:29.361059+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49913 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:29.361059+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49913 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:30.980596+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49913 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:30.980596+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49913 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:31.366487+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49919 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:31.366487+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49919 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:31.366487+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49919 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:32.953227+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49919 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:32.953227+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49919 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:33.340412+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49925 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:33.340412+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49925 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:33.340412+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49925 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:34.840080+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49925 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:34.840080+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49925 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:35.225031+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49930 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:35.225031+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49930 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:35.225031+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49930 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:36.786857+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49930 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:36.786857+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49930 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:37.184150+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49934 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:37.184150+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49934 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:37.184150+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49934 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:38.783948+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49934 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:38.783948+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49934 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:39.191137+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49940 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:39.191137+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49940 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:39.191137+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49940 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:40.664036+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49940 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:40.664036+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49940 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:41.217229+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49944 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:41.217229+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49944 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:41.217229+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49944 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:42.776806+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49944 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:42.776806+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49944 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:43.173669+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49950 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:43.173669+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49950 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:43.173669+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49950 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:44.748036+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49950 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:44.748036+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49950 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:45.134599+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49955 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:45.134599+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49955 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:45.134599+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49955 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:46.742499+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49955 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:46.742499+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49955 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:47.131865+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49959 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:47.131865+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49959 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:47.131865+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49959 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:48.702998+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49959 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:48.702998+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49959 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:49.082293+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49964 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:49.082293+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49964 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:49.082293+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49964 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:50.576775+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49964 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:50.576775+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49964 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:50.975180+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49970 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:50.975180+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49970 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:50.975180+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49970 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:52.558386+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49970 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:52.558386+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49970 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:52.942630+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49976 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:52.942630+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49976 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:52.942630+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49976 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:54.532204+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49976 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:54.532204+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49976 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:55.208169+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49982 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:55.208169+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49982 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:55.208169+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49982 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:56.719927+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49982 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:56.719927+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49982 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:57.115154+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49988 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:57.115154+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49988 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:57.115154+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49988 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:58.701138+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49988 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:58.701138+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49988 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:59.078913+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49993 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:59.078913+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49993 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:13:59.078913+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49993 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:00.640245+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49993 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:00.640245+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49993 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:01.034852+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 49998 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:01.034852+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 49998 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:01.034852+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 49998 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:02.599810+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 49998 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:02.599810+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 49998 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:02.984416+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 50002 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:02.984416+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 50002 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:02.984416+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 50002 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:04.589436+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 50002 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:04.589436+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 50002 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:04.984506+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 50008 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:04.984506+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 50008 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:04.984506+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 50008 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:06.546732+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 50008 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:06.546732+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 50008 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:07.223056+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 50014 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:07.223056+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 50014 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:07.223056+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 50014 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:08.782719+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 50014 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:08.782719+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 50014 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:09.389083+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 50020 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:09.389083+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 50020 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:09.389083+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 50020 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:10.859231+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 50020 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:10.859231+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 50020 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:11.258701+0100 | 2021641 | ET MALWARE LokiBot User-Agent (Charon/Inferno) | 1 | 192.168.2.5 | 50026 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:11.258701+0100 | 2025381 | ET MALWARE LokiBot Checkin | 1 | 192.168.2.5 | 50026 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:11.258701+0100 | 2825766 | ETPRO MALWARE LokiBot Checkin M2 | 1 | 192.168.2.5 | 50026 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:12.817010+0100 | 2024313 | ET MALWARE LokiBot Request for C2 Commands Detected M1 | 1 | 192.168.2.5 | 50026 | 92.113.16.67 | 80 | TCP |
2024-12-22T14:14:12.817010+0100 | 2024318 | ET MALWARE LokiBot Request for C2 Commands Detected M2 | 1 | 192.168.2.5 | 50026 | 92.113.16.67 | 80 | TCP |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Dec 22, 2024 14:12:08.435492992 CET | 49704 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:08.555077076 CET | 80 | 49704 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:08.555202007 CET | 49704 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:08.559772968 CET | 49704 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:08.679373026 CET | 80 | 49704 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:08.679462910 CET | 49704 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:08.799133062 CET | 80 | 49704 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:10.261677980 CET | 80 | 49704 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:10.261718035 CET | 80 | 49704 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:10.261797905 CET | 49704 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:10.261862040 CET | 49704 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:10.262125969 CET | 80 | 49704 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:10.262185097 CET | 49704 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:10.381352901 CET | 80 | 49704 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:10.389081001 CET | 49705 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:10.508769989 CET | 80 | 49705 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:10.509057045 CET | 49705 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:10.511244059 CET | 49705 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:10.630817890 CET | 80 | 49705 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:10.630928040 CET | 49705 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:10.751013041 CET | 80 | 49705 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:12.114064932 CET | 80 | 49705 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:12.114135027 CET | 80 | 49705 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:12.114165068 CET | 80 | 49705 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:12.114201069 CET | 49705 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:12.114294052 CET | 49705 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:12.114294052 CET | 49705 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:12.233845949 CET | 80 | 49705 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:12.296338081 CET | 49706 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:12.416040897 CET | 80 | 49706 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:12.416141987 CET | 49706 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:12.435524940 CET | 49706 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:12.555088997 CET | 80 | 49706 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:12.555175066 CET | 49706 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:12.674885988 CET | 80 | 49706 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:14.101917028 CET | 80 | 49706 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:14.101949930 CET | 80 | 49706 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:14.102015018 CET | 49706 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:14.102070093 CET | 49706 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:14.102380991 CET | 80 | 49706 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:14.102441072 CET | 49706 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:14.221688032 CET | 80 | 49706 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:14.244821072 CET | 49707 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:14.364500046 CET | 80 | 49707 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:14.364583969 CET | 49707 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:14.366694927 CET | 49707 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:14.486254930 CET | 80 | 49707 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:14.486390114 CET | 49707 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:14.606132984 CET | 80 | 49707 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:16.123626947 CET | 80 | 49707 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:16.123687983 CET | 80 | 49707 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:16.123769045 CET | 49707 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:16.123873949 CET | 49707 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:16.124115944 CET | 80 | 49707 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:16.124181032 CET | 49707 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:16.243396044 CET | 80 | 49707 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:16.265212059 CET | 49709 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:16.384891987 CET | 80 | 49709 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:16.384993076 CET | 49709 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:16.387166023 CET | 49709 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:16.506761074 CET | 80 | 49709 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:16.506905079 CET | 49709 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:16.626540899 CET | 80 | 49709 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:18.089358091 CET | 80 | 49709 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:18.089935064 CET | 80 | 49709 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:18.089968920 CET | 80 | 49709 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:18.090018034 CET | 49709 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:18.090033054 CET | 49709 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:18.090065956 CET | 49709 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:18.209613085 CET | 80 | 49709 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:18.248516083 CET | 49715 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:18.368067980 CET | 80 | 49715 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:18.368158102 CET | 49715 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:18.370491982 CET | 49715 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:18.490109921 CET | 80 | 49715 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:18.490175009 CET | 49715 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:18.609813929 CET | 80 | 49715 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:20.071649075 CET | 80 | 49715 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:20.071729898 CET | 80 | 49715 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:20.071763039 CET | 80 | 49715 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:20.071784019 CET | 49715 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:20.071818113 CET | 49715 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:20.071871042 CET | 49715 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:20.191394091 CET | 80 | 49715 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:20.212661982 CET | 49716 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:20.332220078 CET | 80 | 49716 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:20.332326889 CET | 49716 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:20.334520102 CET | 49716 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:20.454189062 CET | 80 | 49716 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:20.454277039 CET | 49716 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:20.573832035 CET | 80 | 49716 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:22.015083075 CET | 80 | 49716 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:22.015151024 CET | 80 | 49716 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:22.015160084 CET | 80 | 49716 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:22.015202999 CET | 49716 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:22.015225887 CET | 49716 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:22.015280962 CET | 49716 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:22.134922981 CET | 80 | 49716 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:22.171838045 CET | 49723 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:22.291589975 CET | 80 | 49723 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:22.291675091 CET | 49723 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:22.293869972 CET | 49723 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:22.413321972 CET | 80 | 49723 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:22.413384914 CET | 49723 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:22.532871962 CET | 80 | 49723 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:23.904112101 CET | 80 | 49723 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:23.904187918 CET | 80 | 49723 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:23.904362917 CET | 49723 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:23.904515982 CET | 49723 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:23.904787064 CET | 80 | 49723 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:23.904875994 CET | 49723 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:24.024035931 CET | 80 | 49723 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:24.054544926 CET | 49730 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:24.174240112 CET | 80 | 49730 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:24.176794052 CET | 49730 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:24.178985119 CET | 49730 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:24.298444033 CET | 80 | 49730 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:24.298559904 CET | 49730 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:24.418102980 CET | 80 | 49730 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:25.864224911 CET | 80 | 49730 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:25.864240885 CET | 80 | 49730 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:25.864301920 CET | 49730 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:25.864432096 CET | 49730 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:25.864658117 CET | 80 | 49730 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:25.864710093 CET | 49730 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:25.984136105 CET | 80 | 49730 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:26.023458958 CET | 49737 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:26.143085957 CET | 80 | 49737 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:26.143170118 CET | 49737 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:26.145272970 CET | 49737 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:26.264966011 CET | 80 | 49737 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:26.270737886 CET | 49737 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:26.390292883 CET | 80 | 49737 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:27.824202061 CET | 80 | 49737 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:27.824429989 CET | 80 | 49737 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:27.824444056 CET | 80 | 49737 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:27.824506044 CET | 49737 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:27.824579954 CET | 49737 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:27.943995953 CET | 80 | 49737 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:27.964232922 CET | 49744 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:28.083849907 CET | 80 | 49744 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:28.083956003 CET | 49744 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:28.086251020 CET | 49744 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:28.206069946 CET | 80 | 49744 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:28.206248999 CET | 49744 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:28.325855970 CET | 80 | 49744 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:29.795475960 CET | 80 | 49744 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:29.795531988 CET | 80 | 49744 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:29.795604944 CET | 49744 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:29.795763969 CET | 80 | 49744 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:29.795816898 CET | 49744 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:29.800345898 CET | 49744 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:29.919965982 CET | 80 | 49744 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:29.951252937 CET | 49750 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:30.070713997 CET | 80 | 49750 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:30.070810080 CET | 49750 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:30.074321985 CET | 49750 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:30.193922043 CET | 80 | 49750 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:30.193985939 CET | 49750 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:30.313445091 CET | 80 | 49750 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:31.769417048 CET | 80 | 49750 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:31.769454002 CET | 80 | 49750 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:31.769591093 CET | 49750 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:31.769591093 CET | 49750 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:31.770176888 CET | 80 | 49750 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:31.770246983 CET | 49750 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:31.889348030 CET | 80 | 49750 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:31.929296970 CET | 49756 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:32.048882008 CET | 80 | 49756 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:32.048958063 CET | 49756 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:32.051146984 CET | 49756 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:32.170720100 CET | 80 | 49756 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:32.170808077 CET | 49756 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:32.290321112 CET | 80 | 49756 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:33.666448116 CET | 80 | 49756 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:33.666508913 CET | 80 | 49756 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:33.666517973 CET | 80 | 49756 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:33.666583061 CET | 49756 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:33.666616917 CET | 49756 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:33.786087990 CET | 80 | 49756 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:33.805016994 CET | 49762 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:33.924527884 CET | 80 | 49762 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:33.926841021 CET | 49762 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:33.928828955 CET | 49762 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:34.048327923 CET | 80 | 49762 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:34.048387051 CET | 49762 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:34.167908907 CET | 80 | 49762 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:35.539851904 CET | 80 | 49762 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:35.539885998 CET | 80 | 49762 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:35.540018082 CET | 80 | 49762 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:35.540016890 CET | 49762 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:35.540016890 CET | 49762 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:35.540102005 CET | 49762 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:35.659689903 CET | 80 | 49762 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:35.736078024 CET | 49768 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:35.855546951 CET | 80 | 49768 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:35.855619907 CET | 49768 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:35.857846975 CET | 49768 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:35.977278948 CET | 80 | 49768 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:35.977484941 CET | 49768 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:36.097116947 CET | 80 | 49768 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:37.539196014 CET | 80 | 49768 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:37.539438009 CET | 80 | 49768 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:37.539486885 CET | 49768 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:37.539525986 CET | 49768 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:37.539725065 CET | 80 | 49768 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:37.539774895 CET | 49768 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:37.659069061 CET | 80 | 49768 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:37.681238890 CET | 49771 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:37.800736904 CET | 80 | 49771 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:37.800929070 CET | 49771 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:37.802879095 CET | 49771 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:37.922418118 CET | 80 | 49771 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:37.922549009 CET | 49771 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:38.242805004 CET | 49771 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:38.362476110 CET | 80 | 49771 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:38.378983021 CET | 80 | 49771 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:39.530751944 CET | 80 | 49771 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:39.530806065 CET | 80 | 49771 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:39.530868053 CET | 49771 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:39.530925035 CET | 49771 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:39.531112909 CET | 80 | 49771 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:39.531172991 CET | 49771 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:39.650433064 CET | 80 | 49771 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:39.670600891 CET | 49774 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:39.790630102 CET | 80 | 49774 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:39.790801048 CET | 49774 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:39.794246912 CET | 49774 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:39.913726091 CET | 80 | 49774 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:39.913796902 CET | 49774 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:40.227108955 CET | 49774 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:40.529905081 CET | 80 | 49774 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:40.530567884 CET | 80 | 49774 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:41.400176048 CET | 80 | 49774 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:41.400341988 CET | 80 | 49774 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:41.400417089 CET | 49774 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:41.400466919 CET | 49774 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:41.400655985 CET | 80 | 49774 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:41.400721073 CET | 49774 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:41.520040989 CET | 80 | 49774 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:41.551580906 CET | 49779 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:41.671073914 CET | 80 | 49779 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:41.671159029 CET | 49779 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:41.673158884 CET | 49779 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:41.792772055 CET | 80 | 49779 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:41.792851925 CET | 49779 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:41.912472963 CET | 80 | 49779 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:43.380470037 CET | 80 | 49779 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:43.380490065 CET | 80 | 49779 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:43.380559921 CET | 49779 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:43.380647898 CET | 49779 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:43.380718946 CET | 80 | 49779 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:43.380853891 CET | 49779 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:43.500526905 CET | 80 | 49779 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:43.531568050 CET | 49785 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:43.651027918 CET | 80 | 49785 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:43.654782057 CET | 49785 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:43.656884909 CET | 49785 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:43.776478052 CET | 80 | 49785 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:43.778744936 CET | 49785 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:43.898452997 CET | 80 | 49785 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:45.336585045 CET | 80 | 49785 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:45.336741924 CET | 80 | 49785 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:45.336914062 CET | 49785 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:45.336914062 CET | 49785 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:45.337224007 CET | 80 | 49785 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:45.337296009 CET | 49785 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:45.456583977 CET | 80 | 49785 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:45.483233929 CET | 49791 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:45.602961063 CET | 80 | 49791 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:45.603246927 CET | 49791 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:45.605190039 CET | 49791 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:45.724874973 CET | 80 | 49791 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:45.725101948 CET | 49791 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:45.844753981 CET | 80 | 49791 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:47.298543930 CET | 80 | 49791 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:47.298624039 CET | 80 | 49791 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:47.298734903 CET | 49791 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:47.298796892 CET | 49791 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:47.299036980 CET | 80 | 49791 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:47.299093962 CET | 49791 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:47.418207884 CET | 80 | 49791 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:47.460078001 CET | 49797 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:47.579603910 CET | 80 | 49797 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:47.579705954 CET | 49797 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:47.582710028 CET | 49797 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:47.702183008 CET | 80 | 49797 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:47.702296972 CET | 49797 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:47.821882963 CET | 80 | 49797 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:49.264209986 CET | 80 | 49797 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:49.264269114 CET | 80 | 49797 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:49.264302969 CET | 80 | 49797 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:49.264336109 CET | 49797 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:49.264379025 CET | 49797 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:49.264393091 CET | 49797 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:49.384093046 CET | 80 | 49797 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:49.411155939 CET | 49803 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:49.531290054 CET | 80 | 49803 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:49.531578064 CET | 49803 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:49.534415007 CET | 49803 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:49.653986931 CET | 80 | 49803 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:49.654094934 CET | 49803 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:49.773585081 CET | 80 | 49803 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:51.145335913 CET | 80 | 49803 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:51.145369053 CET | 80 | 49803 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:51.145466089 CET | 49803 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:51.146213055 CET | 80 | 49803 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:51.146292925 CET | 49803 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:51.148905993 CET | 49803 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:51.268500090 CET | 80 | 49803 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:51.539671898 CET | 49808 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:51.659189939 CET | 80 | 49808 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:51.659388065 CET | 49808 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:51.661875010 CET | 49808 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:51.781384945 CET | 80 | 49808 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:51.781466961 CET | 49808 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:51.901143074 CET | 80 | 49808 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:53.385320902 CET | 80 | 49808 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:53.385363102 CET | 80 | 49808 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:53.385421991 CET | 49808 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:53.385474920 CET | 49808 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:53.385698080 CET | 80 | 49808 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:53.385757923 CET | 49808 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:53.505033016 CET | 80 | 49808 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:53.533104897 CET | 49813 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:53.653224945 CET | 80 | 49813 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:53.653464079 CET | 49813 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:53.656523943 CET | 49813 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:53.776129007 CET | 80 | 49813 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:53.776209116 CET | 49813 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:53.895858049 CET | 80 | 49813 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:55.345941067 CET | 80 | 49813 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:55.345988989 CET | 80 | 49813 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:55.346076012 CET | 80 | 49813 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:55.346076965 CET | 49813 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:55.346139908 CET | 49813 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:55.346139908 CET | 49813 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:55.465970039 CET | 80 | 49813 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:55.506136894 CET | 49819 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:55.626880884 CET | 80 | 49819 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:55.627017975 CET | 49819 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:55.629004955 CET | 49819 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:55.748732090 CET | 80 | 49819 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:55.748800039 CET | 49819 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:55.868324041 CET | 80 | 49819 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:57.219871998 CET | 80 | 49819 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:57.219886065 CET | 80 | 49819 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:57.219949007 CET | 49819 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:57.219997883 CET | 49819 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:57.220365047 CET | 80 | 49819 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:57.220434904 CET | 49819 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:57.339406013 CET | 80 | 49819 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:57.386915922 CET | 49825 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:57.507456064 CET | 80 | 49825 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:57.510941029 CET | 49825 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:57.516555071 CET | 49825 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:57.636094093 CET | 80 | 49825 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:57.639002085 CET | 49825 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:57.758894920 CET | 80 | 49825 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:59.252799034 CET | 80 | 49825 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:59.252813101 CET | 80 | 49825 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:59.252815962 CET | 80 | 49825 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:59.252986908 CET | 49825 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:59.253081083 CET | 49825 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:59.373019934 CET | 80 | 49825 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:59.409734964 CET | 49828 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:59.529695988 CET | 80 | 49828 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:59.529840946 CET | 49828 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:59.533334970 CET | 49828 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:59.652899981 CET | 80 | 49828 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:12:59.653023958 CET | 49828 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:12:59.772768974 CET | 80 | 49828 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:01.214343071 CET | 80 | 49828 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:01.214385986 CET | 80 | 49828 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:01.214418888 CET | 80 | 49828 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:01.214492083 CET | 49828 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:01.214536905 CET | 49828 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:01.214536905 CET | 49828 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:01.334125996 CET | 80 | 49828 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:01.364671946 CET | 49834 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:01.484406948 CET | 80 | 49834 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:01.484587908 CET | 49834 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:01.487555027 CET | 49834 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:01.607160091 CET | 80 | 49834 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:01.607261896 CET | 49834 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:01.727119923 CET | 80 | 49834 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:03.080998898 CET | 80 | 49834 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:03.081017017 CET | 80 | 49834 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:03.081093073 CET | 49834 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:03.081135035 CET | 49834 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:03.081306934 CET | 80 | 49834 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:03.081361055 CET | 49834 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:03.201616049 CET | 80 | 49834 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:03.242624044 CET | 49841 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:03.362370014 CET | 80 | 49841 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:03.362482071 CET | 49841 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:03.365525961 CET | 49841 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:03.485119104 CET | 80 | 49841 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:03.485305071 CET | 49841 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:03.604933977 CET | 80 | 49841 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:05.050447941 CET | 80 | 49841 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:05.050488949 CET | 80 | 49841 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:05.050729036 CET | 49841 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:05.050821066 CET | 49841 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:05.053414106 CET | 80 | 49841 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:05.056916952 CET | 49841 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:05.170367956 CET | 80 | 49841 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:05.405087948 CET | 49847 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:05.524842978 CET | 80 | 49847 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:05.524979115 CET | 49847 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:05.528803110 CET | 49847 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:05.648372889 CET | 80 | 49847 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:05.648439884 CET | 49847 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:05.767985106 CET | 80 | 49847 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:07.230549097 CET | 80 | 49847 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:07.230614901 CET | 80 | 49847 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:07.230683088 CET | 49847 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:07.230761051 CET | 49847 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:07.230950117 CET | 80 | 49847 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:07.230999947 CET | 49847 | 80 | 192.168.2.5 | 92.113.16.63 |
Dec 22, 2024 14:13:07.350348949 CET | 80 | 49847 | 92.113.16.63 | 192.168.2.5 |
Dec 22, 2024 14:13:07.611228943 CET | 49853 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:07.730925083 CET | 80 | 49853 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:07.731086969 CET | 49853 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:07.733023882 CET | 49853 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:07.852549076 CET | 80 | 49853 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:07.852653980 CET | 49853 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:07.972260952 CET | 80 | 49853 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:09.430635929 CET | 80 | 49853 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:09.430753946 CET | 80 | 49853 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:09.430876970 CET | 49853 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:09.430922031 CET | 49853 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:09.431067944 CET | 80 | 49853 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:09.431193113 CET | 49853 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:09.551220894 CET | 80 | 49853 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:09.583744049 CET | 49859 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:09.703254938 CET | 80 | 49859 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:09.703360081 CET | 49859 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:09.705409050 CET | 49859 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:09.825480938 CET | 80 | 49859 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:09.825571060 CET | 49859 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:09.947101116 CET | 80 | 49859 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:11.446013927 CET | 80 | 49859 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:11.446043015 CET | 80 | 49859 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:11.446115017 CET | 49859 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:11.446170092 CET | 49859 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:11.446413040 CET | 80 | 49859 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:11.446465015 CET | 49859 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:11.565637112 CET | 80 | 49859 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:11.587249041 CET | 49864 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:11.706945896 CET | 80 | 49864 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:11.707072973 CET | 49864 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:11.709115982 CET | 49864 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:11.829655886 CET | 80 | 49864 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:11.829832077 CET | 49864 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:11.949399948 CET | 80 | 49864 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:13.344949961 CET | 80 | 49864 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:13.344963074 CET | 80 | 49864 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:13.344970942 CET | 80 | 49864 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:13.345037937 CET | 49864 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:13.354887962 CET | 49864 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:13.474450111 CET | 80 | 49864 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:13.504836082 CET | 49870 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:13.624459028 CET | 80 | 49870 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:13.624583006 CET | 49870 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:13.626626968 CET | 49870 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:13.746289968 CET | 80 | 49870 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:13.746541977 CET | 49870 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:13.866079092 CET | 80 | 49870 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:15.306358099 CET | 80 | 49870 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:15.306508064 CET | 80 | 49870 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:15.306695938 CET | 49870 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:15.306695938 CET | 49870 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:15.307171106 CET | 80 | 49870 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:15.307327986 CET | 49870 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:15.426649094 CET | 80 | 49870 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:15.458945990 CET | 49875 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:15.578490019 CET | 80 | 49875 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:15.578577042 CET | 49875 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:15.581584930 CET | 49875 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:15.701116085 CET | 80 | 49875 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:15.701196909 CET | 49875 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:15.820821047 CET | 80 | 49875 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:17.173873901 CET | 80 | 49875 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:17.173912048 CET | 80 | 49875 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:17.173947096 CET | 80 | 49875 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:17.174001932 CET | 49875 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:17.174047947 CET | 49875 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:17.174158096 CET | 49875 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:17.293850899 CET | 80 | 49875 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:17.449322939 CET | 49879 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:17.569030046 CET | 80 | 49879 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:17.569118977 CET | 49879 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:17.571537971 CET | 49879 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:17.691180944 CET | 80 | 49879 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:17.691250086 CET | 49879 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:17.811356068 CET | 80 | 49879 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:19.186173916 CET | 80 | 49879 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:19.186192989 CET | 80 | 49879 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:19.186341047 CET | 49879 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:19.186495066 CET | 80 | 49879 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:19.186616898 CET | 49879 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:19.191987991 CET | 49879 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:19.311484098 CET | 80 | 49879 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:19.338598967 CET | 49885 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:19.459055901 CET | 80 | 49885 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:19.459152937 CET | 49885 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:19.461146116 CET | 49885 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:19.580851078 CET | 80 | 49885 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:19.580921888 CET | 49885 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:19.702260017 CET | 80 | 49885 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:21.159703016 CET | 80 | 49885 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:21.159744024 CET | 80 | 49885 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:21.159823895 CET | 49885 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:21.159826994 CET | 80 | 49885 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:21.159890890 CET | 49885 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:21.159995079 CET | 49885 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:21.279936075 CET | 80 | 49885 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:21.321863890 CET | 49889 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:21.441452980 CET | 80 | 49889 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:21.441536903 CET | 49889 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:21.443547964 CET | 49889 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:21.563278913 CET | 80 | 49889 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:21.563410997 CET | 49889 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:21.682980061 CET | 80 | 49889 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:23.045350075 CET | 80 | 49889 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:23.045397997 CET | 80 | 49889 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:23.045439959 CET | 80 | 49889 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:23.045578003 CET | 49889 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:23.045608997 CET | 49889 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:23.165317059 CET | 80 | 49889 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:23.187489986 CET | 49895 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:23.307364941 CET | 80 | 49895 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:23.307599068 CET | 49895 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:23.310646057 CET | 49895 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:23.430504084 CET | 80 | 49895 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:23.430649996 CET | 49895 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:23.550513983 CET | 80 | 49895 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:25.016725063 CET | 80 | 49895 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:25.016891003 CET | 80 | 49895 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:25.016926050 CET | 80 | 49895 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:25.017096996 CET | 49895 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:25.017189026 CET | 49895 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:25.136831045 CET | 80 | 49895 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:25.165309906 CET | 49901 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:25.285010099 CET | 80 | 49901 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:25.285160065 CET | 49901 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:25.287127972 CET | 49901 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:25.406749010 CET | 80 | 49901 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:25.406831980 CET | 49901 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:25.527307034 CET | 80 | 49901 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:27.011996984 CET | 80 | 49901 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:27.012039900 CET | 80 | 49901 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:27.012094021 CET | 49901 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:27.012129068 CET | 49901 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:27.012239933 CET | 80 | 49901 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:27.012295008 CET | 49901 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:27.131828070 CET | 80 | 49901 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:27.151743889 CET | 49907 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:27.271502018 CET | 80 | 49907 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:27.271738052 CET | 49907 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:27.274868965 CET | 49907 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:27.394567966 CET | 80 | 49907 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:27.394769907 CET | 49907 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:27.514511108 CET | 80 | 49907 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:28.961195946 CET | 80 | 49907 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:28.961262941 CET | 80 | 49907 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:28.961277962 CET | 80 | 49907 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:28.961340904 CET | 49907 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:28.961374998 CET | 49907 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:29.086616039 CET | 80 | 49907 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:29.116460085 CET | 49913 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:29.236073017 CET | 80 | 49913 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:29.238898039 CET | 49913 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:29.240976095 CET | 49913 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:29.360553026 CET | 80 | 49913 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:29.361058950 CET | 49913 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:29.481651068 CET | 80 | 49913 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:30.980350018 CET | 80 | 49913 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:30.980391026 CET | 80 | 49913 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:30.980550051 CET | 80 | 49913 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:30.980596066 CET | 49913 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:30.980637074 CET | 49913 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:30.982379913 CET | 49913 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:31.102116108 CET | 80 | 49913 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:31.124443054 CET | 49919 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:31.244219065 CET | 80 | 49919 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:31.244443893 CET | 49919 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:31.246462107 CET | 49919 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:31.366168976 CET | 80 | 49919 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:31.366487026 CET | 49919 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:31.487216949 CET | 80 | 49919 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:32.953111887 CET | 80 | 49919 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:32.953152895 CET | 80 | 49919 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:32.953227043 CET | 49919 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:32.953258991 CET | 49919 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:32.953404903 CET | 80 | 49919 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:32.953464985 CET | 49919 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:33.073596954 CET | 80 | 49919 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:33.097686052 CET | 49925 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:33.217294931 CET | 80 | 49925 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:33.217377901 CET | 49925 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:33.220397949 CET | 49925 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:33.340235949 CET | 80 | 49925 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:33.340411901 CET | 49925 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:33.462414026 CET | 80 | 49925 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:34.839884996 CET | 80 | 49925 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:34.840003967 CET | 80 | 49925 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:34.840080023 CET | 49925 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:34.840128899 CET | 49925 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:34.840486050 CET | 80 | 49925 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:34.840549946 CET | 49925 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:34.959841967 CET | 80 | 49925 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:34.982481956 CET | 49930 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:35.102133989 CET | 80 | 49930 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:35.102221966 CET | 49930 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:35.105237961 CET | 49930 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:35.224786997 CET | 80 | 49930 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:35.225030899 CET | 49930 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:35.344582081 CET | 80 | 49930 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:36.785753012 CET | 80 | 49930 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:36.786768913 CET | 80 | 49930 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:36.786856890 CET | 49930 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:36.786910057 CET | 49930 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:36.787945032 CET | 80 | 49930 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:36.788006067 CET | 49930 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:36.906653881 CET | 80 | 49930 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:36.940855980 CET | 49934 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:37.061110973 CET | 80 | 49934 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:37.061248064 CET | 49934 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:37.064186096 CET | 49934 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:37.184015989 CET | 80 | 49934 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:37.184149981 CET | 49934 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:37.303713083 CET | 80 | 49934 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:38.783813953 CET | 80 | 49934 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:38.783854008 CET | 80 | 49934 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:38.783947945 CET | 49934 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:38.784089088 CET | 49934 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:38.784540892 CET | 80 | 49934 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:38.784604073 CET | 49934 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:38.903822899 CET | 80 | 49934 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:38.947916985 CET | 49940 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:39.068056107 CET | 80 | 49940 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:39.068255901 CET | 49940 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:39.071338892 CET | 49940 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:39.190954924 CET | 80 | 49940 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:39.191137075 CET | 49940 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:39.310647964 CET | 80 | 49940 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:40.663906097 CET | 80 | 49940 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:40.663966894 CET | 80 | 49940 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:40.664036036 CET | 49940 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:40.664365053 CET | 80 | 49940 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:40.664429903 CET | 49940 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:40.667639971 CET | 49940 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:40.787293911 CET | 80 | 49940 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:40.973592997 CET | 49944 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:41.093319893 CET | 80 | 49944 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:41.093396902 CET | 49944 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:41.096642971 CET | 49944 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:41.217156887 CET | 80 | 49944 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:41.217228889 CET | 49944 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:41.336735964 CET | 80 | 49944 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:42.776597023 CET | 80 | 49944 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:42.776618004 CET | 80 | 49944 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:42.776626110 CET | 80 | 49944 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:42.776806116 CET | 49944 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:42.776824951 CET | 49944 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:42.896260023 CET | 80 | 49944 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:42.932081938 CET | 49950 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:43.051645041 CET | 80 | 49950 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:43.051738977 CET | 49950 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:43.053759098 CET | 49950 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:43.173592091 CET | 80 | 49950 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:43.173669100 CET | 49950 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:43.293184042 CET | 80 | 49950 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:44.747859001 CET | 80 | 49950 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:44.747922897 CET | 80 | 49950 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:44.748035908 CET | 49950 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:44.748040915 CET | 80 | 49950 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:44.748090029 CET | 49950 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:44.748112917 CET | 49950 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:44.867754936 CET | 80 | 49950 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:44.892371893 CET | 49955 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:45.012159109 CET | 80 | 49955 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:45.012382030 CET | 49955 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:45.014931917 CET | 49955 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:45.134496927 CET | 80 | 49955 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:45.134598970 CET | 49955 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:45.254055977 CET | 80 | 49955 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:46.742389917 CET | 80 | 49955 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:46.742428064 CET | 80 | 49955 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:46.742499113 CET | 49955 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:46.742538929 CET | 49955 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:46.742944956 CET | 80 | 49955 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:46.743032932 CET | 49955 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:46.862124920 CET | 80 | 49955 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:46.890084028 CET | 49959 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:47.009841919 CET | 80 | 49959 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:47.010088921 CET | 49959 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:47.012166977 CET | 49959 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:47.131791115 CET | 80 | 49959 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:47.131865025 CET | 49959 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:47.331811905 CET | 80 | 49959 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:48.702753067 CET | 80 | 49959 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:48.702883959 CET | 80 | 49959 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:48.702934027 CET | 80 | 49959 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:48.702997923 CET | 49959 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:48.702999115 CET | 49959 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:48.703290939 CET | 49959 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:48.823026896 CET | 80 | 49959 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:48.840440035 CET | 49964 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:48.960078955 CET | 80 | 49964 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:48.960172892 CET | 49964 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:48.962547064 CET | 49964 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:49.082221031 CET | 80 | 49964 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:49.082293034 CET | 49964 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:49.202255964 CET | 80 | 49964 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:50.576571941 CET | 80 | 49964 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:50.576713085 CET | 80 | 49964 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:50.576775074 CET | 49964 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:50.576808929 CET | 49964 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:50.577022076 CET | 80 | 49964 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:50.577114105 CET | 49964 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:50.696402073 CET | 80 | 49964 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:50.730278969 CET | 49970 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:50.849963903 CET | 80 | 49970 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:50.853373051 CET | 49970 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:50.855422974 CET | 49970 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:50.975032091 CET | 80 | 49970 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:50.975179911 CET | 49970 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:51.094887018 CET | 80 | 49970 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:52.558160067 CET | 80 | 49970 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:52.558290005 CET | 80 | 49970 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:52.558386087 CET | 49970 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:52.558413982 CET | 49970 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:52.559226036 CET | 80 | 49970 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:52.559274912 CET | 49970 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:52.678061008 CET | 80 | 49970 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:52.700841904 CET | 49976 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:52.820672989 CET | 80 | 49976 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:52.820780039 CET | 49976 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:52.822540045 CET | 49976 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:52.942343950 CET | 80 | 49976 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:52.942630053 CET | 49976 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:53.062288046 CET | 80 | 49976 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:54.531948090 CET | 80 | 49976 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:54.532008886 CET | 80 | 49976 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:54.532041073 CET | 80 | 49976 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:54.532203913 CET | 49976 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:54.532203913 CET | 49976 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:54.551629066 CET | 49976 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:54.671257973 CET | 80 | 49976 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:54.959203959 CET | 49982 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:55.079032898 CET | 80 | 49982 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:55.079138041 CET | 49982 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:55.087287903 CET | 49982 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:55.208082914 CET | 80 | 49982 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:55.208168983 CET | 49982 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:55.327892065 CET | 80 | 49982 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:56.719813108 CET | 80 | 49982 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:56.719855070 CET | 80 | 49982 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:56.719887018 CET | 80 | 49982 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:56.719927073 CET | 49982 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:56.719980955 CET | 49982 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:56.719981909 CET | 49982 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:56.840045929 CET | 80 | 49982 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:56.873394012 CET | 49988 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:56.993004084 CET | 80 | 49988 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:56.993123055 CET | 49988 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:56.995337963 CET | 49988 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:57.114999056 CET | 80 | 49988 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:57.115154028 CET | 49988 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:57.234822989 CET | 80 | 49988 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:58.700980902 CET | 80 | 49988 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:58.701054096 CET | 80 | 49988 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:58.701138020 CET | 49988 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:58.701200008 CET | 49988 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:58.702227116 CET | 80 | 49988 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:58.702286005 CET | 49988 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:58.820775032 CET | 80 | 49988 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:58.837078094 CET | 49993 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:58.956799984 CET | 80 | 49993 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:58.956880093 CET | 49993 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:58.958937883 CET | 49993 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:59.078495026 CET | 80 | 49993 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:13:59.078912973 CET | 49993 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:13:59.198971033 CET | 80 | 49993 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:00.640110016 CET | 80 | 49993 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:00.640153885 CET | 80 | 49993 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:00.640244961 CET | 49993 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:00.640280962 CET | 80 | 49993 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:00.640280962 CET | 49993 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:00.640326023 CET | 49993 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:00.759912968 CET | 80 | 49993 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:00.793005943 CET | 49998 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:00.912539959 CET | 80 | 49998 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:00.912611961 CET | 49998 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:00.915138960 CET | 49998 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:01.034689903 CET | 80 | 49998 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:01.034852028 CET | 49998 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:01.154416084 CET | 80 | 49998 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:02.599672079 CET | 80 | 49998 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:02.599735975 CET | 80 | 49998 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:02.599809885 CET | 49998 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:02.599860907 CET | 49998 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:02.600188017 CET | 80 | 49998 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:02.600250006 CET | 49998 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:02.719698906 CET | 80 | 49998 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:02.742749929 CET | 50002 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:02.862373114 CET | 80 | 50002 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:02.862451077 CET | 50002 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:02.864523888 CET | 50002 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:02.984178066 CET | 80 | 50002 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:02.984416008 CET | 50002 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:03.104181051 CET | 80 | 50002 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:04.589252949 CET | 80 | 50002 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:04.589303970 CET | 80 | 50002 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:04.589436054 CET | 50002 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:04.589485884 CET | 50002 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:04.589927912 CET | 80 | 50002 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:04.590028048 CET | 50002 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:04.709182024 CET | 80 | 50002 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:04.741411924 CET | 50008 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:04.861069918 CET | 80 | 50008 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:04.861196995 CET | 50008 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:04.863217115 CET | 50008 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:04.982880116 CET | 80 | 50008 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:04.984505892 CET | 50008 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:05.104135036 CET | 80 | 50008 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:06.546581030 CET | 80 | 50008 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:06.546654940 CET | 80 | 50008 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:06.546731949 CET | 50008 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:06.546804905 CET | 50008 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:06.546984911 CET | 80 | 50008 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:06.547049999 CET | 50008 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:06.666299105 CET | 80 | 50008 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:06.976454973 CET | 50014 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:07.096165895 CET | 80 | 50014 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:07.097101927 CET | 50014 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:07.100033045 CET | 50014 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:07.219552040 CET | 80 | 50014 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:07.223056078 CET | 50014 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:07.342561007 CET | 80 | 50014 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:08.782496929 CET | 80 | 50014 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:08.782629967 CET | 80 | 50014 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:08.782718897 CET | 50014 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:08.782918930 CET | 80 | 50014 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:08.783865929 CET | 50014 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:08.783883095 CET | 50014 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:08.903594017 CET | 80 | 50014 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:09.144604921 CET | 50020 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:09.264132023 CET | 80 | 50020 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:09.264223099 CET | 50020 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:09.269464016 CET | 50020 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:09.389010906 CET | 80 | 50020 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:09.389082909 CET | 50020 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:09.508604050 CET | 80 | 50020 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:10.859057903 CET | 80 | 50020 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:10.859142065 CET | 80 | 50020 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:10.859158039 CET | 80 | 50020 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:10.859230995 CET | 50020 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:10.859298944 CET | 50020 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:10.978770018 CET | 80 | 50020 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:11.013789892 CET | 50026 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:11.134326935 CET | 80 | 50026 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:11.134541035 CET | 50026 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:11.137404919 CET | 50026 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:11.258621931 CET | 80 | 50026 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:11.258701086 CET | 50026 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:11.378510952 CET | 80 | 50026 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:12.816879034 CET | 80 | 50026 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:12.816898108 CET | 80 | 50026 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:12.817009926 CET | 50026 | 80 | 192.168.2.5 | 92.113.16.67 |
Dec 22, 2024 14:14:12.817121983 CET | 80 | 50026 | 92.113.16.67 | 192.168.2.5 |
Dec 22, 2024 14:14:12.817207098 CET | 50026 | 80 | 192.168.2.5 | 92.113.16.67 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Dec 22, 2024 14:12:06.198252916 CET | 65519 | 53 | 192.168.2.5 | 1.1.1.1 |
Dec 22, 2024 14:12:07.201272011 CET | 65519 | 53 | 192.168.2.5 | 1.1.1.1 |
Dec 22, 2024 14:12:08.196599007 CET | 65519 | 53 | 192.168.2.5 | 1.1.1.1 |
Dec 22, 2024 14:12:08.430161953 CET | 53 | 65519 | 1.1.1.1 | 192.168.2.5 |
Dec 22, 2024 14:12:08.430195093 CET | 53 | 65519 | 1.1.1.1 | 192.168.2.5 |
Dec 22, 2024 14:12:08.431379080 CET | 53 | 65519 | 1.1.1.1 | 192.168.2.5 |
Dec 22, 2024 14:13:07.380589962 CET | 56829 | 53 | 192.168.2.5 | 1.1.1.1 |
Dec 22, 2024 14:13:07.610336065 CET | 53 | 56829 | 1.1.1.1 | 192.168.2.5 |
Dec 22, 2024 14:14:06.681036949 CET | 61045 | 53 | 192.168.2.5 | 1.1.1.1 |
Dec 22, 2024 14:14:06.975285053 CET | 53 | 61045 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Dec 22, 2024 14:12:06.198252916 CET | 192.168.2.5 | 1.1.1.1 | 0xda96 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Dec 22, 2024 14:12:07.201272011 CET | 192.168.2.5 | 1.1.1.1 | 0xda96 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Dec 22, 2024 14:12:08.196599007 CET | 192.168.2.5 | 1.1.1.1 | 0xda96 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Dec 22, 2024 14:13:07.380589962 CET | 192.168.2.5 | 1.1.1.1 | 0xa5bb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Dec 22, 2024 14:14:06.681036949 CET | 192.168.2.5 | 1.1.1.1 | 0x5777 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Dec 22, 2024 14:12:08.430161953 CET | 1.1.1.1 | 192.168.2.5 | 0xda96 | No error (0) | 92.113.16.63 | A (IP address) | IN (0x0001) | false | ||
Dec 22, 2024 14:12:08.430195093 CET | 1.1.1.1 | 192.168.2.5 | 0xda96 | No error (0) | 92.113.16.63 | A (IP address) | IN (0x0001) | false | ||
Dec 22, 2024 14:12:08.431379080 CET | 1.1.1.1 | 192.168.2.5 | 0xda96 | No error (0) | 92.113.16.63 | A (IP address) | IN (0x0001) | false | ||
Dec 22, 2024 14:13:07.610336065 CET | 1.1.1.1 | 192.168.2.5 | 0xa5bb | No error (0) | 92.113.16.67 | A (IP address) | IN (0x0001) | false | ||
Dec 22, 2024 14:14:06.975285053 CET | 1.1.1.1 | 192.168.2.5 | 0x5777 | No error (0) | 92.113.16.67 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49704 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:08.559772968 CET | 257 | OUT | |
Dec 22, 2024 14:12:08.679462910 CET | 180 | OUT | |
Dec 22, 2024 14:12:10.261677980 CET | 1236 | IN | |
Dec 22, 2024 14:12:10.261718035 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49705 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:10.511244059 CET | 257 | OUT | |
Dec 22, 2024 14:12:10.630928040 CET | 180 | OUT | |
Dec 22, 2024 14:12:12.114064932 CET | 1236 | IN | |
Dec 22, 2024 14:12:12.114135027 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.5 | 49706 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:12.435524940 CET | 257 | OUT | |
Dec 22, 2024 14:12:12.555175066 CET | 153 | OUT | |
Dec 22, 2024 14:12:14.101917028 CET | 1236 | IN | |
Dec 22, 2024 14:12:14.101949930 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.5 | 49707 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:14.366694927 CET | 257 | OUT | |
Dec 22, 2024 14:12:14.486390114 CET | 153 | OUT | |
Dec 22, 2024 14:12:16.123626947 CET | 1236 | IN | |
Dec 22, 2024 14:12:16.123687983 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.5 | 49709 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:16.387166023 CET | 257 | OUT | |
Dec 22, 2024 14:12:16.506905079 CET | 153 | OUT | |
Dec 22, 2024 14:12:18.089358091 CET | 1236 | IN | |
Dec 22, 2024 14:12:18.089935064 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.5 | 49715 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:18.370491982 CET | 257 | OUT | |
Dec 22, 2024 14:12:18.490175009 CET | 153 | OUT | |
Dec 22, 2024 14:12:20.071649075 CET | 1236 | IN | |
Dec 22, 2024 14:12:20.071729898 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
6 | 192.168.2.5 | 49716 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:20.334520102 CET | 257 | OUT | |
Dec 22, 2024 14:12:20.454277039 CET | 153 | OUT | |
Dec 22, 2024 14:12:22.015083075 CET | 1236 | IN | |
Dec 22, 2024 14:12:22.015151024 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
7 | 192.168.2.5 | 49723 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:22.293869972 CET | 257 | OUT | |
Dec 22, 2024 14:12:22.413384914 CET | 153 | OUT | |
Dec 22, 2024 14:12:23.904112101 CET | 1236 | IN | |
Dec 22, 2024 14:12:23.904187918 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
8 | 192.168.2.5 | 49730 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:24.178985119 CET | 257 | OUT | |
Dec 22, 2024 14:12:24.298559904 CET | 153 | OUT | |
Dec 22, 2024 14:12:25.864224911 CET | 1236 | IN | |
Dec 22, 2024 14:12:25.864240885 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
9 | 192.168.2.5 | 49737 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:26.145272970 CET | 257 | OUT | |
Dec 22, 2024 14:12:26.270737886 CET | 153 | OUT | |
Dec 22, 2024 14:12:27.824202061 CET | 1236 | IN | |
Dec 22, 2024 14:12:27.824429989 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
10 | 192.168.2.5 | 49744 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:28.086251020 CET | 257 | OUT | |
Dec 22, 2024 14:12:28.206248999 CET | 153 | OUT | |
Dec 22, 2024 14:12:29.795475960 CET | 1236 | IN | |
Dec 22, 2024 14:12:29.795531988 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
11 | 192.168.2.5 | 49750 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:30.074321985 CET | 257 | OUT | |
Dec 22, 2024 14:12:30.193985939 CET | 153 | OUT | |
Dec 22, 2024 14:12:31.769417048 CET | 1236 | IN | |
Dec 22, 2024 14:12:31.769454002 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
12 | 192.168.2.5 | 49756 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:32.051146984 CET | 257 | OUT | |
Dec 22, 2024 14:12:32.170808077 CET | 153 | OUT | |
Dec 22, 2024 14:12:33.666448116 CET | 1236 | IN | |
Dec 22, 2024 14:12:33.666508913 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
13 | 192.168.2.5 | 49762 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:33.928828955 CET | 257 | OUT | |
Dec 22, 2024 14:12:34.048387051 CET | 153 | OUT | |
Dec 22, 2024 14:12:35.539851904 CET | 1236 | IN | |
Dec 22, 2024 14:12:35.539885998 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
14 | 192.168.2.5 | 49768 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:35.857846975 CET | 257 | OUT | |
Dec 22, 2024 14:12:35.977484941 CET | 153 | OUT | |
Dec 22, 2024 14:12:37.539196014 CET | 1236 | IN | |
Dec 22, 2024 14:12:37.539438009 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
15 | 192.168.2.5 | 49771 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:37.802879095 CET | 257 | OUT | |
Dec 22, 2024 14:12:37.922549009 CET | 153 | OUT | |
Dec 22, 2024 14:12:38.242805004 CET | 153 | OUT | |
Dec 22, 2024 14:12:39.530751944 CET | 1236 | IN | |
Dec 22, 2024 14:12:39.530806065 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
16 | 192.168.2.5 | 49774 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:39.794246912 CET | 257 | OUT | |
Dec 22, 2024 14:12:39.913796902 CET | 153 | OUT | |
Dec 22, 2024 14:12:40.227108955 CET | 153 | OUT | |
Dec 22, 2024 14:12:41.400176048 CET | 1236 | IN | |
Dec 22, 2024 14:12:41.400341988 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
17 | 192.168.2.5 | 49779 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:41.673158884 CET | 257 | OUT | |
Dec 22, 2024 14:12:41.792851925 CET | 153 | OUT | |
Dec 22, 2024 14:12:43.380470037 CET | 1236 | IN | |
Dec 22, 2024 14:12:43.380490065 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
18 | 192.168.2.5 | 49785 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:43.656884909 CET | 257 | OUT | |
Dec 22, 2024 14:12:43.778744936 CET | 153 | OUT | |
Dec 22, 2024 14:12:45.336585045 CET | 1236 | IN | |
Dec 22, 2024 14:12:45.336741924 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
19 | 192.168.2.5 | 49791 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:45.605190039 CET | 257 | OUT | |
Dec 22, 2024 14:12:45.725101948 CET | 153 | OUT | |
Dec 22, 2024 14:12:47.298543930 CET | 1236 | IN | |
Dec 22, 2024 14:12:47.298624039 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
20 | 192.168.2.5 | 49797 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:47.582710028 CET | 257 | OUT | |
Dec 22, 2024 14:12:47.702296972 CET | 153 | OUT | |
Dec 22, 2024 14:12:49.264209986 CET | 1236 | IN | |
Dec 22, 2024 14:12:49.264269114 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
21 | 192.168.2.5 | 49803 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:49.534415007 CET | 257 | OUT | |
Dec 22, 2024 14:12:49.654094934 CET | 153 | OUT | |
Dec 22, 2024 14:12:51.145335913 CET | 1236 | IN | |
Dec 22, 2024 14:12:51.145369053 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
22 | 192.168.2.5 | 49808 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:51.661875010 CET | 257 | OUT | |
Dec 22, 2024 14:12:51.781466961 CET | 153 | OUT | |
Dec 22, 2024 14:12:53.385320902 CET | 1236 | IN | |
Dec 22, 2024 14:12:53.385363102 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
23 | 192.168.2.5 | 49813 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:53.656523943 CET | 257 | OUT | |
Dec 22, 2024 14:12:53.776209116 CET | 153 | OUT | |
Dec 22, 2024 14:12:55.345941067 CET | 1236 | IN | |
Dec 22, 2024 14:12:55.345988989 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
24 | 192.168.2.5 | 49819 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:55.629004955 CET | 257 | OUT | |
Dec 22, 2024 14:12:55.748800039 CET | 153 | OUT | |
Dec 22, 2024 14:12:57.219871998 CET | 1236 | IN | |
Dec 22, 2024 14:12:57.219886065 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
25 | 192.168.2.5 | 49825 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:57.516555071 CET | 257 | OUT | |
Dec 22, 2024 14:12:57.639002085 CET | 153 | OUT | |
Dec 22, 2024 14:12:59.252799034 CET | 1236 | IN | |
Dec 22, 2024 14:12:59.252813101 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
26 | 192.168.2.5 | 49828 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:12:59.533334970 CET | 257 | OUT | |
Dec 22, 2024 14:12:59.653023958 CET | 153 | OUT | |
Dec 22, 2024 14:13:01.214343071 CET | 1236 | IN | |
Dec 22, 2024 14:13:01.214385986 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
27 | 192.168.2.5 | 49834 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:01.487555027 CET | 257 | OUT | |
Dec 22, 2024 14:13:01.607261896 CET | 153 | OUT | |
Dec 22, 2024 14:13:03.080998898 CET | 1236 | IN | |
Dec 22, 2024 14:13:03.081017017 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
28 | 192.168.2.5 | 49841 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:03.365525961 CET | 257 | OUT | |
Dec 22, 2024 14:13:03.485305071 CET | 153 | OUT | |
Dec 22, 2024 14:13:05.050447941 CET | 1236 | IN | |
Dec 22, 2024 14:13:05.050488949 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
29 | 192.168.2.5 | 49847 | 92.113.16.63 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:05.528803110 CET | 257 | OUT | |
Dec 22, 2024 14:13:05.648439884 CET | 153 | OUT | |
Dec 22, 2024 14:13:07.230549097 CET | 1236 | IN | |
Dec 22, 2024 14:13:07.230614901 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
30 | 192.168.2.5 | 49853 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:07.733023882 CET | 257 | OUT | |
Dec 22, 2024 14:13:07.852653980 CET | 153 | OUT | |
Dec 22, 2024 14:13:09.430635929 CET | 1236 | IN | |
Dec 22, 2024 14:13:09.430753946 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
31 | 192.168.2.5 | 49859 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:09.705409050 CET | 257 | OUT | |
Dec 22, 2024 14:13:09.825571060 CET | 153 | OUT | |
Dec 22, 2024 14:13:11.446013927 CET | 1236 | IN | |
Dec 22, 2024 14:13:11.446043015 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
32 | 192.168.2.5 | 49864 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:11.709115982 CET | 257 | OUT | |
Dec 22, 2024 14:13:11.829832077 CET | 153 | OUT | |
Dec 22, 2024 14:13:13.344949961 CET | 1236 | IN | |
Dec 22, 2024 14:13:13.344963074 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
33 | 192.168.2.5 | 49870 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:13.626626968 CET | 257 | OUT | |
Dec 22, 2024 14:13:13.746541977 CET | 153 | OUT | |
Dec 22, 2024 14:13:15.306358099 CET | 1236 | IN | |
Dec 22, 2024 14:13:15.306508064 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
34 | 192.168.2.5 | 49875 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:15.581584930 CET | 257 | OUT | |
Dec 22, 2024 14:13:15.701196909 CET | 153 | OUT | |
Dec 22, 2024 14:13:17.173873901 CET | 1236 | IN | |
Dec 22, 2024 14:13:17.173912048 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
35 | 192.168.2.5 | 49879 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:17.571537971 CET | 257 | OUT | |
Dec 22, 2024 14:13:17.691250086 CET | 153 | OUT | |
Dec 22, 2024 14:13:19.186173916 CET | 1236 | IN | |
Dec 22, 2024 14:13:19.186192989 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
36 | 192.168.2.5 | 49885 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:19.461146116 CET | 257 | OUT | |
Dec 22, 2024 14:13:19.580921888 CET | 153 | OUT | |
Dec 22, 2024 14:13:21.159703016 CET | 1236 | IN | |
Dec 22, 2024 14:13:21.159744024 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
37 | 192.168.2.5 | 49889 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:21.443547964 CET | 257 | OUT | |
Dec 22, 2024 14:13:21.563410997 CET | 153 | OUT | |
Dec 22, 2024 14:13:23.045350075 CET | 1236 | IN | |
Dec 22, 2024 14:13:23.045397997 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
38 | 192.168.2.5 | 49895 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:23.310646057 CET | 257 | OUT | |
Dec 22, 2024 14:13:23.430649996 CET | 153 | OUT | |
Dec 22, 2024 14:13:25.016725063 CET | 1236 | IN | |
Dec 22, 2024 14:13:25.016891003 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
39 | 192.168.2.5 | 49901 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:25.287127972 CET | 257 | OUT | |
Dec 22, 2024 14:13:25.406831980 CET | 153 | OUT | |
Dec 22, 2024 14:13:27.011996984 CET | 1236 | IN | |
Dec 22, 2024 14:13:27.012039900 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
40 | 192.168.2.5 | 49907 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:27.274868965 CET | 257 | OUT | |
Dec 22, 2024 14:13:27.394769907 CET | 153 | OUT | |
Dec 22, 2024 14:13:28.961195946 CET | 1236 | IN | |
Dec 22, 2024 14:13:28.961262941 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
41 | 192.168.2.5 | 49913 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:29.240976095 CET | 257 | OUT | |
Dec 22, 2024 14:13:29.361058950 CET | 153 | OUT | |
Dec 22, 2024 14:13:30.980350018 CET | 1236 | IN | |
Dec 22, 2024 14:13:30.980391026 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
42 | 192.168.2.5 | 49919 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:31.246462107 CET | 257 | OUT | |
Dec 22, 2024 14:13:31.366487026 CET | 153 | OUT | |
Dec 22, 2024 14:13:32.953111887 CET | 1236 | IN | |
Dec 22, 2024 14:13:32.953152895 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
43 | 192.168.2.5 | 49925 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:33.220397949 CET | 257 | OUT | |
Dec 22, 2024 14:13:33.340411901 CET | 153 | OUT | |
Dec 22, 2024 14:13:34.839884996 CET | 1236 | IN | |
Dec 22, 2024 14:13:34.840003967 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
44 | 192.168.2.5 | 49930 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:35.105237961 CET | 257 | OUT | |
Dec 22, 2024 14:13:35.225030899 CET | 153 | OUT | |
Dec 22, 2024 14:13:36.785753012 CET | 1236 | IN | |
Dec 22, 2024 14:13:36.786768913 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
45 | 192.168.2.5 | 49934 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:37.064186096 CET | 257 | OUT | |
Dec 22, 2024 14:13:37.184149981 CET | 153 | OUT | |
Dec 22, 2024 14:13:38.783813953 CET | 1236 | IN | |
Dec 22, 2024 14:13:38.783854008 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
46 | 192.168.2.5 | 49940 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:39.071338892 CET | 257 | OUT | |
Dec 22, 2024 14:13:39.191137075 CET | 153 | OUT | |
Dec 22, 2024 14:13:40.663906097 CET | 1236 | IN | |
Dec 22, 2024 14:13:40.663966894 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
47 | 192.168.2.5 | 49944 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:41.096642971 CET | 257 | OUT | |
Dec 22, 2024 14:13:41.217228889 CET | 153 | OUT | |
Dec 22, 2024 14:13:42.776597023 CET | 1236 | IN | |
Dec 22, 2024 14:13:42.776618004 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
48 | 192.168.2.5 | 49950 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:43.053759098 CET | 257 | OUT | |
Dec 22, 2024 14:13:43.173669100 CET | 153 | OUT | |
Dec 22, 2024 14:13:44.747859001 CET | 1236 | IN | |
Dec 22, 2024 14:13:44.747922897 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
49 | 192.168.2.5 | 49955 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:45.014931917 CET | 257 | OUT | |
Dec 22, 2024 14:13:45.134598970 CET | 153 | OUT | |
Dec 22, 2024 14:13:46.742389917 CET | 1236 | IN | |
Dec 22, 2024 14:13:46.742428064 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
50 | 192.168.2.5 | 49959 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:47.012166977 CET | 257 | OUT | |
Dec 22, 2024 14:13:47.131865025 CET | 153 | OUT | |
Dec 22, 2024 14:13:48.702753067 CET | 1236 | IN | |
Dec 22, 2024 14:13:48.702883959 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
51 | 192.168.2.5 | 49964 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:48.962547064 CET | 257 | OUT | |
Dec 22, 2024 14:13:49.082293034 CET | 153 | OUT | |
Dec 22, 2024 14:13:50.576571941 CET | 1236 | IN | |
Dec 22, 2024 14:13:50.576713085 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
52 | 192.168.2.5 | 49970 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:50.855422974 CET | 257 | OUT | |
Dec 22, 2024 14:13:50.975179911 CET | 153 | OUT | |
Dec 22, 2024 14:13:52.558160067 CET | 1236 | IN | |
Dec 22, 2024 14:13:52.558290005 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
53 | 192.168.2.5 | 49976 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:52.822540045 CET | 257 | OUT | |
Dec 22, 2024 14:13:52.942630053 CET | 153 | OUT | |
Dec 22, 2024 14:13:54.531948090 CET | 1236 | IN | |
Dec 22, 2024 14:13:54.532008886 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
54 | 192.168.2.5 | 49982 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:55.087287903 CET | 257 | OUT | |
Dec 22, 2024 14:13:55.208168983 CET | 153 | OUT | |
Dec 22, 2024 14:13:56.719813108 CET | 1236 | IN | |
Dec 22, 2024 14:13:56.719855070 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
55 | 192.168.2.5 | 49988 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:56.995337963 CET | 257 | OUT | |
Dec 22, 2024 14:13:57.115154028 CET | 153 | OUT | |
Dec 22, 2024 14:13:58.700980902 CET | 1236 | IN | |
Dec 22, 2024 14:13:58.701054096 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
56 | 192.168.2.5 | 49993 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:13:58.958937883 CET | 257 | OUT | |
Dec 22, 2024 14:13:59.078912973 CET | 153 | OUT | |
Dec 22, 2024 14:14:00.640110016 CET | 1236 | IN | |
Dec 22, 2024 14:14:00.640153885 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
57 | 192.168.2.5 | 49998 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:14:00.915138960 CET | 257 | OUT | |
Dec 22, 2024 14:14:01.034852028 CET | 153 | OUT | |
Dec 22, 2024 14:14:02.599672079 CET | 1236 | IN | |
Dec 22, 2024 14:14:02.599735975 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
58 | 192.168.2.5 | 50002 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:14:02.864523888 CET | 257 | OUT | |
Dec 22, 2024 14:14:02.984416008 CET | 153 | OUT | |
Dec 22, 2024 14:14:04.589252949 CET | 1236 | IN | |
Dec 22, 2024 14:14:04.589303970 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
59 | 192.168.2.5 | 50008 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:14:04.863217115 CET | 257 | OUT | |
Dec 22, 2024 14:14:04.984505892 CET | 153 | OUT | |
Dec 22, 2024 14:14:06.546581030 CET | 1236 | IN | |
Dec 22, 2024 14:14:06.546654940 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
60 | 192.168.2.5 | 50014 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:14:07.100033045 CET | 257 | OUT | |
Dec 22, 2024 14:14:07.223056078 CET | 153 | OUT | |
Dec 22, 2024 14:14:08.782496929 CET | 1236 | IN | |
Dec 22, 2024 14:14:08.782629967 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
61 | 192.168.2.5 | 50020 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:14:09.269464016 CET | 257 | OUT | |
Dec 22, 2024 14:14:09.389082909 CET | 153 | OUT | |
Dec 22, 2024 14:14:10.859057903 CET | 1236 | IN | |
Dec 22, 2024 14:14:10.859142065 CET | 12 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
62 | 192.168.2.5 | 50026 | 92.113.16.67 | 80 | 3292 | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Dec 22, 2024 14:14:11.137404919 CET | 257 | OUT | |
Dec 22, 2024 14:14:11.258701086 CET | 153 | OUT | |
Dec 22, 2024 14:14:12.816879034 CET | 1236 | IN | |
Dec 22, 2024 14:14:12.816898108 CET | 12 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 08:12:03 |
Start date: | 22/12/2024 |
Path: | C:\Users\user\Desktop\Hh8hqqbu9X.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0xf70000 |
File size: | 577'536 bytes |
MD5 hash: | F4C0448C427E926B0D3C0D1FBC1A866E |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | low |
Has exited: | true |
Target ID: | 1 |
Start time: | 08:12:04 |
Start date: | 22/12/2024 |
Path: | C:\Windows\Microsoft.NET\Framework\v2.0.50727\vbc.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 1'173'928 bytes |
MD5 hash: | D881DE17AA8F2E2C08CBB7B265F928F9 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | moderate |
Has exited: | false |
Execution Graph
Execution Coverage: | 15.1% |
Dynamic/Decrypted Code Coverage: | 100% |
Signature Coverage: | 1.6% |
Total number of Nodes: | 812 |
Total number of Limit Nodes: | 56 |
Graph
Function 058ABE44 Relevance: 6.9, Strings: 5, Instructions: 639COMMON
Control-flow Graph
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05906E50 Relevance: 1.6, APIs: 1, Instructions: 50nativeCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05906E58 Relevance: 1.6, APIs: 1, Instructions: 50nativeCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05902020 Relevance: .4, Instructions: 396COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05908128 Relevance: .3, Instructions: 332COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058ACC39 Relevance: .3, Instructions: 269COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058A1C51 Relevance: .2, Instructions: 228COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0590676F Relevance: 1.8, APIs: 1, Instructions: 283COMMON
Control-flow Graph
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0182AD68 Relevance: 1.7, APIs: 1, Instructions: 196COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05900370 Relevance: 1.6, APIs: 1, Instructions: 134windowCOMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058A18E4 Relevance: 1.6, APIs: 1, Instructions: 113COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058A18F0 Relevance: 1.6, APIs: 1, Instructions: 113COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 01825A6C Relevance: 1.6, APIs: 1, Instructions: 100COMMON
Control-flow Graph
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 018244D4 Relevance: 1.6, APIs: 1, Instructions: 96COMMON
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 018258F5 Relevance: 1.6, APIs: 1, Instructions: 93COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058A4050 Relevance: 1.6, APIs: 1, Instructions: 93COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058ADEC0 Relevance: 1.6, APIs: 1, Instructions: 80COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0182B750 Relevance: 1.6, APIs: 1, Instructions: 65COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0182D638 Relevance: 1.6, APIs: 1, Instructions: 63COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05906C88 Relevance: 1.6, APIs: 1, Instructions: 63COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05906BB0 Relevance: 1.6, APIs: 1, Instructions: 63threadCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0590ADE8 Relevance: 1.6, APIs: 1, Instructions: 62threadCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05906C80 Relevance: 1.6, APIs: 1, Instructions: 62COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05900C10 Relevance: 1.6, APIs: 1, Instructions: 62windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 059099C4 Relevance: 1.6, APIs: 1, Instructions: 62threadCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05906BA9 Relevance: 1.6, APIs: 1, Instructions: 62threadCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058ACADC Relevance: 1.6, APIs: 1, Instructions: 56windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 059003C0 Relevance: 1.6, APIs: 1, Instructions: 55windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 059025E1 Relevance: 1.6, APIs: 1, Instructions: 54windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05906F10 Relevance: 1.6, APIs: 1, Instructions: 53memoryCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05906F09 Relevance: 1.6, APIs: 1, Instructions: 52memoryCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05906FD0 Relevance: 1.5, APIs: 1, Instructions: 49threadCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05906FC8 Relevance: 1.5, APIs: 1, Instructions: 49threadCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05900C40 Relevance: 1.5, APIs: 1, Instructions: 48windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0182AF58 Relevance: 1.5, APIs: 1, Instructions: 47COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058A31BC Relevance: 1.5, APIs: 1, Instructions: 47windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058A6CBC Relevance: 1.5, APIs: 1, Instructions: 47windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058AE9A8 Relevance: 1.5, APIs: 1, Instructions: 47windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058ACB20 Relevance: 1.5, APIs: 1, Instructions: 47windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058AF7C8 Relevance: 1.5, APIs: 1, Instructions: 46windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05902D80 Relevance: 1.5, APIs: 1, Instructions: 46windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0590040C Relevance: 1.5, APIs: 1, Instructions: 46windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05900364 Relevance: 1.5, APIs: 1, Instructions: 46comCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058AE278 Relevance: 1.5, APIs: 1, Instructions: 43windowCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05901E01 Relevance: 1.5, APIs: 1, Instructions: 42comCOMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05908650 Relevance: 1.3, APIs: 1, Instructions: 74COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 05907358 Relevance: 1.3, APIs: 1, Instructions: 50COMMON
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 017CD3D8 Relevance: .1, Instructions: 75COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 017DD01C Relevance: .1, Instructions: 72COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 017DD005 Relevance: .1, Instructions: 63COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 017CD3D3 Relevance: .1, Instructions: 56COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058A0040 Relevance: .3, Instructions: 315COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 0182D324 Relevance: .3, Instructions: 264COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 058A0006 Relevance: .2, Instructions: 230COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Execution Graph
Execution Coverage: | 31.5% |
Dynamic/Decrypted Code Coverage: | 0% |
Signature Coverage: | 4.4% |
Total number of Nodes: | 1846 |
Total number of Limit Nodes: | 92 |
Graph
Function 00403D74 Relevance: 14.2, APIs: 4, Strings: 4, Instructions: 200fileCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00402B7C Relevance: 3.0, APIs: 2, Instructions: 20memoryCOMMON
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00406069 Relevance: 1.5, APIs: 1, Instructions: 12COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00404ED4 Relevance: 1.5, APIs: 1, Instructions: 9networkCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Control-flow Graph
APIs |
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00404E17 Relevance: 7.6, APIs: 5, Instructions: 72networkCOMMON
Control-flow Graph
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 004040BB Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 129filememoryCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
APIs |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 004042CF Relevance: 4.6, APIs: 3, Instructions: 60fileCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00412D31 Relevance: 3.7, APIs: 1, Strings: 1, Instructions: 178threadCOMMON
APIs |
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
APIs |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00402C03 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 13libraryloaderCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 004060BD Relevance: 1.6, APIs: 1, Instructions: 53COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00403C62 Relevance: 1.5, APIs: 1, Instructions: 24COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 0040642C Relevance: 1.5, APIs: 1, Instructions: 18COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00404EEA Relevance: 1.5, APIs: 1, Instructions: 16networkCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00403BD0 Relevance: 1.5, APIs: 1, Instructions: 14COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00404DF3 Relevance: 1.5, APIs: 1, Instructions: 13networkCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 0040427D Relevance: 1.5, APIs: 1, Instructions: 13COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00403C08 Relevance: 1.5, APIs: 1, Instructions: 12fileCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00402C1F Relevance: 1.5, APIs: 1, Instructions: 12libraryCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00403BEF Relevance: 1.5, APIs: 1, Instructions: 12COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00403BB7 Relevance: 1.5, APIs: 1, Instructions: 12COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00403B64 Relevance: 1.5, APIs: 1, Instructions: 11COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00404DE5 Relevance: 1.5, APIs: 1, Instructions: 6COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00403F9E Relevance: 1.3, APIs: 1, Instructions: 16COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00403C40 Relevance: 1.3, APIs: 1, Instructions: 12COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00406472 Relevance: 1.3, APIs: 1, Instructions: 12sleepCOMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 004058EA Relevance: 1.3, APIs: 1, Instructions: 12COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 00405924 Relevance: 1.3, APIs: 1, Instructions: 12COMMON
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 0040D069 Relevance: 12.6, Strings: 10, Instructions: 138COMMON
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Function 0040317B Relevance: .0, Instructions: 46COMMON
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|