Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
ub8ehJSePAfc9FYqZIT6.ppc.elf

Overview

General Information

Sample name:ub8ehJSePAfc9FYqZIT6.ppc.elf
Analysis ID:1579593
MD5:26885e38a79975ffc987f94b40bb0bd3
SHA1:2f0e3aa1e47ea5ddb89ba409305b68bee9c43848
SHA256:7dff19d7639718a88558376267278c64bf343c7f06b9d913cfb7aafd424e1b05
Tags:elfuser-abuse_ch
Infos:

Detection

Score:68
Range:0 - 100
Whitelisted:false

Signatures

Antivirus / Scanner detection for submitted sample
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Sample is packed with UPX
Detected TCP or UDP traffic on non-standard ports
ELF contains segments with high entropy indicating compressed/encrypted content
Enumerates processes within the "proc" file system
Sample contains only a LOAD segment without any section mappings
Uses the "uname" system call to query kernel version information (possible evasion)
Yara signature match

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1579593
Start date and time:2024-12-23 03:30:14 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 4m 52s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:ub8ehJSePAfc9FYqZIT6.ppc.elf
Detection:MAL
Classification:mal68.evad.linELF@0/0@0/0

Runtime Messages

Command:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
PID:5591
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
lzrd cock fest"/proc/"/exe
Standard Error:

Process Tree

  • system is lnxubuntu20
  • cleanup

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
5601.1.00007f19f0014000.00007f19f0017000.rwx.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0x350:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x364:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x378:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x38c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x404:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x418:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x42c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x440:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x454:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x468:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x47c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x490:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4a4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4b8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4cc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4e0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
5593.1.00007f19f0014000.00007f19f0017000.rwx.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0x350:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x364:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x378:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x38c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x404:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x418:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x42c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x440:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x454:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x468:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x47c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x490:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4a4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4b8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4cc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4e0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
5591.1.00007f19f0014000.00007f19f0017000.rwx.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0x350:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x364:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x378:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x38c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x404:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x418:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x42c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x440:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x454:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x468:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x47c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x490:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4a4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4b8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4cc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4e0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
5595.1.00007f19f0014000.00007f19f0017000.rwx.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0x350:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x364:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x378:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x38c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x404:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x418:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x42c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x440:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x454:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x468:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x47c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x490:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4a4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4b8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4cc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4e0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5591Linux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0xfc4f:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfc63:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfc77:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfc8b:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfc9f:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfcb3:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfcc7:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfcdb:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfcef:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfd03:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfd17:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfd2b:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfd3f:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfd53:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfd67:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfd7b:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfd8f:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfda3:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfdb7:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfdcb:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0xfddf:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
Click to see the 3 entries

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: ub8ehJSePAfc9FYqZIT6.ppc.elfAvira: detected
Multi AV Scanner detection for submitted file
Source: ub8ehJSePAfc9FYqZIT6.ppc.elfVirustotal: Detection: 42%Perma Link
Source: ub8ehJSePAfc9FYqZIT6.ppc.elfReversingLabs: Detection: 42%
Source: global trafficTCP traffic: 192.168.2.15:60260 -> 195.26.252.19:3778
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: unknownTCP traffic detected without corresponding DNS query: 195.26.252.19
Source: ub8ehJSePAfc9FYqZIT6.ppc.elfString found in binary or memory: http://upx.sf.net

System Summary

barindex
Malicious sample detected (through community Yara rule)
Source: 5601.1.00007f19f0014000.00007f19f0017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5593.1.00007f19f0014000.00007f19f0017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5591.1.00007f19f0014000.00007f19f0017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5595.1.00007f19f0014000.00007f19f0017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5591, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5593, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5595, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5601, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: LOAD without section mappingsProgram segment: 0x100000
Source: 5601.1.00007f19f0014000.00007f19f0017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5593.1.00007f19f0014000.00007f19f0017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5591.1.00007f19f0014000.00007f19f0017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5595.1.00007f19f0014000.00007f19f0017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5591, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5593, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5595, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5601, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: classification engineClassification label: mal68.evad.linELF@0/0@0/0

Data Obfuscation

barindex
Sample is packed with UPX
Source: initial sampleString containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sampleString containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sampleString containing UPX found: $Id: UPX 3.94 Copyright (C) 1996-2017 the UPX Team. All Rights Reserved. $
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/110/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/231/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/111/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/112/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/233/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/113/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/114/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/235/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/115/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/1333/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/116/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/1695/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/117/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/118/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/119/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/911/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/914/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/10/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/917/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/11/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/12/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/13/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/14/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/15/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/3890/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/16/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/17/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/18/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/19/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/1591/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/120/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/121/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/1/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/122/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/243/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/2/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/123/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/3/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/124/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/1588/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/125/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/4/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/246/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/126/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/5/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/127/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/6/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/1585/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/128/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/7/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/129/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/8/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/800/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/9/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/802/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/803/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/804/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/20/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/21/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/3407/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/22/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/23/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/24/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/25/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/26/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/27/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/28/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/29/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/1484/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/490/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/250/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/130/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/251/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/131/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/132/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/133/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/1479/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/378/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/258/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/259/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/931/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/1595/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/812/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/933/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/30/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/3419/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/35/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/3310/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/260/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/261/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/262/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/142/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/263/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/264/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/265/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/145/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/266/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/267/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/268/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/3303/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/269/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/1486/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/1806/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/3440/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)File opened: /proc/270/statusJump to behavior
Source: ub8ehJSePAfc9FYqZIT6.ppc.elfSubmission file: segment LOAD with 7.9634 entropy (max. 8.0)
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5591)Queries kernel information via 'uname': Jump to behavior
Source: ub8ehJSePAfc9FYqZIT6.ppc.elf, 5593.1.000055ebffadd000.000055ebffb8d000.rw-.sdmpBinary or memory string: !/etc/qemu-binfmt/ppc11!hotpluggableq
Source: ub8ehJSePAfc9FYqZIT6.ppc.elf, 5591.1.000055ebffadd000.000055ebffbae000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5595.1.000055ebffadd000.000055ebffb8d000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5601.1.000055ebffadd000.000055ebffbae000.rw-.sdmpBinary or memory string: !/etc/qemu-binfmt/ppc1
Source: ub8ehJSePAfc9FYqZIT6.ppc.elf, 5591.1.000055ebffadd000.000055ebffbae000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5593.1.000055ebffadd000.000055ebffb8d000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5595.1.000055ebffadd000.000055ebffb8d000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5601.1.000055ebffadd000.000055ebffbae000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/ppc
Source: ub8ehJSePAfc9FYqZIT6.ppc.elf, 5591.1.00007ffd8535f000.00007ffd85380000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5593.1.00007ffd8535f000.00007ffd85380000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5595.1.00007ffd8535f000.00007ffd85380000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5601.1.00007ffd8535f000.00007ffd85380000.rw-.sdmpBinary or memory string: /usr/bin/qemu-ppc
Source: ub8ehJSePAfc9FYqZIT6.ppc.elf, 5591.1.00007ffd8535f000.00007ffd85380000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5593.1.00007ffd8535f000.00007ffd85380000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5595.1.00007ffd8535f000.00007ffd85380000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5601.1.00007ffd8535f000.00007ffd85380000.rw-.sdmpBinary or memory string: x86_64/usr/bin/qemu-ppc/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath InterceptionPath Interception11
Obfuscated Files or Information		1
OS Credential Dumping		11
Security Software Discovery		Remote ServicesData from Local System1
Non-Standard Port		Exfiltration Over Other Network MediumAbuse Accessibility Features

Malware Configuration

No configs have been found

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Number of created Files
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
ub8ehJSePAfc9FYqZIT6.ppc.elf43%VirustotalBrowse
ub8ehJSePAfc9FYqZIT6.ppc.elf42%ReversingLabsLinux.Trojan.Mirai
ub8ehJSePAfc9FYqZIT6.ppc.elf100%AviraEXP/ELF.Agent.F.118

Dropped Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

No contacted domains info

URLs from Memory and Binaries

NameSourceMaliciousAntivirus DetectionReputation
http://upx.sf.netub8ehJSePAfc9FYqZIT6.ppc.elffalse
    		high

    World Map of Contacted IPs

    • No. of IPs < 25%
    • 25% < No. of IPs < 50%
    • 50% < No. of IPs < 75%
    • 75% < No. of IPs

    Public IPs

    IPDomainCountryFlagASNASN NameMalicious
    195.26.252.19
    		unknownUnited Kingdom
    		8897KCOM-SPNService-ProviderNetworkex-MistralGBfalse

    Joe Sandbox View / Context

    IPs

    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
    195.26.252.19ub8ehJSePAfc9FYqZIT6.m68k.elfGet hashmaliciousMiraiBrowse
      ub8ehJSePAfc9FYqZIT6.arm7.elfGet hashmaliciousMiraiBrowse
        ub8ehJSePAfc9FYqZIT6.mips.elfGet hashmaliciousUnknownBrowse
          ub8ehJSePAfc9FYqZIT6.arm6.elfGet hashmaliciousUnknownBrowse
            ub8ehJSePAfc9FYqZIT6.i686.elfGet hashmaliciousUnknownBrowse
              ub8ehJSePAfc9FYqZIT6.x86.elfGet hashmaliciousUnknownBrowse

                Domains

                No context

                ASNs

                MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                KCOM-SPNService-ProviderNetworkex-MistralGBub8ehJSePAfc9FYqZIT6.m68k.elfGet hashmaliciousMiraiBrowse
                • 195.26.252.19
                ub8ehJSePAfc9FYqZIT6.arm7.elfGet hashmaliciousMiraiBrowse
                • 195.26.252.19
                ub8ehJSePAfc9FYqZIT6.mips.elfGet hashmaliciousUnknownBrowse
                • 195.26.252.19
                ub8ehJSePAfc9FYqZIT6.arm6.elfGet hashmaliciousUnknownBrowse
                • 195.26.252.19
                ub8ehJSePAfc9FYqZIT6.i686.elfGet hashmaliciousUnknownBrowse
                • 195.26.252.19
                ub8ehJSePAfc9FYqZIT6.x86.elfGet hashmaliciousUnknownBrowse
                • 195.26.252.19
                la.bot.arm7.elfGet hashmaliciousMiraiBrowse
                • 213.254.174.221
                x86_64.nn.elfGet hashmaliciousMirai, OkiruBrowse
                • 193.108.169.23
                x86_64.nn.elfGet hashmaliciousMirai, OkiruBrowse
                • 217.154.178.248
                ppc.elfGet hashmaliciousMirai, MoobotBrowse
                • 159.15.89.185

                JA3 Fingerprints

                No context

                Dropped Files

                No context

                Created / dropped Files

                No created / dropped files found

                Static File Info

                General

                File type:ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1 (GNU/Linux), statically linked, no section header
                Entropy (8bit):7.961393822835951
                TrID:
                • ELF Executable and Linkable format (Linux) (4029/14) 50.16%
                • ELF Executable and Linkable format (generic) (4004/1) 49.84%
                File name:ub8ehJSePAfc9FYqZIT6.ppc.elf
                File size:40'316 bytes
                MD5:26885e38a79975ffc987f94b40bb0bd3
                SHA1:2f0e3aa1e47ea5ddb89ba409305b68bee9c43848
                SHA256:7dff19d7639718a88558376267278c64bf343c7f06b9d913cfb7aafd424e1b05
                SHA512:d02a7b5232f759690d673ec3e9611e305018c805d01548fcbad10d4a8e6a31fff2eadc9f45da6adb13f500b4621c5d07181ea6d18ed089414ef93b758423abe3
                SSDEEP:768:qEIycbQHUBnVYoMcb/BLY+d34eE6H2PUQzSh18rCRk4uVcqgw09X:xI7bQ0BVeA5YYnH25zL4u+qgw09X
                TLSH:B303F176F0E60DB9DAFEC7B50194F7C93FD1B3CE36D689A0A2A1D31072099221652DC6
                File Content Preview:.ELF...........................4.........4. ...(.......................p...p..............k...k...k.................dt.Q................................UPX!..........b...b........V.......?.E.h4...@b........=.a....`..Y...j{.c.HL}.....H..z.q.H.....8ea......

                Static ELF Info

                ELF header

                Class:ELF32
                Data:2's complement, big endian
                Version:1 (current)
                Machine:PowerPC
                Version Number:0x1
                Type:EXEC (Executable file)
                OS/ABI:UNIX - Linux
                ABI Version:0
                Entry Point Address:0x108a88
                Flags:0x0
                ELF Header Size:52
                Program Header Offset:52
                Program Header Size:32
                Number of Program Headers:3
                Section Header Offset:0
                Section Header Size:40
                Number of Section Headers:0
                Header String Table Index:0

                Program Segments

                TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                LOAD0x00x1000000x1000000x9c700x9c707.96340x5R E0x10000
                LOAD0x6b900x10026b900x10026b900x00x00.00000x6RW 0x10000
                GNU_STACK0x00x00x00x00x00.00000x6RW 0x4

                Network Behavior

                Network Port Distribution

                TCP Packets

                TimestampSource PortDest PortSource IPDest IP
                Dec 23, 2024 03:31:17.139281988 CET602603778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:17.258915901 CET377860260195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:17.259068966 CET602603778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:17.286041021 CET602603778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:17.405555010 CET377860260195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:17.405622959 CET602603778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:17.525126934 CET377860260195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:18.488749981 CET377860260195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:18.488909960 CET602603778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:18.489092112 CET602603778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:18.489763021 CET602623778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:18.609255075 CET377860262195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:18.609561920 CET602623778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:18.610830069 CET602623778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:18.730273008 CET377860262195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:18.730525017 CET602623778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:18.850069046 CET377860262195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:19.748778105 CET377860262195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:19.749008894 CET602623778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:19.749064922 CET602623778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:19.749644995 CET602643778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:19.869115114 CET377860264195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:19.869219065 CET602643778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:19.870297909 CET602643778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:19.989780903 CET377860264195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:19.989882946 CET602643778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:20.109551907 CET377860264195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:21.020519972 CET377860264195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:21.020692110 CET602643778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:21.020780087 CET602643778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:21.021301985 CET602663778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:21.140738964 CET377860266195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:21.140834093 CET602663778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:21.141819000 CET602663778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:21.261207104 CET377860266195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:21.261348963 CET602663778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:21.380789995 CET377860266195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:22.278942108 CET377860266195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:22.279135942 CET602663778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:22.279171944 CET602663778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:22.279704094 CET602683778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:22.399133921 CET377860268195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:22.399353981 CET602683778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:22.400373936 CET602683778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:22.519829988 CET377860268195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:22.520183086 CET602683778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:22.639704943 CET377860268195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:23.118207932 CET602703778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:23.237828970 CET377860270195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:23.237898111 CET602703778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:23.254261971 CET602703778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:23.373742104 CET377860270195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:23.373794079 CET602703778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:23.493266106 CET377860270195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:23.547723055 CET377860268195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:23.547924995 CET602683778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:23.547979116 CET602683778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:23.548547029 CET602723778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:23.668040037 CET377860272195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:23.668121099 CET602723778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:23.669246912 CET602723778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:23.788675070 CET377860272195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:23.788732052 CET602723778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:23.908207893 CET377860272195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:24.375847101 CET377860270195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:24.376079082 CET602703778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:24.376256943 CET602703778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:24.376776934 CET602743778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:24.496252060 CET377860274195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:24.496362925 CET602743778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:24.497277021 CET602743778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:24.616713047 CET377860274195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:24.616894960 CET602743778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:24.736323118 CET377860274195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:24.807966948 CET377860272195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:24.808139086 CET602723778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:24.808139086 CET602723778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:24.808638096 CET602763778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:24.928040028 CET377860276195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:24.928304911 CET602763778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:24.929553032 CET602763778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:25.049004078 CET377860276195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:25.049161911 CET602763778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:25.168673992 CET377860276195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:25.910700083 CET377860274195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:25.910932064 CET602743778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:25.911016941 CET602743778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:25.911439896 CET602783778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:26.030849934 CET377860278195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:26.031054020 CET602783778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:26.302970886 CET377860276195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:26.303019047 CET602763778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:26.303056002 CET602763778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:26.303483009 CET602803778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:26.422980070 CET377860280195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:26.423207045 CET602803778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:26.424201965 CET602803778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:26.543678045 CET377860280195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:26.543786049 CET602803778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:26.663383007 CET377860280195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:26.919070959 CET602783778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:27.038613081 CET377860278195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:27.038801908 CET602783778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:27.039912939 CET602783778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:27.159364939 CET377860278195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:27.159564972 CET602783778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:27.279004097 CET377860278195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:27.609069109 CET377860280195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:27.609405994 CET602803778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:27.609405994 CET602803778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:27.609975100 CET602823778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:27.729403019 CET377860282195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:27.729527950 CET602823778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:27.730406046 CET602823778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:27.849819899 CET377860282195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:27.849966049 CET602823778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:27.969369888 CET377860282195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:28.178328037 CET377860278195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:28.178566933 CET602783778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:28.178689957 CET602783778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:28.179235935 CET602843778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:28.298708916 CET377860284195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:28.298953056 CET602843778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:28.299890995 CET602843778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:28.419374943 CET377860284195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:28.419593096 CET602843778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:28.539057970 CET377860284195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:28.882287979 CET377860282195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:28.882488966 CET602823778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:28.882530928 CET602823778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:28.883023024 CET602863778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:29.002413988 CET377860286195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:29.002537966 CET602863778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:29.448251963 CET377860284195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:29.448448896 CET602843778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:29.448519945 CET602843778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:29.449181080 CET602883778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:29.568861961 CET377860288195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:29.569044113 CET602883778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:29.569855928 CET602883778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:29.689384937 CET377860288195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:29.689559937 CET602883778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:29.809005976 CET377860288195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:29.894921064 CET602863778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:30.014465094 CET377860286195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:30.014588118 CET602863778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:30.015503883 CET602863778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:30.134954929 CET377860286195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:30.135056019 CET602863778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:30.254515886 CET377860286195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:30.709952116 CET377860288195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:30.710190058 CET602883778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:30.710236073 CET602883778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:30.710767984 CET602903778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:30.830238104 CET377860290195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:30.830351114 CET602903778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:30.831392050 CET602903778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:30.950810909 CET377860290195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:30.950957060 CET602903778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:31.070399046 CET377860290195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:31.152996063 CET377860286195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:31.153141975 CET602863778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:31.153176069 CET602863778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:31.153649092 CET602923778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:31.273124933 CET377860292195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:31.273350954 CET602923778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:31.274389029 CET602923778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:31.393825054 CET377860292195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:31.393965006 CET602923778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:31.513447046 CET377860292195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:31.968883038 CET377860290195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:31.969118118 CET602903778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:31.969118118 CET602903778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:31.969470024 CET602943778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:32.088931084 CET377860294195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:32.089123964 CET602943778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:32.089940071 CET602943778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:32.210311890 CET377860294195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:32.210542917 CET602943778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:32.330005884 CET377860294195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:32.414366007 CET377860292195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:32.414488077 CET602923778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:32.414566994 CET602923778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:32.415133953 CET602963778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:32.534590006 CET377860296195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:32.534691095 CET602963778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:32.535550117 CET602963778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:32.655025005 CET377860296195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:32.655117035 CET602963778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:32.774645090 CET377860296195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:33.227143049 CET377860294195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:33.227302074 CET602943778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:33.227330923 CET602943778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:33.227719069 CET602983778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:33.347203016 CET377860298195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:33.347290993 CET602983778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:33.348020077 CET602983778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:33.467871904 CET377860298195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:33.467945099 CET602983778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:33.587549925 CET377860298195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:33.672056913 CET377860296195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:33.672243118 CET602963778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:33.672281027 CET602963778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:33.672943115 CET603003778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:33.792519093 CET377860300195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:33.792648077 CET603003778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:33.793633938 CET603003778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:33.913120031 CET377860300195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:33.913364887 CET603003778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:34.032906055 CET377860300195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:34.499423027 CET377860298195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:34.499639988 CET602983778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:34.499670982 CET602983778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:34.500149965 CET603023778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:34.619837999 CET377860302195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:34.619995117 CET603023778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:34.620841980 CET603023778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:34.740346909 CET377860302195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:34.740523100 CET603023778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:34.860105991 CET377860302195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:34.930051088 CET377860300195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:34.930207014 CET603003778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:34.930283070 CET603003778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:34.931020021 CET603043778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:35.050477028 CET377860304195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:35.050611019 CET603043778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:35.051892996 CET603043778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:35.171322107 CET377860304195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:35.171411037 CET603043778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:35.290893078 CET377860304195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:35.758169889 CET377860302195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:35.758366108 CET603023778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:35.758407116 CET603023778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:35.758893013 CET603063778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:35.879113913 CET377860306195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:35.879296064 CET603063778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:35.880110025 CET603063778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:35.999563932 CET377860306195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:35.999686956 CET603063778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:36.119472980 CET377860306195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:36.187943935 CET377860304195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:36.188044071 CET603043778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:36.188158989 CET603043778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:36.188816071 CET603083778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:36.308325052 CET377860308195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:36.308506966 CET603083778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:36.309659958 CET603083778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:36.429415941 CET377860308195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:36.429531097 CET603083778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:36.549144983 CET377860308195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:37.019696951 CET377860306195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:37.019864082 CET603063778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:37.019889116 CET603063778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:37.020306110 CET603103778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:37.139873028 CET377860310195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:37.140033007 CET603103778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:37.141129017 CET603103778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:37.260607004 CET377860310195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:37.260924101 CET603103778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:37.380397081 CET377860310195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:37.668859959 CET377860308195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:37.669034958 CET603083778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:37.669123888 CET603083778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:37.669675112 CET603123778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:37.789201021 CET377860312195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:37.789326906 CET603123778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:37.790240049 CET603123778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:37.909677029 CET377860312195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:37.909879923 CET603123778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:38.029387951 CET377860312195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:38.398350000 CET377860310195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:38.398554087 CET603103778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:38.398643017 CET603103778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:38.399010897 CET603143778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:38.518507957 CET377860314195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:38.518665075 CET603143778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:38.519459963 CET603143778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:38.638905048 CET377860314195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:38.639028072 CET603143778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:38.758481979 CET377860314195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:38.926898956 CET377860312195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:38.927371979 CET603123778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:38.927371979 CET603123778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:38.928004980 CET603163778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:39.047425032 CET377860316195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:39.047635078 CET603163778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:39.048842907 CET603163778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:39.168304920 CET377860316195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:39.168504000 CET603163778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:39.288034916 CET377860316195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:39.656358957 CET377860314195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:39.656678915 CET603143778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:39.656860113 CET603143778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:39.657386065 CET603183778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:39.776892900 CET377860318195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:39.777174950 CET603183778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:39.778419971 CET603183778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:39.897886992 CET377860318195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:39.898076057 CET603183778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:40.017577887 CET377860318195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:40.184592962 CET377860316195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:40.184773922 CET603163778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:40.184848070 CET603163778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:40.185859919 CET603203778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:40.305418015 CET377860320195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:40.305521011 CET603203778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:40.306818008 CET603203778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:40.426316977 CET377860320195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:40.426542997 CET603203778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:40.546117067 CET377860320195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:40.916137934 CET377860318195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:40.916315079 CET603183778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:40.916408062 CET603183778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:40.917144060 CET603223778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:41.036566973 CET377860322195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:41.036859035 CET603223778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:41.037458897 CET603223778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:41.156896114 CET377860322195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:41.157072067 CET603223778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:41.276468992 CET377860322195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:41.450464964 CET377860320195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:41.450640917 CET603203778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:41.450679064 CET603203778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:41.451283932 CET603243778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:41.570839882 CET377860324195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:41.571018934 CET603243778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:41.572144032 CET603243778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:41.692009926 CET377860324195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:41.692142010 CET603243778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:41.811605930 CET377860324195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:42.176672935 CET377860322195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:42.176930904 CET603223778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:42.177079916 CET603223778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:42.177957058 CET603263778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:42.297533035 CET377860326195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:42.297683001 CET603263778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:42.298525095 CET603263778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:42.418024063 CET377860326195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:42.418154001 CET603263778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:42.537631035 CET377860326195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:42.757668972 CET377860324195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:42.757838964 CET603243778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:42.757908106 CET603243778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:42.758392096 CET603283778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:42.877911091 CET377860328195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:42.878063917 CET603283778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:42.879204988 CET603283778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:42.998610973 CET377860328195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:42.998712063 CET603283778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:43.118185997 CET377860328195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:43.435482979 CET377860326195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:43.435683966 CET603263778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:43.435785055 CET603263778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:43.436709881 CET603303778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:43.556284904 CET377860330195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:43.556422949 CET603303778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:43.558016062 CET603303778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:43.677505016 CET377860330195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:43.677608013 CET603303778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:43.797136068 CET377860330195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:44.015929937 CET377860328195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:44.016156912 CET603283778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:44.016232967 CET603283778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:44.016892910 CET603323778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:44.136396885 CET377860332195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:44.136538982 CET603323778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:44.137851954 CET603323778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:44.257288933 CET377860332195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:44.257736921 CET603323778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:44.377279997 CET377860332195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:44.719832897 CET377860330195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:44.720114946 CET603303778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:44.720114946 CET603303778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:44.720655918 CET603343778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:44.840265989 CET377860334195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:44.840487957 CET603343778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:44.841711998 CET603343778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:44.961275101 CET377860334195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:44.961589098 CET603343778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:45.081137896 CET377860334195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:45.293515921 CET377860332195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:45.293834925 CET603323778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:45.293834925 CET603323778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:45.294332981 CET603363778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:45.413815022 CET377860336195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:45.414104939 CET603363778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:45.415338993 CET603363778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:45.534810066 CET377860336195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:45.535175085 CET603363778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:45.654695988 CET377860336195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:45.978281021 CET377860334195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:45.978591919 CET603343778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:45.978682041 CET603343778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:45.979331970 CET603383778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:46.098766088 CET377860338195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:46.098897934 CET603383778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:46.100058079 CET603383778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:46.219486952 CET377860338195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:46.219608068 CET603383778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:46.339217901 CET377860338195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:46.552052975 CET377860336195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:46.552386999 CET603363778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:46.552484035 CET603363778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:46.553463936 CET603403778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:46.673007965 CET377860340195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:46.673325062 CET603403778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:46.674689054 CET603403778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:46.794167995 CET377860340195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:46.794424057 CET603403778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:46.914014101 CET377860340195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:47.244173050 CET377860338195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:47.244482994 CET603383778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:47.244549036 CET603383778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:47.245235920 CET603423778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:47.364770889 CET377860342195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:47.364865065 CET603423778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:47.365592957 CET603423778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:47.490461111 CET377860342195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:47.490561962 CET603423778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:47.610049009 CET377860342195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:47.811408043 CET377860340195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:47.811585903 CET603403778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:47.811662912 CET603403778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:47.812387943 CET603443778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:47.931904078 CET377860344195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:47.932172060 CET603443778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:47.933671951 CET603443778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:48.053273916 CET377860344195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:48.053459883 CET603443778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:48.172991037 CET377860344195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:48.714762926 CET377860342195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:48.715122938 CET603423778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:48.715217113 CET603423778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:48.715925932 CET603463778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:48.835437059 CET377860346195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:48.835560083 CET603463778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:48.836623907 CET603463778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:48.956125975 CET377860346195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:48.956250906 CET603463778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:49.075822115 CET377860346195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:49.255063057 CET377860344195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:49.255175114 CET603443778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:49.255264044 CET603443778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:49.256082058 CET603483778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:49.375612974 CET377860348195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:49.375947952 CET603483778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:49.377659082 CET603483778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:49.498337030 CET377860348195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:49.498560905 CET603483778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:49.618197918 CET377860348195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:49.974371910 CET377860346195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:49.974560022 CET603463778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:49.974800110 CET603463778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:49.975497007 CET603503778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:50.095032930 CET377860350195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:50.095458984 CET603503778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:50.096487999 CET603503778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:50.216007948 CET377860350195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:50.216274023 CET603503778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:50.335836887 CET377860350195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:50.562254906 CET377860348195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:50.562401056 CET603483778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:50.562503099 CET603483778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:50.563132048 CET603523778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:50.682706118 CET377860352195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:50.682924032 CET603523778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:50.684370041 CET603523778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:50.803936958 CET377860352195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:50.804233074 CET603523778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:50.923768997 CET377860352195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:51.823745966 CET377860352195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:51.823936939 CET603523778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:51.823937893 CET603523778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:51.824466944 CET603543778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:51.944025993 CET377860354195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:51.944230080 CET603543778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:51.945281029 CET603543778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:52.064744949 CET377860354195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:52.064874887 CET603543778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:52.184571028 CET377860354195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:53.082000017 CET377860354195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:53.082261086 CET603543778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:53.082364082 CET603543778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:53.083108902 CET603563778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:53.202665091 CET377860356195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:53.202795982 CET603563778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:53.204255104 CET603563778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:53.323745966 CET377860356195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:53.323851109 CET603563778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:53.443506956 CET377860356195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:54.341090918 CET377860356195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:54.341360092 CET603563778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:54.341423035 CET603563778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:54.342161894 CET603583778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:54.461659908 CET377860358195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:54.461812019 CET603583778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:54.463279009 CET603583778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:54.582799911 CET377860358195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:54.582931042 CET603583778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:54.702461004 CET377860358195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:55.609015942 CET377860358195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:55.609247923 CET603583778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:55.609476089 CET603583778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:55.610290051 CET603603778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:55.729795933 CET377860360195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:55.730086088 CET603603778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:55.731292963 CET603603778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:55.850805044 CET377860360195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:55.851049900 CET603603778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:55.970628977 CET377860360195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:56.867921114 CET377860360195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:56.868025064 CET603603778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:56.868072987 CET603603778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:56.868792057 CET603623778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:56.988454103 CET377860362195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:56.988550901 CET603623778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:56.989793062 CET603623778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:57.109272003 CET377860362195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:57.109360933 CET603623778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:57.228969097 CET377860362195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:58.128062010 CET377860362195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:58.128272057 CET603623778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:58.128310919 CET603623778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:58.128921986 CET603643778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:58.248625994 CET377860364195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:58.248723984 CET603643778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:58.249442101 CET603643778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:58.369052887 CET377860364195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:58.369147062 CET603643778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:58.488718987 CET377860364195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:59.386868000 CET377860364195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:59.387015104 CET603643778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:59.387078047 CET603643778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:59.387782097 CET603663778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:59.507384062 CET377860366195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:59.507524014 CET603663778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:59.509037971 CET603663778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:59.628563881 CET377860366195.26.252.19192.168.2.15
                Dec 23, 2024 03:31:59.628663063 CET603663778192.168.2.15195.26.252.19
                Dec 23, 2024 03:31:59.748298883 CET377860366195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:00.099857092 CET603503778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:00.219459057 CET377860350195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:00.462132931 CET377860350195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:00.462255955 CET603503778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:00.663955927 CET377860366195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:00.664135933 CET603663778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:00.664242983 CET603663778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:00.665008068 CET603683778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:00.784713030 CET377860368195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:00.784889936 CET603683778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:00.786171913 CET603683778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:00.905685902 CET377860368195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:00.905814886 CET603683778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:01.025506020 CET377860368195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:02.467941999 CET377860368195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:02.468138933 CET603683778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:02.468226910 CET603683778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:02.469074011 CET603703778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:02.588762045 CET377860370195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:02.588998079 CET603703778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:02.590219021 CET603703778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:02.709779978 CET377860370195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:02.709942102 CET603703778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:02.829488039 CET377860370195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:03.728252888 CET377860370195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:03.728441954 CET603703778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:03.728548050 CET603703778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:03.729353905 CET603723778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:03.848936081 CET377860372195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:03.849216938 CET603723778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:03.850565910 CET603723778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:03.970191002 CET377860372195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:03.970355988 CET603723778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:04.089914083 CET377860372195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:04.987628937 CET377860372195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:04.987852097 CET603723778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:04.987976074 CET603723778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:04.988970041 CET603743778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:05.109289885 CET377860374195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:05.109460115 CET603743778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:05.110826969 CET603743778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:05.230326891 CET377860374195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:05.230633020 CET603743778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:05.350183010 CET377860374195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:06.257287025 CET377860374195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:06.257411957 CET603743778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:06.257528067 CET603743778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:06.258162975 CET603763778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:06.377796888 CET377860376195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:06.377882004 CET603763778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:06.379084110 CET603763778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:06.498841047 CET377860376195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:06.499108076 CET603763778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:06.618752003 CET377860376195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:07.517169952 CET377860376195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:07.517358065 CET603763778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:07.517461061 CET603763778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:07.518459082 CET603783778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:07.638153076 CET377860378195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:07.638310909 CET603783778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:07.639873028 CET603783778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:07.759428024 CET377860378195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:07.759692907 CET603783778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:07.879350901 CET377860378195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:08.781256914 CET377860378195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:08.781431913 CET603783778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:08.781466007 CET603783778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:08.782167912 CET603803778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:08.901745081 CET377860380195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:08.902045965 CET603803778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:08.903165102 CET603803778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:09.022706985 CET377860380195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:09.022865057 CET603803778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:09.142745972 CET377860380195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:10.043541908 CET377860380195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:10.043901920 CET603803778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:10.043942928 CET603803778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:10.044579983 CET603823778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:10.164068937 CET377860382195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:10.164455891 CET603823778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:10.165713072 CET603823778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:10.285192966 CET377860382195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:10.285325050 CET603823778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:10.405265093 CET377860382195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:11.309478998 CET377860382195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:11.309844017 CET603823778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:11.309881926 CET603823778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:11.310564995 CET603843778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:11.430179119 CET377860384195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:11.430510044 CET603843778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:11.431695938 CET603843778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:11.551192999 CET377860384195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:11.551465034 CET603843778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:11.671180964 CET377860384195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:12.567890882 CET377860384195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:12.568095922 CET603843778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:12.568177938 CET603843778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:12.568592072 CET603863778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:12.688189030 CET377860386195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:12.688380003 CET603863778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:12.689418077 CET603863778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:12.808943987 CET377860386195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:12.809292078 CET603863778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:12.928873062 CET377860386195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:13.827701092 CET377860386195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:13.827826023 CET603863778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:13.827897072 CET603863778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:13.828320980 CET603883778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:13.947897911 CET377860388195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:13.948123932 CET603883778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:13.949028015 CET603883778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:14.068733931 CET377860388195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:14.068875074 CET603883778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:14.188399076 CET377860388195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:15.088505030 CET377860388195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:15.088630915 CET603883778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:15.088684082 CET603883778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:15.089251041 CET603903778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:15.208781958 CET377860390195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:15.208884001 CET603903778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:15.210206032 CET603903778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:15.329790115 CET377860390195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:15.329898119 CET603903778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:15.449558020 CET377860390195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:16.353892088 CET377860390195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:16.354047060 CET603903778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:16.354152918 CET603903778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:16.355143070 CET603923778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:16.474817991 CET377860392195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:16.475099087 CET603923778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:16.476393938 CET603923778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:16.595973015 CET377860392195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:16.596240997 CET603923778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:16.715831041 CET377860392195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:17.613423109 CET377860392195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:17.613714933 CET603923778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:17.613830090 CET603923778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:17.614567041 CET603943778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:17.734143972 CET377860394195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:17.734369993 CET603943778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:17.735585928 CET603943778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:17.855056047 CET377860394195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:17.855222940 CET603943778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:17.974776983 CET377860394195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:18.878166914 CET377860394195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:18.878293991 CET603943778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:18.878329992 CET603943778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:18.878830910 CET603963778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:18.998471022 CET377860396195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:18.998675108 CET603963778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:18.999516010 CET603963778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:19.119050026 CET377860396195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:19.119215012 CET603963778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:19.239332914 CET377860396195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:20.136418104 CET377860396195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:20.136557102 CET603963778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:20.136585951 CET603963778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:20.137197971 CET603983778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:20.256777048 CET377860398195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:20.256899118 CET603983778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:20.257633924 CET603983778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:20.377130985 CET377860398195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:20.377286911 CET603983778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:20.496876955 CET377860398195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:21.398672104 CET377860398195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:21.398827076 CET603983778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:21.398848057 CET603983778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:21.399391890 CET604003778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:21.518923998 CET377860400195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:21.519043922 CET604003778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:21.519769907 CET604003778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:21.639204979 CET377860400195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:21.639364004 CET604003778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:21.758871078 CET377860400195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:22.657793045 CET377860400195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:22.657941103 CET604003778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:22.657942057 CET604003778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:22.658621073 CET604023778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:22.778107882 CET377860402195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:22.778219938 CET604023778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:22.779330015 CET604023778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:22.898833036 CET377860402195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:22.898929119 CET604023778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:23.018413067 CET377860402195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:23.916542053 CET377860402195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:23.916680098 CET604023778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:23.916681051 CET604023778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:23.917330027 CET604043778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:24.036757946 CET377860404195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:24.036870003 CET604043778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:24.037946939 CET604043778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:24.157386065 CET377860404195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:24.157624960 CET604043778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:24.277101040 CET377860404195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:34.045339108 CET604043778192.168.2.15195.26.252.19
                Dec 23, 2024 03:32:34.164943933 CET377860404195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:34.386775017 CET377860404195.26.252.19192.168.2.15
                Dec 23, 2024 03:32:34.387033939 CET604043778192.168.2.15195.26.252.19
                Dec 23, 2024 03:33:00.518687010 CET603503778192.168.2.15195.26.252.19
                Dec 23, 2024 03:33:00.638545990 CET377860350195.26.252.19192.168.2.15
                Dec 23, 2024 03:33:00.859024048 CET377860350195.26.252.19192.168.2.15
                Dec 23, 2024 03:33:00.859319925 CET603503778192.168.2.15195.26.252.19

                System Behavior

                General

                Start time (UTC):02:31:16
                Start date (UTC):23/12/2024
                Path:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
                Arguments:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
                File size:5388968 bytes
                MD5 hash:ae65271c943d3451b7f026d1fadccea6

                Chronological Activities


                General

                Start time (UTC):02:31:16
                Start date (UTC):23/12/2024
                Path:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
                Arguments:-
                File size:5388968 bytes
                MD5 hash:ae65271c943d3451b7f026d1fadccea6

                Chronological Activities


                General

                Start time (UTC):02:31:16
                Start date (UTC):23/12/2024
                Path:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
                Arguments:-
                File size:5388968 bytes
                MD5 hash:ae65271c943d3451b7f026d1fadccea6

                Chronological Activities


                General

                Start time (UTC):02:31:16
                Start date (UTC):23/12/2024
                Path:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
                Arguments:-
                File size:5388968 bytes
                MD5 hash:ae65271c943d3451b7f026d1fadccea6

                Chronological Activities


                General

                Start time (UTC):02:31:22
                Start date (UTC):23/12/2024
                Path:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
                Arguments:-
                File size:5388968 bytes
                MD5 hash:ae65271c943d3451b7f026d1fadccea6

                Chronological Activities


                General

                Start time (UTC):02:31:22
                Start date (UTC):23/12/2024
                Path:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
                Arguments:-
                File size:5388968 bytes
                MD5 hash:ae65271c943d3451b7f026d1fadccea6

                Chronological Activities