Windows
Analysis Report
W53oi1JYy4.exe
Overview
General Information
Sample name: | W53oi1JYy4.exerenamed because original name is a hash value |
Original sample name: | bc72d38b806610a77e37d8b57d1d3721.exe |
Analysis ID: | 1579677 |
MD5: | bc72d38b806610a77e37d8b57d1d3721 |
SHA1: | 606915c07e8412f31815aa8b259e8bae749fbabb |
SHA256: | d46b9f0e27763bcff64c54460f63324ce405602bdde61725ab33c560bc12708d |
Tags: | exeuser-abuse_ch |
Infos: | |
Detection
Score: | 22 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 40% |
Signatures
Classification
- System is w10x64
- W53oi1JYy4.exe (PID: 6872 cmdline:
"C:\Users\ user\Deskt op\W53oi1J Yy4.exe" MD5: BC72D38B806610A77E37D8B57D1D3721)
- cleanup
Click to jump to signature section
Source: | Static PE information: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | JA3 fingerprint: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Key opened: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Window found: | Jump to behavior |
Source: | Static file information: |
Source: | Static PE information: |
Malware Analysis System Evasion |
---|
Source: | User Timer Set: | Jump to behavior | ||
Source: | User Timer Set: | Jump to behavior | ||
Source: | User Timer Set: | Jump to behavior | ||
Source: | User Timer Set: | Jump to behavior | ||
Source: | User Timer Set: | Jump to behavior |
Source: | Thread injection, dropped files, key value created, disk infection and DNS query: |
Source: | Binary or memory string: |
Source: | Thread injection, dropped files, key value created, disk infection and DNS query: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 DLL Side-Loading | 1 DLL Side-Loading | 11 Virtualization/Sandbox Evasion | OS Credential Dumping | 1 Security Software Discovery | Remote Services | Data from Local System | 2 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 DLL Side-Loading | LSASS Memory | 11 Virtualization/Sandbox Evasion | Remote Desktop Protocol | Data from Removable Media | 1 Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | 1 System Information Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | Steganography | Automated Exfiltration | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
8% | ReversingLabs | Win32.Trojan.Generic | ||
2% | Virustotal | Browse |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|
IP |
---|
192.168.2.6 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1579677 |
Start date and time: | 2024-12-23 07:25:26 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 8s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 4 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | W53oi1JYy4.exerenamed because original name is a hash value |
Original Sample Name: | bc72d38b806610a77e37d8b57d1d3721.exe |
Detection: | SUS |
Classification: | sus22.evad.winEXE@1/0@0/1 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe
- Excluded IPs from analysis (whitelisted): 192.229.221.95, 199.232.210.172, 13.107.246.63, 4.245.163.56, 4.175.87.197
- Excluded domains from analysis (whitelisted): client.wns.windows.com, ocsp.digicert.com, otelrules.azureedge.net, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
3b5074b1b5d032e5620f69f9f700ff0e | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | LummaC, Amadey, Babadeda, LummaC Stealer, Stealc, Vidar | Browse |
| ||
Get hash | malicious | Divulge Stealer | Browse |
| ||
Get hash | malicious | Remcos, GuLoader | Browse |
| ||
Get hash | malicious | Babadeda | Browse |
| ||
Get hash | malicious | Babadeda | Browse |
| ||
Get hash | malicious | Babadeda | Browse |
| ||
Get hash | malicious | RHADAMANTHYS | Browse |
| ||
Get hash | malicious | RHADAMANTHYS | Browse |
|
File type: | |
Entropy (8bit): | 6.875634441758122 |
TrID: |
|
File name: | W53oi1JYy4.exe |
File size: | 2'764'288 bytes |
MD5: | bc72d38b806610a77e37d8b57d1d3721 |
SHA1: | 606915c07e8412f31815aa8b259e8bae749fbabb |
SHA256: | d46b9f0e27763bcff64c54460f63324ce405602bdde61725ab33c560bc12708d |
SHA512: | 47406f41816561ad37b3da9a29810213e261e74b0c5f33ba68989469ce0113bc4f8eaee4aba1ec0b89a7724de60982e5369ff899f8b74b0dad466ce81c5e504b |
SSDEEP: | 49152:5xj6d2mHXpwXX5Eb6vCz5zPDC+HAFjjdjjA/YiY0Y0Y0Y0YI:5xjC2yZspEb6o53C+HAFjjdjjA/YiY0z |
TLSH: | E7D55C72B38E8433D5370A749C5B73496877BF151B2892EA3FE0BD8D5E3A191741A2C2 |
File Content Preview: | MZP.....................@...............................................!..L.!..This program must be run under Win32..$7....................................................................................................................................... |
Icon Hash: | 8737656535170646 |
Entrypoint: | 0x5d8f68 |
Entrypoint Section: | CODE |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, BYTES_REVERSED_LO, 32BIT_MACHINE, BYTES_REVERSED_HI |
DLL Characteristics: | |
Time Stamp: | 0x2A425E19 [Fri Jun 19 22:22:17 1992 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | 0f7133b6b604bd6fc63d33541d2dcf73 |
Instruction |
---|
push ebp |
mov ebp, esp |
add esp, FFFFFFF0h |
push ebx |
mov eax, 005D8948h |
call 00007F7AD5126D18h |
mov ebx, dword ptr [005DC62Ch] |
mov eax, dword ptr [ebx] |
call 00007F7AD519581Bh |
mov ecx, dword ptr [005DC8ACh] |
mov eax, dword ptr [ebx] |
mov edx, dword ptr [005D44C0h] |
call 00007F7AD5195820h |
mov ecx, dword ptr [005DC920h] |
mov eax, dword ptr [ebx] |
mov edx, dword ptr [005D20B4h] |
call 00007F7AD519580Dh |
mov ecx, dword ptr [005DC57Ch] |
mov eax, dword ptr [ebx] |
mov edx, dword ptr [005D1B2Ch] |
call 00007F7AD51957FAh |
mov ecx, dword ptr [005DC474h] |
mov eax, dword ptr [ebx] |
mov edx, dword ptr [005D3E80h] |
call 00007F7AD51957E7h |
mov eax, dword ptr [ebx] |
call 00007F7AD5195860h |
pop ebx |
call 00007F7AD51243CEh |
nop |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add cl, byte ptr [ebp+00000040h] |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
xor dl, byte ptr [ebx] |
mov eax, eax |
add al, byte ptr [eax] |
mov eax, eax |
add byte ptr [ebp-72FFFFC0h], cl |
inc eax |
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x1df000 | 0x2b1e | .idata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x200000 | 0xa8c00 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x1e4000 | 0x1b4ac | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x1e3000 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
CODE | 0x1000 | 0x1d7fe0 | 0x1d8000 | 9a71acc266b99cfe90c10a919e634f43 | False | 0.4937382067664195 | data | 6.525145623509275 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
DATA | 0x1d9000 | 0x3a00 | 0x3a00 | f4ca7a1581e47d21ba678a9f368dbde7 | False | 0.45373114224137934 | data | 5.017493402763318 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
BSS | 0x1dd000 | 0x1359 | 0x0 | d41d8cd98f00b204e9800998ecf8427e | False | 0 | empty | 0.0 | IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.idata | 0x1df000 | 0x2b1e | 0x2c00 | b98765b9c7244adec02b853a8f6da231 | False | 0.35511363636363635 | data | 5.030069526694421 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.tls | 0x1e2000 | 0x10 | 0x0 | d41d8cd98f00b204e9800998ecf8427e | False | 0 | empty | 0.0 | IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rdata | 0x1e3000 | 0x18 | 0x200 | e5e7bd24da449c8b11f552f74fa94932 | False | 0.05078125 | MacBinary, Mon Feb 6 07:28:16 2040 INVALID date, modified Mon Feb 6 07:28:16 2040 "^" | 0.2069200177871819 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ |
.reloc | 0x1e4000 | 0x1b4ac | 0x1b600 | 1705651ca83eebd3e8c23e7fa3d66d9f | False | 0.4969766695205479 | data | 6.621589723666736 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ |
.rsrc | 0x200000 | 0xa8c00 | 0xa8c00 | b07a5c9ad0ae60add4919a08982af255 | False | 0.14668113425925927 | data | 6.677927085075923 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_SHARED, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_CURSOR | 0x2023e8 | 0x134 | Targa image data - Map 64 x 65536 x 1 +32 "\001" | 0.38636363636363635 | ||
RT_CURSOR | 0x20251c | 0x134 | Targa image data 64 x 65536 x 1 +32 "\001" | Russian | Russia | 0.29545454545454547 |
RT_CURSOR | 0x202650 | 0x134 | data | 0.4805194805194805 | ||
RT_CURSOR | 0x202784 | 0x134 | data | 0.38311688311688313 | ||
RT_CURSOR | 0x2028b8 | 0x134 | data | 0.36038961038961037 | ||
RT_CURSOR | 0x2029ec | 0x134 | data | 0.4090909090909091 | ||
RT_CURSOR | 0x202b20 | 0x134 | Targa image data - RGB 64 x 65536 x 1 +32 "\001" | 0.4967532467532468 | ||
RT_CURSOR | 0x202c54 | 0x134 | data | Arabic | Saudi Arabia | 0.2597402597402597 |
RT_CURSOR | 0x202d88 | 0x134 | Targa image data 64 x 65536 x 1 +32 "\001" | Russian | Russia | 0.2824675324675325 |
RT_CURSOR | 0x202ebc | 0x134 | data | Dutch | Netherlands | 0.38636363636363635 |
RT_CURSOR | 0x202ff0 | 0x134 | Targa image data 64 x 65536 x 1 +32 "\001" | Dutch | Netherlands | 0.30194805194805197 |
RT_CURSOR | 0x203124 | 0x134 | Targa image data - RLE 64 x 65536 x 1 +32 "\001" | Dutch | Netherlands | 0.275974025974026 |
RT_CURSOR | 0x203258 | 0x134 | data | 0.4642857142857143 | ||
RT_BITMAP | 0x20338c | 0x1d0 | Device independent bitmap graphic, 36 x 18 x 4, image size 360 | 0.43103448275862066 | ||
RT_BITMAP | 0x20355c | 0x1e4 | Device independent bitmap graphic, 36 x 19 x 4, image size 380 | 0.46487603305785125 | ||
RT_BITMAP | 0x203740 | 0x1d0 | Device independent bitmap graphic, 36 x 18 x 4, image size 360 | 0.43103448275862066 | ||
RT_BITMAP | 0x203910 | 0x1d0 | Device independent bitmap graphic, 36 x 18 x 4, image size 360 | 0.39870689655172414 | ||
RT_BITMAP | 0x203ae0 | 0x1d0 | Device independent bitmap graphic, 36 x 18 x 4, image size 360 | 0.4245689655172414 | ||
RT_BITMAP | 0x203cb0 | 0x1d0 | Device independent bitmap graphic, 36 x 18 x 4, image size 360 | 0.5021551724137931 | ||
RT_BITMAP | 0x203e80 | 0x1d0 | Device independent bitmap graphic, 36 x 18 x 4, image size 360 | 0.5064655172413793 | ||
RT_BITMAP | 0x204050 | 0x1d0 | Device independent bitmap graphic, 36 x 18 x 4, image size 360 | 0.39655172413793105 | ||
RT_BITMAP | 0x204220 | 0x1d0 | Device independent bitmap graphic, 36 x 18 x 4, image size 360 | 0.5344827586206896 | ||
RT_BITMAP | 0x2043f0 | 0x1d0 | Device independent bitmap graphic, 36 x 18 x 4, image size 360 | 0.39655172413793105 | ||
RT_BITMAP | 0x2045c0 | 0xc0 | Device independent bitmap graphic, 16 x 11 x 4, image size 88, 16 important colors | 0.5208333333333334 | ||
RT_BITMAP | 0x204680 | 0xe0 | Device independent bitmap graphic, 16 x 15 x 4, image size 120, 16 important colors | 0.42857142857142855 | ||
RT_BITMAP | 0x204760 | 0xe0 | Device independent bitmap graphic, 16 x 15 x 4, image size 120, 16 important colors | 0.4955357142857143 | ||
RT_BITMAP | 0x204840 | 0x5c | Device independent bitmap graphic, 6 x 11 x 1, image size 44 | 0.391304347826087 | ||
RT_BITMAP | 0x20489c | 0x5c | Device independent bitmap graphic, 6 x 11 x 1, image size 44 | 0.391304347826087 | ||
RT_BITMAP | 0x2048f8 | 0x5c | Device independent bitmap graphic, 6 x 11 x 1, image size 44 | 0.532608695652174 | ||
RT_BITMAP | 0x204954 | 0x5c | Device independent bitmap graphic, 6 x 11 x 1, image size 44 | 0.532608695652174 | ||
RT_BITMAP | 0x2049b0 | 0x94 | Device independent bitmap graphic, 6 x 11 x 4, image size 44 | Russian | Russia | 0.5 |
RT_BITMAP | 0x204a44 | 0x5c | Device independent bitmap graphic, 6 x 11 x 1, image size 44 | 0.4782608695652174 | ||
RT_BITMAP | 0x204aa0 | 0x5c | Device independent bitmap graphic, 6 x 11 x 1, image size 44 | 0.4782608695652174 | ||
RT_BITMAP | 0x204afc | 0x5c | Device independent bitmap graphic, 6 x 11 x 1, image size 44 | 0.5543478260869565 | ||
RT_BITMAP | 0x204b58 | 0x5c | Device independent bitmap graphic, 6 x 11 x 1, image size 44 | 0.5543478260869565 | ||
RT_BITMAP | 0x204bb4 | 0x5c | Device independent bitmap graphic, 6 x 11 x 1, image size 44 | 0.4673913043478261 | ||
RT_BITMAP | 0x204c10 | 0x5c | Device independent bitmap graphic, 6 x 11 x 1, image size 44 | 0.4673913043478261 | ||
RT_BITMAP | 0x204c6c | 0x138 | Device independent bitmap graphic, 28 x 13 x 4, image size 208 | 0.41025641025641024 | ||
RT_BITMAP | 0x204da4 | 0x138 | Device independent bitmap graphic, 28 x 13 x 4, image size 208 | 0.27564102564102566 | ||
RT_BITMAP | 0x204edc | 0x138 | Device independent bitmap graphic, 28 x 13 x 4, image size 208 | 0.3685897435897436 | ||
RT_BITMAP | 0x205014 | 0x138 | Device independent bitmap graphic, 28 x 13 x 4, image size 208 | 0.3685897435897436 | ||
RT_BITMAP | 0x20514c | 0x138 | Device independent bitmap graphic, 28 x 13 x 4, image size 208 | 0.34294871794871795 | ||
RT_BITMAP | 0x205284 | 0x138 | Device independent bitmap graphic, 28 x 13 x 4, image size 208 | 0.3717948717948718 | ||
RT_BITMAP | 0x2053bc | 0x104 | Device independent bitmap graphic, 20 x 13 x 4, image size 156 | 0.5038461538461538 | ||
RT_BITMAP | 0x2054c0 | 0x138 | Device independent bitmap graphic, 28 x 13 x 4, image size 208 | 0.4326923076923077 | ||
RT_BITMAP | 0x2055f8 | 0x104 | Device independent bitmap graphic, 20 x 13 x 4, image size 156 | 0.5153846153846153 | ||
RT_BITMAP | 0x2056fc | 0x138 | Device independent bitmap graphic, 28 x 13 x 4, image size 208 | 0.46474358974358976 | ||
RT_BITMAP | 0x205834 | 0xb0 | Device independent bitmap graphic, 10 x 9 x 4, image size 72 | Russian | Russia | 0.5056818181818182 |
RT_BITMAP | 0x2058e4 | 0xb0 | Device independent bitmap graphic, 10 x 9 x 4, image size 72 | Russian | Russia | 0.4943181818181818 |
RT_BITMAP | 0x205994 | 0xb0 | Device independent bitmap graphic, 10 x 9 x 4, image size 72 | Russian | Russia | 0.4375 |
RT_BITMAP | 0x205a44 | 0xe0 | Device independent bitmap graphic, 16 x 15 x 4, image size 120, 16 important colors | 0.38392857142857145 | ||
RT_BITMAP | 0x205b24 | 0xc0 | Device independent bitmap graphic, 16 x 11 x 4, image size 88, 16 important colors | 0.4947916666666667 | ||
RT_BITMAP | 0x205be4 | 0xc0 | Device independent bitmap graphic, 16 x 11 x 4, image size 88, 16 important colors | 0.484375 | ||
RT_BITMAP | 0x205ca4 | 0xe0 | Device independent bitmap graphic, 16 x 15 x 4, image size 120, 16 important colors | 0.42410714285714285 | ||
RT_BITMAP | 0x205d84 | 0xc0 | Device independent bitmap graphic, 16 x 11 x 4, image size 88, 16 important colors | 0.5104166666666666 | ||
RT_BITMAP | 0x205e44 | 0xe0 | Device independent bitmap graphic, 16 x 15 x 4, image size 120, 16 important colors | 0.5 | ||
RT_BITMAP | 0x205f24 | 0xe8 | Device independent bitmap graphic, 16 x 16 x 4, image size 128 | 0.4870689655172414 | ||
RT_BITMAP | 0x20600c | 0xc0 | Device independent bitmap graphic, 16 x 11 x 4, image size 88, 16 important colors | 0.4895833333333333 | ||
RT_BITMAP | 0x2060cc | 0xd0 | Device independent bitmap graphic, 12 x 13 x 4, image size 104 | 0.5625 | ||
RT_BITMAP | 0x20619c | 0xd0 | Device independent bitmap graphic, 12 x 13 x 4, image size 104 | 0.4855769230769231 | ||
RT_BITMAP | 0x20626c | 0xd0 | Device independent bitmap graphic, 12 x 13 x 4, image size 104 | 0.4326923076923077 | ||
RT_BITMAP | 0x20633c | 0xd0 | Device independent bitmap graphic, 12 x 13 x 4, image size 104 | 0.5576923076923077 | ||
RT_BITMAP | 0x20640c | 0xd0 | Device independent bitmap graphic, 12 x 13 x 4, image size 104 | 0.4807692307692308 | ||
RT_BITMAP | 0x2064dc | 0xd0 | Device independent bitmap graphic, 12 x 13 x 4, image size 104 | 0.5625 | ||
RT_BITMAP | 0x2065ac | 0x188 | Device independent bitmap graphic, 24 x 24 x 4, image size 288 | English | Canada | 0.34183673469387754 |
RT_BITMAP | 0x206734 | 0x88 | Device independent bitmap graphic, 16 x 4 x 4, image size 32 | English | United States | 0.4852941176470588 |
RT_BITMAP | 0x2067bc | 0xa8 | Device independent bitmap graphic, 4 x 16 x 4, image size 64 | English | United States | 0.40476190476190477 |
RT_BITMAP | 0x206864 | 0x450 | Device independent bitmap graphic, 5 x 5 x 8, image size 40 | Dutch | Netherlands | 0.32608695652173914 |
RT_BITMAP | 0x206cb4 | 0x450 | Device independent bitmap graphic, 7 x 5 x 8, image size 40 | Dutch | Netherlands | 0.322463768115942 |
RT_BITMAP | 0x207104 | 0x4ac | Device independent bitmap graphic, 11 x 11 x 8, image size 132 | Dutch | Netherlands | 0.41555183946488294 |
RT_BITMAP | 0x2075b0 | 0x480 | Device independent bitmap graphic, 6 x 11 x 8, image size 88 | Dutch | Netherlands | 0.3559027777777778 |
RT_BITMAP | 0x207a30 | 0x4ac | Device independent bitmap graphic, 9 x 11 x 8, image size 132 | Dutch | Netherlands | 0.41638795986622074 |
RT_BITMAP | 0x207edc | 0x4c4 | Device independent bitmap graphic, 12 x 13 x 8, image size 156 | Dutch | Netherlands | 0.4024590163934426 |
RT_BITMAP | 0x2083a0 | 0x4c4 | Device independent bitmap graphic, 12 x 13 x 8, image size 156 | Dutch | Netherlands | 0.40491803278688526 |
RT_BITMAP | 0x208864 | 0x4c4 | Device independent bitmap graphic, 12 x 13 x 8, image size 156 | Dutch | Netherlands | 0.40491803278688526 |
RT_BITMAP | 0x208d28 | 0x448 | Device independent bitmap graphic, 7 x 4 x 8, image size 32 | Dutch | Netherlands | 0.43156934306569344 |
RT_BITMAP | 0x209170 | 0x444 | Device independent bitmap graphic, 4 x 7 x 8, image size 28 | Dutch | Netherlands | 0.4358974358974359 |
RT_BITMAP | 0x2095b4 | 0x444 | Device independent bitmap graphic, 4 x 7 x 8, image size 28 | Dutch | Netherlands | 0.43223443223443225 |
RT_BITMAP | 0x2099f8 | 0x448 | Device independent bitmap graphic, 7 x 4 x 8, image size 32 | Dutch | Netherlands | 0.43156934306569344 |
RT_BITMAP | 0x209e40 | 0x188 | Device independent bitmap graphic, 24 x 24 x 4, image size 288 | English | United States | 0.3137755102040816 |
RT_BITMAP | 0x209fc8 | 0x188 | Device independent bitmap graphic, 24 x 24 x 4, image size 288 | Dutch | Netherlands | 0.413265306122449 |
RT_BITMAP | 0x20a150 | 0x188 | Device independent bitmap graphic, 24 x 24 x 4, image size 288 | English | United States | 0.25510204081632654 |
RT_BITMAP | 0x20a2d8 | 0xe0 | Device independent bitmap graphic, 16 x 15 x 4, image size 120, 16 important colors | 0.3794642857142857 | ||
RT_BITMAP | 0x20a3b8 | 0xb0 | Device independent bitmap graphic, 64 x 16 x 1, image size 128 | English | United States | 0.5113636363636364 |
RT_ICON | 0x20a468 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 512 | Chinese | China | 0.42338709677419356 |
RT_DIALOG | 0x20a750 | 0x52 | data | 0.7682926829268293 | ||
RT_STRING | 0x20a7a4 | 0x338 | data | 0.38228155339805825 | ||
RT_STRING | 0x20aadc | 0x428 | data | 0.37406015037593987 | ||
RT_STRING | 0x20af04 | 0x36c | data | 0.3904109589041096 | ||
RT_STRING | 0x20b270 | 0x3b0 | data | 0.3252118644067797 | ||
RT_STRING | 0x20b620 | 0x2d4 | data | 0.44613259668508287 | ||
RT_STRING | 0x20b8f4 | 0x364 | data | 0.42972350230414746 | ||
RT_STRING | 0x20bc58 | 0x470 | data | 0.4110915492957746 | ||
RT_STRING | 0x20c0c8 | 0x3d8 | data | 0.36890243902439024 | ||
RT_STRING | 0x20c4a0 | 0xac | data | 0.7093023255813954 | ||
RT_STRING | 0x20c54c | 0x354 | data | 0.4706572769953052 | ||
RT_STRING | 0x20c8a0 | 0x3a8 | data | 0.4027777777777778 | ||
RT_STRING | 0x20cc48 | 0x35c | data | 0.4046511627906977 | ||
RT_STRING | 0x20cfa4 | 0x40c | data | 0.3996138996138996 | ||
RT_STRING | 0x20d3b0 | 0x480 | data | 0.3385416666666667 | ||
RT_STRING | 0x20d830 | 0x4c0 | data | 0.3363486842105263 | ||
RT_STRING | 0x20dcf0 | 0x570 | data | 0.27011494252873564 | ||
RT_STRING | 0x20e260 | 0x3e4 | data | 0.35240963855421686 | ||
RT_STRING | 0x20e644 | 0x2d4 | AmigaOS bitmap font "n", fc_YSize 8192, 18688 elements, 2nd "e", 3rd "u" | 0.44751381215469616 | ||
RT_STRING | 0x20e918 | 0x200 | data | 0.361328125 | ||
RT_STRING | 0x20eb18 | 0xf8 | data | 0.592741935483871 | ||
RT_STRING | 0x20ec10 | 0x374 | data | 0.4309954751131222 | ||
RT_STRING | 0x20ef84 | 0x144 | data | 0.5339506172839507 | ||
RT_STRING | 0x20f0c8 | 0xe8 | data | 0.5991379310344828 | ||
RT_STRING | 0x20f1b0 | 0x2e0 | data | 0.4116847826086957 | ||
RT_STRING | 0x20f490 | 0x268 | data | 0.4788961038961039 | ||
RT_STRING | 0x20f6f8 | 0x410 | data | 0.3721153846153846 | ||
RT_STRING | 0x20fb08 | 0x384 | data | 0.4111111111111111 | ||
RT_STRING | 0x20fe8c | 0x380 | data | 0.3314732142857143 | ||
RT_STRING | 0x21020c | 0x454 | data | 0.3601083032490975 | ||
RT_STRING | 0x210660 | 0x1b0 | data | 0.4675925925925926 | ||
RT_STRING | 0x210810 | 0xec | data | 0.5508474576271186 | ||
RT_STRING | 0x2108fc | 0x20c | data | 0.5 | ||
RT_STRING | 0x210b08 | 0x454 | data | 0.3231046931407942 | ||
RT_STRING | 0x210f5c | 0x3d0 | data | 0.36168032786885246 | ||
RT_STRING | 0x21132c | 0x2fc | data | 0.36649214659685864 | ||
RT_STRING | 0x211628 | 0x354 | data | 0.318075117370892 | ||
RT_RCDATA | 0x21197c | 0x10 | data | 1.5 | ||
RT_RCDATA | 0x21198c | 0x908 | data | 0.6007785467128027 | ||
RT_RCDATA | 0x212294 | 0x1772 | Delphi compiled form 'TCalculatorEh' | 0.12812395868043985 | ||
RT_RCDATA | 0x213a08 | 0x971 | Delphi compiled form 'TDBGridEhFindDlg' | 0.4666942490690939 | ||
RT_RCDATA | 0x21437c | 0xf936 | Delphi compiled form 'TForm1' | 0.5516160381203172 | ||
RT_RCDATA | 0x223cb4 | 0x8a42 | Delphi compiled form 'TForm2' | 0.814855625247217 | ||
RT_RCDATA | 0x22c6f8 | 0x7ecf | Delphi compiled form 'TForm3' | 0.8668022055879001 | ||
RT_RCDATA | 0x2345c8 | 0x226 | Delphi compiled form 'TformShowSet' | 0.6290909090909091 | ||
RT_RCDATA | 0x2347f0 | 0x73660 | Delphi compiled form 'TFTemplate' | 0.03429862568546476 | ||
RT_RCDATA | 0x2a7e50 | 0x494 | Delphi compiled form 'TLoginDialog' | 0.4931740614334471 | ||
RT_RCDATA | 0x2a82e4 | 0x3c4 | Delphi compiled form 'TPasswordDialog' | 0.4678423236514523 | ||
RT_GROUP_CURSOR | 0x2a86a8 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Russian | Russia | 1.25 |
RT_GROUP_CURSOR | 0x2a86bc | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Arabic | Saudi Arabia | 1.3 |
RT_GROUP_CURSOR | 0x2a86d0 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Russian | Russia | 1.3 |
RT_GROUP_CURSOR | 0x2a86e4 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Dutch | Netherlands | 1.3 |
RT_GROUP_CURSOR | 0x2a86f8 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Dutch | Netherlands | 1.3 |
RT_GROUP_CURSOR | 0x2a870c | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | Dutch | Netherlands | 1.3 |
RT_GROUP_CURSOR | 0x2a8720 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | 1.25 | ||
RT_GROUP_CURSOR | 0x2a8734 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | 1.3 | ||
RT_GROUP_CURSOR | 0x2a8748 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | 1.3 | ||
RT_GROUP_CURSOR | 0x2a875c | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | 1.3 | ||
RT_GROUP_CURSOR | 0x2a8770 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | 1.3 | ||
RT_GROUP_CURSOR | 0x2a8784 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | 1.3 | ||
RT_GROUP_CURSOR | 0x2a8798 | 0x14 | Lotus unknown worksheet or configuration, revision 0x1 | 1.3 | ||
RT_GROUP_ICON | 0x2a87ac | 0x14 | data | Chinese | China | 1.2 |
RT_VERSION | 0x2a87c0 | 0x274 | data | Chinese | China | 0.46496815286624205 |
DLL | Import |
---|---|
kernel32.dll | DeleteCriticalSection, LeaveCriticalSection, EnterCriticalSection, InitializeCriticalSection, VirtualFree, VirtualAlloc, LocalFree, LocalAlloc, GetVersion, GetCurrentThreadId, InterlockedDecrement, InterlockedIncrement, VirtualQuery, WideCharToMultiByte, MultiByteToWideChar, lstrlenA, lstrcpynA, LoadLibraryExA, GetThreadLocale, GetStartupInfoA, GetProcAddress, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetCommandLineA, FreeLibrary, FindFirstFileA, FindClose, ExitProcess, ExitThread, CreateThread, WriteFile, UnhandledExceptionFilter, RtlUnwind, RaiseException, GetStdHandle |
user32.dll | GetKeyboardType, LoadStringA, MessageBoxA, CharNextA |
advapi32.dll | RegQueryValueExA, RegOpenKeyExA, RegCloseKey |
oleaut32.dll | SysFreeString, SysReAllocStringLen, SysAllocStringLen |
kernel32.dll | TlsSetValue, TlsGetValue, LocalAlloc, GetModuleHandleA |
advapi32.dll | RegSetValueExA, RegQueryValueExA, RegQueryValueA, RegOpenKeyExA, RegFlushKey, RegCreateKeyExA, RegCloseKey |
kernel32.dll | lstrcpyA, WritePrivateProfileStringA, WriteFile, WaitForSingleObject, VirtualQuery, VirtualAlloc, Sleep, SizeofResource, SetThreadLocale, SetFilePointer, SetEvent, SetErrorMode, SetEndOfFile, ResumeThread, ResetEvent, ReleaseMutex, ReadFile, MultiByteToWideChar, MulDiv, LockResource, LoadResource, LoadLibraryA, LeaveCriticalSection, IsBadReadPtr, InitializeCriticalSection, GlobalUnlock, GlobalSize, GlobalReAlloc, GlobalHandle, GlobalLock, GlobalFree, GlobalFindAtomA, GlobalDeleteAtom, GlobalAlloc, GlobalAddAtomA, GetVersionExA, GetVersion, GetTimeZoneInformation, GetTickCount, GetThreadLocale, GetTempPathA, GetSystemInfo, GetStringTypeExA, GetStdHandle, GetProcAddress, GetPrivateProfileStringA, GetModuleHandleA, GetModuleFileNameA, GetLocaleInfoA, GetLocalTime, GetLastError, GetFullPathNameA, GetFileSize, GetExitCodeThread, GetDiskFreeSpaceA, GetDateFormatA, GetCurrentThreadId, GetCurrentProcessId, GetCPInfo, GetACP, FreeResource, InterlockedIncrement, InterlockedExchange, InterlockedDecrement, FreeLibrary, FormatMessageA, FindResourceA, FindFirstFileA, FindClose, FileTimeToLocalFileTime, FileTimeToDosDateTime, EnumCalendarInfoA, EnterCriticalSection, DeleteCriticalSection, CreateThread, CreateMutexA, CreateFileA, CreateEventA, CompareStringA, CloseHandle |
version.dll | VerQueryValueA, GetFileVersionInfoSizeA, GetFileVersionInfoA |
gdi32.dll | UnrealizeObject, StretchBlt, SetWindowOrgEx, SetWindowExtEx, SetWinMetaFileBits, SetViewportOrgEx, SetViewportExtEx, SetTextColor, SetStretchBltMode, SetROP2, SetPixel, SetMapMode, SetEnhMetaFileBits, SetDIBColorTable, SetBrushOrgEx, SetBkMode, SetBkColor, SelectPalette, SelectObject, SelectClipRgn, SaveDC, RoundRect, RestoreDC, Rectangle, RectVisible, RealizePalette, Polyline, Polygon, PolyPolyline, PlayEnhMetaFile, PatBlt, MoveToEx, MaskBlt, LineTo, LPtoDP, IntersectClipRect, GetWindowOrgEx, GetWinMetaFileBits, GetViewportOrgEx, GetTextMetricsA, GetTextExtentPointA, GetTextExtentPoint32A, GetSystemPaletteEntries, GetStockObject, GetPixel, GetPaletteEntries, GetOutlineTextMetricsA, GetObjectA, GetNearestColor, GetEnhMetaFilePaletteEntries, GetEnhMetaFileHeader, GetEnhMetaFileBits, GetDeviceCaps, GetDIBits, GetDIBColorTable, GetDCOrgEx, GetCurrentPositionEx, GetCurrentObject, GetClipRgn, GetClipBox, GetBrushOrgEx, GetBitmapBits, GdiFlush, ExtTextOutA, ExtSelectClipRgn, ExtCreateRegion, ExtCreatePen, ExcludeClipRect, Ellipse, DeleteObject, DeleteEnhMetaFile, DeleteDC, CreateSolidBrush, CreateRectRgn, CreatePolygonRgn, CreatePenIndirect, CreatePen, CreatePalette, CreateHalftonePalette, CreateFontIndirectA, CreateDIBitmap, CreateDIBSection, CreateCompatibleDC, CreateCompatibleBitmap, CreateBrushIndirect, CreateBitmap, CopyEnhMetaFileA, CombineRgn, BitBlt |
user32.dll | CreateWindowExA, WindowFromPoint, WinHelpA, WaitMessage, ValidateRect, UpdateWindow, UnregisterClassA, UnionRect, UnhookWindowsHookEx, TranslateMessage, TranslateMDISysAccel, TrackPopupMenu, SystemParametersInfoA, ShowWindow, ShowScrollBar, ShowOwnedPopups, ShowCursor, ShowCaret, SetWindowRgn, SetWindowsHookExA, SetWindowTextA, SetWindowPos, SetWindowPlacement, SetWindowLongW, SetWindowLongA, SetTimer, SetScrollRange, SetScrollPos, SetScrollInfo, SetRect, SetPropA, SetParent, SetMenuItemInfoA, SetMenu, SetKeyboardState, SetForegroundWindow, SetFocus, SetCursor, SetClipboardData, SetClassLongA, SetCaretPos, SetCapture, SetActiveWindow, SendMessageA, ScrollWindowEx, ScrollWindow, ScreenToClient, RemovePropA, RemoveMenu, ReleaseDC, ReleaseCapture, RegisterWindowMessageA, RegisterClipboardFormatA, RegisterClassA, RedrawWindow, PtInRect, PostQuitMessage, PostMessageA, PeekMessageA, OpenClipboard, OffsetRect, OemToCharA, MsgWaitForMultipleObjects, MoveWindow, MessageBoxA, MessageBeep, MapWindowPoints, MapVirtualKeyA, LoadStringA, LoadKeyboardLayoutA, LoadIconA, LoadCursorA, LoadBitmapA, KillTimer, IsZoomed, IsWindowVisible, IsWindowUnicode, IsWindowEnabled, IsWindow, IsRectEmpty, IsIconic, IsDialogMessageA, IsClipboardFormatAvailable, IsChild, IsCharAlphaNumericA, IsCharAlphaA, InvalidateRect, IntersectRect, InsertMenuItemA, InsertMenuA, InflateRect, HideCaret, GetWindowThreadProcessId, GetWindowTextLengthW, GetWindowTextW, GetWindowTextA, GetWindowRect, GetWindowPlacement, GetWindowLongW, GetWindowLongA, GetWindowDC, GetTopWindow, GetSystemMetrics, GetSystemMenu, GetSysColorBrush, GetSysColor, GetSubMenu, GetScrollRange, GetScrollPos, GetScrollInfo, GetPropA, GetParent, GetWindow, GetMessageTime, GetMenuStringA, GetMenuState, GetMenuItemInfoA, GetMenuItemID, GetMenuItemCount, GetMenu, GetLastActivePopup, GetKeyboardState, GetKeyboardLayoutList, GetKeyboardLayout, GetKeyState, GetKeyNameTextA, GetIconInfo, GetForegroundWindow, GetFocus, GetDoubleClickTime, GetDlgItem, GetDlgCtrlID, GetDesktopWindow, GetDCEx, GetDC, GetCursorPos, GetCursor, GetClipboardData, GetClientRect, GetClassNameA, GetClassInfoA, GetCaretPos, GetCapture, GetActiveWindow, FrameRect, FindWindowExA, FindWindowA, FillRect, EqualRect, EnumWindows, EnumThreadWindows, EnumClipboardFormats, EndPaint, EnableWindow, EnableScrollBar, EnableMenuItem, EmptyClipboard, DrawTextExA, DrawTextW, DrawTextA, DrawMenuBar, DrawIconEx, DrawIcon, DrawFrameControl, DrawFocusRect, DrawEdge, DispatchMessageA, DestroyWindow, DestroyMenu, DestroyIcon, DestroyCursor, DestroyCaret, DeleteMenu, DefWindowProcA, DefMDIChildProcA, DefFrameProcA, CreatePopupMenu, CreateMenu, CreateIcon, CreateCaret, CopyImage, CloseClipboard, ClientToScreen, CheckMenuItem, CallWindowProcA, CallNextHookEx, BeginPaint, CharNextA, CharLowerBuffA, CharLowerA, CharUpperBuffA, CharToOemA, AdjustWindowRectEx, ActivateKeyboardLayout |
ole32.dll | CoTaskMemFree, StringFromCLSID |
kernel32.dll | Sleep |
oleaut32.dll | SafeArrayPtrOfIndex, SafeArrayPutElement, SafeArrayGetElement, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayGetUBound, SafeArrayGetLBound, SafeArrayRedim, SafeArrayCreate, VariantChangeType, VariantCopyInd, VariantCopy, VariantClear, VariantInit |
ole32.dll | CoCreateInstance, CoGetMalloc, CoUninitialize, CoInitialize, IsEqualGUID |
oleaut32.dll | CreateErrorInfo, GetErrorInfo, SetErrorInfo, SafeArrayCopy, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayGetUBound, SafeArrayDestroy, SafeArrayCreate, SysFreeString |
comctl32.dll | ImageList_SetIconSize, ImageList_GetIconSize, ImageList_Write, ImageList_Read, ImageList_GetDragImage, ImageList_DragShowNolock, ImageList_SetDragCursorImage, ImageList_DragMove, ImageList_DragLeave, ImageList_DragEnter, ImageList_EndDrag, ImageList_BeginDrag, ImageList_LoadImageA, ImageList_Remove, ImageList_DrawEx, ImageList_Replace, ImageList_Draw, ImageList_GetBkColor, ImageList_SetBkColor, ImageList_ReplaceIcon, ImageList_Add, ImageList_GetImageCount, ImageList_Destroy, ImageList_Create, InitCommonControls |
comdlg32.dll | GetSaveFileNameA, GetOpenFileNameA |
kernel32.dll | MulDiv |
kernel32.dll | MulDiv |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
Russian | Russia | |
Arabic | Saudi Arabia | |
Dutch | Netherlands | |
English | Canada | |
English | United States | |
Chinese | China |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Dec 23, 2024 07:26:14.818877935 CET | 443 | 49705 | 20.190.147.6 | 192.168.2.6 |
Dec 23, 2024 07:26:14.818906069 CET | 443 | 49705 | 20.190.147.6 | 192.168.2.6 |
Dec 23, 2024 07:26:14.818922997 CET | 443 | 49705 | 20.190.147.6 | 192.168.2.6 |
Dec 23, 2024 07:26:14.819025993 CET | 49705 | 443 | 192.168.2.6 | 20.190.147.6 |
Dec 23, 2024 07:26:14.819117069 CET | 443 | 49705 | 20.190.147.6 | 192.168.2.6 |
Dec 23, 2024 07:26:14.819171906 CET | 49705 | 443 | 192.168.2.6 | 20.190.147.6 |
Dec 23, 2024 07:26:14.819180012 CET | 443 | 49705 | 20.190.147.6 | 192.168.2.6 |
Dec 23, 2024 07:26:14.819197893 CET | 443 | 49705 | 20.190.147.6 | 192.168.2.6 |
Dec 23, 2024 07:26:14.819240093 CET | 49705 | 443 | 192.168.2.6 | 20.190.147.6 |
Dec 23, 2024 07:26:14.827193022 CET | 443 | 49705 | 20.190.147.6 | 192.168.2.6 |
Dec 23, 2024 07:26:14.827250957 CET | 443 | 49705 | 20.190.147.6 | 192.168.2.6 |
Dec 23, 2024 07:26:14.827353001 CET | 49705 | 443 | 192.168.2.6 | 20.190.147.6 |
Dec 23, 2024 07:26:14.835895061 CET | 443 | 49705 | 20.190.147.6 | 192.168.2.6 |
Dec 23, 2024 07:26:14.835923910 CET | 443 | 49705 | 20.190.147.6 | 192.168.2.6 |
Dec 23, 2024 07:26:14.836007118 CET | 49705 | 443 | 192.168.2.6 | 20.190.147.6 |
Dec 23, 2024 07:26:15.615134954 CET | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
Dec 23, 2024 07:26:15.615145922 CET | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
Dec 23, 2024 07:26:15.943276882 CET | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
Dec 23, 2024 07:26:15.974714041 CET | 443 | 49706 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:15.974948883 CET | 49706 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:15.979125023 CET | 49706 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:15.979156017 CET | 443 | 49706 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:15.979438066 CET | 443 | 49706 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:15.980603933 CET | 49706 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:15.980664968 CET | 49706 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:15.980678082 CET | 443 | 49706 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:15.980768919 CET | 49706 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:16.023344040 CET | 443 | 49706 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:16.522455931 CET | 443 | 49706 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:16.522701979 CET | 443 | 49706 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:16.522849083 CET | 49706 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:16.523145914 CET | 49706 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:16.523196936 CET | 443 | 49706 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:23.320451975 CET | 49708 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:23.320514917 CET | 443 | 49708 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:23.320620060 CET | 49708 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:23.321335077 CET | 49708 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:23.321361065 CET | 443 | 49708 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:25.224492073 CET | 49674 | 443 | 192.168.2.6 | 173.222.162.64 |
Dec 23, 2024 07:26:25.229804993 CET | 49673 | 443 | 192.168.2.6 | 173.222.162.64 |
Dec 23, 2024 07:26:25.539844036 CET | 443 | 49708 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:25.539953947 CET | 49708 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:25.544523954 CET | 49708 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:25.544548035 CET | 443 | 49708 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:25.545325994 CET | 443 | 49708 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:25.547848940 CET | 49708 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:25.547904015 CET | 49708 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:25.547909975 CET | 443 | 49708 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:25.548676968 CET | 49708 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:25.552568913 CET | 49672 | 443 | 192.168.2.6 | 173.222.162.64 |
Dec 23, 2024 07:26:25.595330954 CET | 443 | 49708 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:25.838689089 CET | 49709 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:25.838747978 CET | 443 | 49709 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:25.838819981 CET | 49709 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:25.839610100 CET | 49709 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:25.839622021 CET | 443 | 49709 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:26.090221882 CET | 443 | 49708 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:26.090302944 CET | 443 | 49708 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:26.090368032 CET | 49708 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:26.090533972 CET | 49708 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:26.090563059 CET | 443 | 49708 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:27.944075108 CET | 443 | 49702 | 173.222.162.64 | 192.168.2.6 |
Dec 23, 2024 07:26:27.944209099 CET | 49702 | 443 | 192.168.2.6 | 173.222.162.64 |
Dec 23, 2024 07:26:28.051392078 CET | 443 | 49709 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:28.051462889 CET | 49709 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:28.054199934 CET | 49709 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:28.054203987 CET | 443 | 49709 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:28.054430962 CET | 443 | 49709 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:28.056338072 CET | 49709 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:28.056382895 CET | 49709 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:28.056387901 CET | 443 | 49709 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:28.056667089 CET | 49709 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:28.103332043 CET | 443 | 49709 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:28.599025965 CET | 443 | 49709 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:28.599145889 CET | 443 | 49709 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:28.599199057 CET | 49709 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:28.599262953 CET | 49709 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:28.599280119 CET | 443 | 49709 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:34.966873884 CET | 49721 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:34.966916084 CET | 443 | 49721 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:34.967039108 CET | 49721 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:34.967643023 CET | 49721 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:34.967653990 CET | 443 | 49721 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:37.176151037 CET | 443 | 49721 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:37.176244020 CET | 49721 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:37.179178953 CET | 49721 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:37.179218054 CET | 443 | 49721 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:37.179462910 CET | 443 | 49721 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:37.182084084 CET | 49721 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:37.182084084 CET | 49721 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:37.182084084 CET | 49721 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:37.182105064 CET | 443 | 49721 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:37.227329969 CET | 443 | 49721 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:37.843183041 CET | 443 | 49721 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:37.843308926 CET | 443 | 49721 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:37.843487024 CET | 49721 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:37.843714952 CET | 49721 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:37.843732119 CET | 443 | 49721 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:38.807661057 CET | 49734 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:38.807686090 CET | 443 | 49734 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:38.807765961 CET | 49734 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:38.808398008 CET | 49734 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:38.808410883 CET | 443 | 49734 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:41.134567022 CET | 443 | 49734 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:41.134805918 CET | 49734 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:41.136981964 CET | 49734 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:41.136990070 CET | 443 | 49734 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:41.137218952 CET | 443 | 49734 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:41.140163898 CET | 49734 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:41.140234947 CET | 49734 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:41.140239954 CET | 443 | 49734 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:41.140361071 CET | 49734 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:41.183374882 CET | 443 | 49734 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:41.802609921 CET | 443 | 49734 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:41.802916050 CET | 443 | 49734 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:41.803065062 CET | 49734 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:41.803601980 CET | 49734 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:41.803618908 CET | 443 | 49734 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:46.842108011 CET | 49751 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:46.842225075 CET | 443 | 49751 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:46.842345953 CET | 49751 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:46.842922926 CET | 49751 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:46.842957973 CET | 443 | 49751 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:49.056360960 CET | 443 | 49751 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:49.056456089 CET | 49751 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:49.059717894 CET | 49751 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:49.059727907 CET | 443 | 49751 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:49.060482979 CET | 443 | 49751 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:49.062479973 CET | 49751 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:49.062541008 CET | 49751 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:49.062546015 CET | 443 | 49751 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:49.062654018 CET | 49751 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:49.107331038 CET | 443 | 49751 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:49.723277092 CET | 443 | 49751 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:49.723386049 CET | 443 | 49751 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:49.723525047 CET | 49751 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:49.723649025 CET | 49751 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:49.723671913 CET | 443 | 49751 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:55.682406902 CET | 49772 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:55.682454109 CET | 443 | 49772 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:55.682538986 CET | 49772 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:55.683165073 CET | 49772 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:55.683180094 CET | 443 | 49772 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:57.894324064 CET | 443 | 49772 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:57.894525051 CET | 49772 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:57.976377964 CET | 49772 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:57.976401091 CET | 443 | 49772 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:57.976689100 CET | 443 | 49772 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:58.003110886 CET | 49772 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:58.008634090 CET | 49772 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:58.008656025 CET | 443 | 49772 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:58.008908987 CET | 49772 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:58.051337957 CET | 443 | 49772 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:58.568648100 CET | 443 | 49772 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:58.568734884 CET | 443 | 49772 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:26:58.568835974 CET | 49772 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:58.569065094 CET | 49772 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:26:58.569091082 CET | 443 | 49772 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:00.747575045 CET | 49788 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:00.747643948 CET | 443 | 49788 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:00.747726917 CET | 49788 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:00.748420000 CET | 49788 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:00.748437881 CET | 443 | 49788 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:03.031840086 CET | 443 | 49788 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:03.031953096 CET | 49788 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:03.033803940 CET | 49788 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:03.033812046 CET | 443 | 49788 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:03.034698963 CET | 443 | 49788 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:03.036655903 CET | 49788 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:03.036715984 CET | 49788 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:03.036720037 CET | 443 | 49788 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:03.036833048 CET | 49788 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:03.083329916 CET | 443 | 49788 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:03.584243059 CET | 443 | 49788 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:03.584440947 CET | 443 | 49788 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:03.584506035 CET | 49788 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:03.584620953 CET | 49788 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:03.584639072 CET | 443 | 49788 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:13.727741957 CET | 49812 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:13.727791071 CET | 443 | 49812 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:13.727900982 CET | 49812 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:13.728486061 CET | 49812 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:13.728501081 CET | 443 | 49812 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:16.013345003 CET | 443 | 49812 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:16.013417006 CET | 49812 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:16.015255928 CET | 49812 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:16.015275002 CET | 443 | 49812 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:16.015508890 CET | 443 | 49812 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:16.016773939 CET | 49812 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:16.016835928 CET | 49812 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:16.016843081 CET | 443 | 49812 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:16.017019033 CET | 49812 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:16.059330940 CET | 443 | 49812 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:16.823497057 CET | 443 | 49812 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:16.824332952 CET | 443 | 49812 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:16.824424982 CET | 49812 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:16.824673891 CET | 49812 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:16.824697018 CET | 443 | 49812 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:16.824707031 CET | 49812 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:20.482501984 CET | 49833 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:20.482547998 CET | 443 | 49833 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:20.482654095 CET | 49833 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:20.483289003 CET | 49833 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:20.483299971 CET | 443 | 49833 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:22.717605114 CET | 443 | 49833 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:22.717730045 CET | 49833 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:22.719532967 CET | 49833 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:22.719548941 CET | 443 | 49833 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:22.719772100 CET | 443 | 49833 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:22.721415997 CET | 49833 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:22.721471071 CET | 49833 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:22.721478939 CET | 443 | 49833 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:22.721602917 CET | 49833 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:22.763339996 CET | 443 | 49833 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:23.384700060 CET | 443 | 49833 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:23.385210991 CET | 443 | 49833 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:23.385281086 CET | 49833 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:23.395558119 CET | 49833 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:23.395600080 CET | 443 | 49833 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:41.088465929 CET | 49878 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:41.088515043 CET | 443 | 49878 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:41.088732004 CET | 49878 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:41.089395046 CET | 49878 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:41.089405060 CET | 443 | 49878 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:43.310056925 CET | 443 | 49878 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:43.310156107 CET | 49878 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:43.312129021 CET | 49878 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:43.312143087 CET | 443 | 49878 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:43.313030958 CET | 443 | 49878 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:43.314239025 CET | 49878 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:43.314305067 CET | 49878 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:43.314312935 CET | 443 | 49878 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:43.314414978 CET | 49878 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:43.359337091 CET | 443 | 49878 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:43.890595913 CET | 443 | 49878 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:43.890813112 CET | 443 | 49878 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:43.890974045 CET | 49878 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:43.891669989 CET | 49878 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:43.891700983 CET | 443 | 49878 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:46.076682091 CET | 49891 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:46.076744080 CET | 443 | 49891 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:46.076824903 CET | 49891 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:46.077487946 CET | 49891 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:46.077511072 CET | 443 | 49891 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:48.339371920 CET | 443 | 49891 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:48.339481115 CET | 49891 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:48.358248949 CET | 49891 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:48.358284950 CET | 443 | 49891 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:48.359380007 CET | 443 | 49891 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:48.364063025 CET | 49891 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:48.364171028 CET | 49891 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:48.364178896 CET | 443 | 49891 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:48.364289999 CET | 49891 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:48.411338091 CET | 443 | 49891 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:49.043695927 CET | 443 | 49891 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:49.043868065 CET | 443 | 49891 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:49.043967009 CET | 49891 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:49.047393084 CET | 49891 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:27:49.047416925 CET | 443 | 49891 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:27:55.818653107 CET | 49701 | 443 | 192.168.2.6 | 20.190.147.6 |
Dec 23, 2024 07:27:55.938695908 CET | 443 | 49701 | 20.190.147.6 | 192.168.2.6 |
Dec 23, 2024 07:27:55.938781977 CET | 49701 | 443 | 192.168.2.6 | 20.190.147.6 |
Dec 23, 2024 07:28:02.433809042 CET | 49705 | 443 | 192.168.2.6 | 20.190.147.6 |
Dec 23, 2024 07:28:02.553725004 CET | 443 | 49705 | 20.190.147.6 | 192.168.2.6 |
Dec 23, 2024 07:28:02.554239988 CET | 49705 | 443 | 192.168.2.6 | 20.190.147.6 |
Dec 23, 2024 07:28:12.999356985 CET | 49952 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:12.999399900 CET | 443 | 49952 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:12.999496937 CET | 49952 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:13.000103951 CET | 49952 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:13.000113964 CET | 443 | 49952 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:14.328236103 CET | 49956 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:14.328298092 CET | 443 | 49956 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:14.328366995 CET | 49956 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:14.329030037 CET | 49956 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:14.329041958 CET | 443 | 49956 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:15.218300104 CET | 443 | 49952 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:15.218401909 CET | 49952 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:15.253712893 CET | 49952 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:15.253742933 CET | 443 | 49952 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:15.254055023 CET | 443 | 49952 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:15.302860022 CET | 49952 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:15.334192038 CET | 49952 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:15.359844923 CET | 49952 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:15.359886885 CET | 443 | 49952 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:15.363518000 CET | 49952 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:15.407352924 CET | 443 | 49952 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:15.995397091 CET | 443 | 49952 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:15.995474100 CET | 443 | 49952 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:15.995584011 CET | 49952 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:15.995738983 CET | 49952 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:15.995754004 CET | 443 | 49952 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:16.556457996 CET | 443 | 49956 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:16.556576014 CET | 49956 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:16.558321953 CET | 49956 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:16.558341026 CET | 443 | 49956 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:16.558572054 CET | 443 | 49956 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:16.559952021 CET | 49956 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:16.560082912 CET | 49956 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:16.560087919 CET | 443 | 49956 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:16.560251951 CET | 49956 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:16.607338905 CET | 443 | 49956 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:17.104954004 CET | 443 | 49956 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:17.105086088 CET | 443 | 49956 | 20.198.119.84 | 192.168.2.6 |
Dec 23, 2024 07:28:17.105221987 CET | 49956 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:17.105451107 CET | 49956 | 443 | 192.168.2.6 | 20.198.119.84 |
Dec 23, 2024 07:28:17.105473995 CET | 443 | 49956 | 20.198.119.84 | 192.168.2.6 |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
0 | 192.168.2.6 | 49706 | 20.198.119.84 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-23 06:26:15 UTC | 70 | OUT | |
2024-12-23 06:26:15 UTC | 249 | OUT | |
2024-12-23 06:26:15 UTC | 1083 | OUT | |
2024-12-23 06:26:15 UTC | 73 | OUT | |
2024-12-23 06:26:16 UTC | 14 | IN | |
2024-12-23 06:26:16 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
1 | 192.168.2.6 | 49708 | 20.198.119.84 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-23 06:26:25 UTC | 71 | OUT | |
2024-12-23 06:26:25 UTC | 249 | OUT | |
2024-12-23 06:26:25 UTC | 1084 | OUT | |
2024-12-23 06:26:25 UTC | 218 | OUT | |
2024-12-23 06:26:26 UTC | 14 | IN | |
2024-12-23 06:26:26 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
2 | 192.168.2.6 | 49709 | 20.198.119.84 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-23 06:26:28 UTC | 71 | OUT | |
2024-12-23 06:26:28 UTC | 249 | OUT | |
2024-12-23 06:26:28 UTC | 1084 | OUT | |
2024-12-23 06:26:28 UTC | 74 | OUT | |
2024-12-23 06:26:28 UTC | 14 | IN | |
2024-12-23 06:26:28 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
3 | 192.168.2.6 | 49721 | 20.198.119.84 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-23 06:26:37 UTC | 71 | OUT | |
2024-12-23 06:26:37 UTC | 249 | OUT | |
2024-12-23 06:26:37 UTC | 1084 | OUT | |
2024-12-23 06:26:37 UTC | 218 | OUT | |
2024-12-23 06:26:37 UTC | 14 | IN | |
2024-12-23 06:26:37 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
4 | 192.168.2.6 | 49734 | 20.198.119.84 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-23 06:26:41 UTC | 71 | OUT | |
2024-12-23 06:26:41 UTC | 249 | OUT | |
2024-12-23 06:26:41 UTC | 1084 | OUT | |
2024-12-23 06:26:41 UTC | 74 | OUT | |
2024-12-23 06:26:41 UTC | 14 | IN | |
2024-12-23 06:26:41 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
5 | 192.168.2.6 | 49751 | 20.198.119.84 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-23 06:26:49 UTC | 71 | OUT | |
2024-12-23 06:26:49 UTC | 249 | OUT | |
2024-12-23 06:26:49 UTC | 1084 | OUT | |
2024-12-23 06:26:49 UTC | 218 | OUT | |
2024-12-23 06:26:49 UTC | 14 | IN | |
2024-12-23 06:26:49 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
6 | 192.168.2.6 | 49772 | 20.198.119.84 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-23 06:26:57 UTC | 71 | OUT | |
2024-12-23 06:26:57 UTC | 249 | OUT | |
2024-12-23 06:26:58 UTC | 1084 | OUT | |
2024-12-23 06:26:58 UTC | 74 | OUT | |
2024-12-23 06:26:58 UTC | 14 | IN | |
2024-12-23 06:26:58 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
7 | 192.168.2.6 | 49788 | 20.198.119.84 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-23 06:27:03 UTC | 71 | OUT | |
2024-12-23 06:27:03 UTC | 249 | OUT | |
2024-12-23 06:27:03 UTC | 1084 | OUT | |
2024-12-23 06:27:03 UTC | 218 | OUT | |
2024-12-23 06:27:03 UTC | 14 | IN | |
2024-12-23 06:27:03 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
8 | 192.168.2.6 | 49812 | 20.198.119.84 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-23 06:27:16 UTC | 70 | OUT | |
2024-12-23 06:27:16 UTC | 249 | OUT | |
2024-12-23 06:27:16 UTC | 1083 | OUT | |
2024-12-23 06:27:16 UTC | 73 | OUT | |
2024-12-23 06:27:16 UTC | 14 | IN | |
2024-12-23 06:27:16 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
9 | 192.168.2.6 | 49833 | 20.198.119.84 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-23 06:27:22 UTC | 71 | OUT | |
2024-12-23 06:27:22 UTC | 249 | OUT | |
2024-12-23 06:27:22 UTC | 1084 | OUT | |
2024-12-23 06:27:22 UTC | 218 | OUT | |
2024-12-23 06:27:23 UTC | 14 | IN | |
2024-12-23 06:27:23 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
10 | 192.168.2.6 | 49878 | 20.198.119.84 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-23 06:27:43 UTC | 71 | OUT | |
2024-12-23 06:27:43 UTC | 249 | OUT | |
2024-12-23 06:27:43 UTC | 1084 | OUT | |
2024-12-23 06:27:43 UTC | 74 | OUT | |
2024-12-23 06:27:43 UTC | 14 | IN | |
2024-12-23 06:27:43 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
11 | 192.168.2.6 | 49891 | 20.198.119.84 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-23 06:27:48 UTC | 71 | OUT | |
2024-12-23 06:27:48 UTC | 249 | OUT | |
2024-12-23 06:27:48 UTC | 1084 | OUT | |
2024-12-23 06:27:48 UTC | 218 | OUT | |
2024-12-23 06:27:49 UTC | 14 | IN | |
2024-12-23 06:27:49 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
12 | 192.168.2.6 | 49952 | 20.198.119.84 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-23 06:28:15 UTC | 71 | OUT | |
2024-12-23 06:28:15 UTC | 249 | OUT | |
2024-12-23 06:28:15 UTC | 1084 | OUT | |
2024-12-23 06:28:15 UTC | 218 | OUT | |
2024-12-23 06:28:15 UTC | 14 | IN | |
2024-12-23 06:28:15 UTC | 58 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port |
---|---|---|---|---|
13 | 192.168.2.6 | 49956 | 20.198.119.84 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-12-23 06:28:16 UTC | 71 | OUT | |
2024-12-23 06:28:16 UTC | 249 | OUT | |
2024-12-23 06:28:16 UTC | 1084 | OUT | |
2024-12-23 06:28:16 UTC | 74 | OUT | |
2024-12-23 06:28:17 UTC | 14 | IN | |
2024-12-23 06:28:17 UTC | 58 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Target ID: | 0 |
Start time: | 01:26:19 |
Start date: | 23/12/2024 |
Path: | C:\Users\user\Desktop\W53oi1JYy4.exe |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0x400000 |
File size: | 2'764'288 bytes |
MD5 hash: | BC72D38B806610A77E37D8B57D1D3721 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | Borland Delphi |
Reputation: | low |
Has exited: | false |