Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
Aqua.dbg.elf

Overview

General Information

Sample name:Aqua.dbg.elf
Analysis ID:1581779
MD5:508628e4841a44a7322afda52e41d4dd
SHA1:39c9b151b97c797dbc45c7ad91cda35000cbf4ba
SHA256:0b7e9afa2d968eddf0071380b8fc9a86639330ef1aab9dec1fe037360db9352b
Tags:elfuser-abuse_ch
Infos:

Detection

Score:72
Range:0 - 100
Whitelisted:false

Signatures

Antivirus / Scanner detection for submitted sample
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Machine Learning detection for sample
Sample deletes itself
Detected TCP or UDP traffic on non-standard ports
Sample has stripped symbol table
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Yara signature match

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1581779
Start date and time:2024-12-29 00:02:09 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 6m 38s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:Aqua.dbg.elf
Detection:MAL
Classification:mal72.evad.linELF@0/0@52/0

Warnings

  • VT rate limit hit for: Aqua.dbg.elf

Runtime Messages

Command:/tmp/Aqua.dbg.elf
PID:6214
Exit Code:
Exit Code Info:
Killed:True
Standard Output:
about to cum inside a femboy btw
[main] created new process group
[main/ensure] no other instance detected, joining botnet
[main] failed to hide cmdline name, continuing anyway
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
[main/conn]: received buffer length is too large, closing connection
[main/conn]: attempting to connect to cnc
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[resolv] Got response from select
[resolv] Found IP address: 193.200.78.37
Resolved raw.intenseapi.com to 1 IPv4 addresses
[main] Resolved domain
[main/conn]: connected to C&C (addr: 386050240)
Standard Error:

Process Tree

  • system is lnxubuntu20
  • Aqua.dbg.elf (PID: 6214, Parent: 6133, MD5: 508628e4841a44a7322afda52e41d4dd) Arguments: /tmp/Aqua.dbg.elf
  • cleanup

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
Aqua.dbg.elfLinux_Trojan_Gafgyt_9e9530a7unknownunknown
  • 0x85ec:$a: F6 48 63 FF B8 36 00 00 00 0F 05 48 3D 00 F0 FF FF 48 89 C3
Aqua.dbg.elfLinux_Trojan_Gafgyt_807911a2unknownunknown
  • 0x8ddb:$a: FE 48 39 F3 0F 94 C2 48 83 F9 FF 0F 94 C0 84 D0 74 16 4B 8D
Aqua.dbg.elfLinux_Trojan_Gafgyt_d4227dbfunknownunknown
  • 0x688e:$a: FF 48 81 EC D0 00 00 00 48 8D 84 24 E0 00 00 00 48 89 54 24 30 C7 04 24 18 00
  • 0xa534:$a: FF 48 81 EC D0 00 00 00 48 8D 84 24 E0 00 00 00 48 89 54 24 30 C7 04 24 18 00
Aqua.dbg.elfLinux_Trojan_Gafgyt_d996d335unknownunknown
  • 0xb1ae:$a: D0 EB 0F 40 38 37 75 04 48 89 F8 C3 49 FF C8 48 FF C7 4D 85 C0
Aqua.dbg.elfLinux_Trojan_Gafgyt_620087b9unknownunknown
  • 0x899b:$a: 48 89 D8 48 83 C8 01 EB 04 48 8B 76 10 48 3B 46 08 72 F6 48 8B
Click to see the 5 entries

Memory Dumps

SourceRuleDescriptionAuthorStrings
6214.1.0000000000400000.000000000040e000.r-x.sdmpLinux_Trojan_Gafgyt_9e9530a7unknownunknown
  • 0x85ec:$a: F6 48 63 FF B8 36 00 00 00 0F 05 48 3D 00 F0 FF FF 48 89 C3
6214.1.0000000000400000.000000000040e000.r-x.sdmpLinux_Trojan_Gafgyt_807911a2unknownunknown
  • 0x8ddb:$a: FE 48 39 F3 0F 94 C2 48 83 F9 FF 0F 94 C0 84 D0 74 16 4B 8D
6214.1.0000000000400000.000000000040e000.r-x.sdmpLinux_Trojan_Gafgyt_d4227dbfunknownunknown
  • 0x688e:$a: FF 48 81 EC D0 00 00 00 48 8D 84 24 E0 00 00 00 48 89 54 24 30 C7 04 24 18 00
  • 0xa534:$a: FF 48 81 EC D0 00 00 00 48 8D 84 24 E0 00 00 00 48 89 54 24 30 C7 04 24 18 00
6214.1.0000000000400000.000000000040e000.r-x.sdmpLinux_Trojan_Gafgyt_d996d335unknownunknown
  • 0xb1ae:$a: D0 EB 0F 40 38 37 75 04 48 89 F8 C3 49 FF C8 48 FF C7 4D 85 C0
6214.1.0000000000400000.000000000040e000.r-x.sdmpLinux_Trojan_Gafgyt_620087b9unknownunknown
  • 0x899b:$a: 48 89 D8 48 83 C8 01 EB 04 48 8B 76 10 48 3B 46 08 72 F6 48 8B
Click to see the 5 entries

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: Aqua.dbg.elfAvira: detected
Multi AV Scanner detection for submitted file
Source: Aqua.dbg.elfReversingLabs: Detection: 32%
Machine Learning detection for sample
Source: Aqua.dbg.elfJoe Sandbox ML: detected
Source: global trafficTCP traffic: 192.168.2.23:40828 -> 193.200.78.37:33966
Source: global trafficTCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443
Source: global trafficTCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
Source: global trafficTCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80
Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
Source: global trafficDNS traffic detected: DNS query: raw.intenseapi.com
Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443

System Summary

barindex
Malicious sample detected (through community Yara rule)
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_520deeb8 Author: unknown
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_449937aa Author: unknown
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_01e4a728 Author: unknown
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_e0cf29e2 Author: unknown
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_9e9530a7 Author: unknown
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_807911a2 Author: unknown
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d4227dbf Author: unknown
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d996d335 Author: unknown
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_620087b9 Author: unknown
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_33b4111a Author: unknown
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_520deeb8 Author: unknown
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_449937aa Author: unknown
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_01e4a728 Author: unknown
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_e0cf29e2 Author: unknown
Source: ELF static info symbol of initial sample.symtab present: no
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_520deeb8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f4dfd1d76e07ff875eedfe0ef4f861bee1e4d8e66d68385f602f29cc35e30cca, id = 520deeb8-cbc0-4225-8d23-adba5e040471, last_modified = 2021-09-16
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_449937aa reference_sample = 6f27766534445cffb097c7c52db1fca53b2210c1b10b75594f77c34dc8b994fe, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = cf2c6b86830099f039b41aeaafbffedfb8294a1124c499e99a11f48a06cd1dfd, id = 449937aa-682a-4906-89ab-80d7127e461e, last_modified = 2021-09-16
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_01e4a728 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = d90477364982bdc6cd22079c245d866454475749f762620273091f2fab73c196, id = 01e4a728-7c1c-479b-aed0-cb76d64dbb02, last_modified = 2021-09-16
Source: Aqua.dbg.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_e0cf29e2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3f124c3c9f124264dfbbcca1e4b4d7cfcf3274170d4bf8966b6559045873948f, id = e0cf29e2-88d7-4aa4-b60a-c24626f2b246, last_modified = 2021-09-16
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_9e9530a7 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = d6ad6512051e87c8c35dc168d82edd071b122d026dce21d39b9782b3d6a01e50, id = 9e9530a7-ad4d-4a44-b764-437b7621052f, last_modified = 2021-09-16
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_807911a2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = f409037091b7372f5a42bbe437316bd11c655e7a5fe1fcf83d1981cb5c4a389f, id = 807911a2-f6ec-4e65-924f-61cb065dafc6, last_modified = 2021-09-16
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d4227dbf reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 58c4b1d4d167876b64cfa10f609911a80284180e4db093917fea16fae8ccd4e3, id = d4227dbf-6ab4-4637-a6ba-0e604acaafb4, last_modified = 2021-09-16
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_d996d335 reference_sample = b511eacd4b44744c8cf82d1b4a9bc6f1022fe6be7c5d17356b171f727ddc6eda, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = e9ccb8412f32187c309b0e9afcc3a6da21ad2f1ffa251c27f9f720ccb284e3ac, id = d996d335-e049-4052-bf36-6cd07c911a8b, last_modified = 2021-09-16
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_620087b9 reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 06cd7e6eb62352ec2ccb9ed48e58c0583c02fefd137cd048d053ab30b5330307, id = 620087b9-c87d-4752-89e8-ca1c16486b28, last_modified = 2021-09-16
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_33b4111a reference_sample = 01da73e0d425b4d97c5ad75c49657f95618b394d09bd6be644eb968a3b894961, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9c3b63b9a0f54006bae12abcefdb518904a85f78be573f0780f0a265b12d2d6e, id = 33b4111a-e59e-48db-9d74-34ca44fcd9f5, last_modified = 2021-09-16
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_520deeb8 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f4dfd1d76e07ff875eedfe0ef4f861bee1e4d8e66d68385f602f29cc35e30cca, id = 520deeb8-cbc0-4225-8d23-adba5e040471, last_modified = 2021-09-16
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_449937aa reference_sample = 6f27766534445cffb097c7c52db1fca53b2210c1b10b75594f77c34dc8b994fe, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = cf2c6b86830099f039b41aeaafbffedfb8294a1124c499e99a11f48a06cd1dfd, id = 449937aa-682a-4906-89ab-80d7127e461e, last_modified = 2021-09-16
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_01e4a728 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = d90477364982bdc6cd22079c245d866454475749f762620273091f2fab73c196, id = 01e4a728-7c1c-479b-aed0-cb76d64dbb02, last_modified = 2021-09-16
Source: 6214.1.0000000000400000.000000000040e000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_e0cf29e2 os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 3f124c3c9f124264dfbbcca1e4b4d7cfcf3274170d4bf8966b6559045873948f, id = e0cf29e2-88d7-4aa4-b60a-c24626f2b246, last_modified = 2021-09-16
Source: classification engineClassification label: mal72.evad.linELF@0/0@52/0

Hooking and other Techniques for Hiding and Protection

barindex
Sample deletes itself
Source: /tmp/Aqua.dbg.elf (PID: 6214)File: /tmp/Aqua.dbg.elfJump to behavior

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath InterceptionPath Interception1
File Deletion		OS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Standard Port		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive1
Non-Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact
Employee NamesVirtual Private ServerLocal AccountsCronLogin HookLogin HookBinary PaddingNTDSSystem Network Configuration DiscoveryDistributed Component Object ModelInput Capture2
Application Layer Protocol		Traffic DuplicationData Destruction

Malware Configuration

No configs have been found

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Number of created Files
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
Aqua.dbg.elf32%ReversingLabsLinux.Backdoor.Mirai
Aqua.dbg.elf100%AviraEXP/ELF.Mirai.W
Aqua.dbg.elf100%Joe Sandbox ML

Dropped Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
raw.intenseapi.com
193.200.78.37
truefalse
    		high

    World Map of Contacted IPs

    • No. of IPs < 25%
    • 25% < No. of IPs < 50%
    • 50% < No. of IPs < 75%
    • 75% < No. of IPs

    Public IPs

    IPDomainCountryFlagASNASN NameMalicious
    193.200.78.37
    		raw.intenseapi.comSwitzerland
    		29496LINK-SERVICE-ASUAfalse
    109.202.202.202
    		unknownSwitzerland
    		13030INIT7CHfalse
    91.189.91.43
    		unknownUnited Kingdom
    		41231CANONICAL-ASGBfalse
    91.189.91.42
    		unknownUnited Kingdom
    		41231CANONICAL-ASGBfalse

    Joe Sandbox View / Context

    IPs

    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
    193.200.78.37Aqua.m68k.elfGet hashmaliciousUnknownBrowse
      Aqua.m68k.elfGet hashmaliciousUnknownBrowse
        Aqua.sh4.elfGet hashmaliciousUnknownBrowse
          Aqua.spc.elfGet hashmaliciousUnknownBrowse
            Aqua.x86_64.elfGet hashmaliciousUnknownBrowse
              Aqua.mips.elfGet hashmaliciousUnknownBrowse
                109.202.202.202kpLwzBouH4.elfGet hashmaliciousUnknownBrowse
                • ch.archive.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_92.0%2bbuild3-0ubuntu0.20.04.1_amd64.deb
                91.189.91.43Aqua.m68k.elfGet hashmaliciousUnknownBrowse
                  mips.elfGet hashmaliciousUnknownBrowse
                    db0fa4b8db0333367e9bda3ab68b8042.mpsl.elfGet hashmaliciousUnknownBrowse
                      Aqua.spc.elfGet hashmaliciousUnknownBrowse
                        Aqua.x86_64.elfGet hashmaliciousUnknownBrowse
                          kqibeps.elfGet hashmaliciousMiraiBrowse
                            Aqua.mips.elfGet hashmaliciousUnknownBrowse
                              ngwa5.elfGet hashmaliciousMiraiBrowse
                                boatnet.mips.elfGet hashmaliciousMiraiBrowse
                                  109.71.252.43-boatnet.arm6-2024-12-28T20_30_37.elfGet hashmaliciousMiraiBrowse
                                    91.189.91.42Aqua.m68k.elfGet hashmaliciousUnknownBrowse
                                      mips.elfGet hashmaliciousUnknownBrowse
                                        db0fa4b8db0333367e9bda3ab68b8042.mpsl.elfGet hashmaliciousUnknownBrowse
                                          Aqua.spc.elfGet hashmaliciousUnknownBrowse
                                            Aqua.x86_64.elfGet hashmaliciousUnknownBrowse
                                              kqibeps.elfGet hashmaliciousMiraiBrowse
                                                Aqua.mips.elfGet hashmaliciousUnknownBrowse
                                                  ngwa5.elfGet hashmaliciousMiraiBrowse
                                                    boatnet.mips.elfGet hashmaliciousMiraiBrowse
                                                      109.71.252.43-boatnet.arm6-2024-12-28T20_30_37.elfGet hashmaliciousMiraiBrowse

                                                        Domains

                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                        raw.intenseapi.comAqua.spc.elfGet hashmaliciousUnknownBrowse
                                                        • 193.200.78.37
                                                        Aqua.x86_64.elfGet hashmaliciousUnknownBrowse
                                                        • 193.200.78.37
                                                        Aqua.mips.elfGet hashmaliciousUnknownBrowse
                                                        • 193.200.78.37

                                                        ASNs

                                                        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                                        CANONICAL-ASGBAqua.m68k.elfGet hashmaliciousUnknownBrowse
                                                        • 91.189.91.42
                                                        mips.elfGet hashmaliciousUnknownBrowse
                                                        • 91.189.91.42
                                                        db0fa4b8db0333367e9bda3ab68b8042.mpsl.elfGet hashmaliciousUnknownBrowse
                                                        • 91.189.91.42
                                                        Aqua.sh4.elfGet hashmaliciousUnknownBrowse
                                                        • 185.125.190.26
                                                        Aqua.spc.elfGet hashmaliciousUnknownBrowse
                                                        • 91.189.91.42
                                                        nn.elfGet hashmaliciousNanominer, XmrigBrowse
                                                        • 185.125.190.26
                                                        Aqua.x86_64.elfGet hashmaliciousUnknownBrowse
                                                        • 91.189.91.42
                                                        kqibeps.elfGet hashmaliciousMiraiBrowse
                                                        • 91.189.91.42
                                                        Aqua.mips.elfGet hashmaliciousUnknownBrowse
                                                        • 91.189.91.42
                                                        ngwa5.elfGet hashmaliciousMiraiBrowse
                                                        • 91.189.91.42
                                                        CANONICAL-ASGBAqua.m68k.elfGet hashmaliciousUnknownBrowse
                                                        • 91.189.91.42
                                                        mips.elfGet hashmaliciousUnknownBrowse
                                                        • 91.189.91.42
                                                        db0fa4b8db0333367e9bda3ab68b8042.mpsl.elfGet hashmaliciousUnknownBrowse
                                                        • 91.189.91.42
                                                        Aqua.sh4.elfGet hashmaliciousUnknownBrowse
                                                        • 185.125.190.26
                                                        Aqua.spc.elfGet hashmaliciousUnknownBrowse
                                                        • 91.189.91.42
                                                        nn.elfGet hashmaliciousNanominer, XmrigBrowse
                                                        • 185.125.190.26
                                                        Aqua.x86_64.elfGet hashmaliciousUnknownBrowse
                                                        • 91.189.91.42
                                                        kqibeps.elfGet hashmaliciousMiraiBrowse
                                                        • 91.189.91.42
                                                        Aqua.mips.elfGet hashmaliciousUnknownBrowse
                                                        • 91.189.91.42
                                                        ngwa5.elfGet hashmaliciousMiraiBrowse
                                                        • 91.189.91.42
                                                        INIT7CHAqua.m68k.elfGet hashmaliciousUnknownBrowse
                                                        • 109.202.202.202
                                                        mips.elfGet hashmaliciousUnknownBrowse
                                                        • 109.202.202.202
                                                        db0fa4b8db0333367e9bda3ab68b8042.mpsl.elfGet hashmaliciousUnknownBrowse
                                                        • 109.202.202.202
                                                        Aqua.spc.elfGet hashmaliciousUnknownBrowse
                                                        • 109.202.202.202
                                                        Aqua.x86_64.elfGet hashmaliciousUnknownBrowse
                                                        • 109.202.202.202
                                                        kqibeps.elfGet hashmaliciousMiraiBrowse
                                                        • 109.202.202.202
                                                        Aqua.mips.elfGet hashmaliciousUnknownBrowse
                                                        • 109.202.202.202
                                                        ngwa5.elfGet hashmaliciousMiraiBrowse
                                                        • 109.202.202.202
                                                        boatnet.mips.elfGet hashmaliciousMiraiBrowse
                                                        • 109.202.202.202
                                                        109.71.252.43-boatnet.arm6-2024-12-28T20_30_37.elfGet hashmaliciousMiraiBrowse
                                                        • 109.202.202.202
                                                        LINK-SERVICE-ASUAAqua.m68k.elfGet hashmaliciousUnknownBrowse
                                                        • 193.200.78.37
                                                        Aqua.m68k.elfGet hashmaliciousUnknownBrowse
                                                        • 193.200.78.37
                                                        Aqua.sh4.elfGet hashmaliciousUnknownBrowse
                                                        • 193.200.78.37
                                                        Aqua.spc.elfGet hashmaliciousUnknownBrowse
                                                        • 193.200.78.37
                                                        Aqua.x86_64.elfGet hashmaliciousUnknownBrowse
                                                        • 193.200.78.37
                                                        Aqua.mips.elfGet hashmaliciousUnknownBrowse
                                                        • 193.200.78.37
                                                        KCmfLMBjHJ.elfGet hashmaliciousUnknownBrowse
                                                        • 193.200.79.115
                                                        assailant.i586Get hashmaliciousMiraiBrowse
                                                        • 194.146.110.216
                                                        9CSfviwl3lGet hashmaliciousMiraiBrowse
                                                        • 193.200.79.137
                                                        h5OUwxH9E5Get hashmaliciousMiraiBrowse
                                                        • 193.200.79.128

                                                        JA3 Fingerprints

                                                        No context

                                                        Dropped Files

                                                        No context

                                                        Created / dropped Files

                                                        No created / dropped files found

                                                        Static File Info

                                                        General

                                                        File type:ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, stripped
                                                        Entropy (8bit):6.0728824146455676
                                                        TrID:
                                                        • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                                                        File name:Aqua.dbg.elf
                                                        File size:59'264 bytes
                                                        MD5:508628e4841a44a7322afda52e41d4dd
                                                        SHA1:39c9b151b97c797dbc45c7ad91cda35000cbf4ba
                                                        SHA256:0b7e9afa2d968eddf0071380b8fc9a86639330ef1aab9dec1fe037360db9352b
                                                        SHA512:4816f4fe614acbbc629e17f6598d8b990eeb3341294869d7752caae82aadf4ca1e318a230c35281bbe59734d60550c611b4a62d932740e7dc01dc21c06b13c3a
                                                        SSDEEP:1536:K4wD2cRvuJvf7f0PLvjU+kPFwW5xNYtzd40vf35OfRJ:pwD2cRvuJvzf0PLLM9wW5cty0vBOfRJ
                                                        TLSH:10435B57B98080FCC18DC2745B3FA636E672F07D4335B26957E8E922AE95F304E2E059
                                                        File Content Preview:.ELF..............>.......@.....@...................@.8...@.......................@.......@...............................................P.......P.............h...............Q.td....................................................H...._........H........

                                                        Static ELF Info

                                                        ELF header

                                                        Class:ELF64
                                                        Data:2's complement, little endian
                                                        Version:1 (current)
                                                        Machine:Advanced Micro Devices X86-64
                                                        Version Number:0x1
                                                        Type:EXEC (Executable file)
                                                        OS/ABI:UNIX - System V
                                                        ABI Version:0
                                                        Entry Point Address:0x400194
                                                        Flags:0x0
                                                        ELF Header Size:64
                                                        Program Header Offset:64
                                                        Program Header Size:56
                                                        Number of Program Headers:3
                                                        Section Header Offset:58624
                                                        Section Header Size:64
                                                        Number of Section Headers:10
                                                        Header String Table Index:9

                                                        Sections

                                                        NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
                                                        NULL0x00x00x00x00x0000
                                                        .initPROGBITS0x4000e80xe80x130x00x6AX001
                                                        .textPROGBITS0x4001000x1000xb5360x00x6AX0016
                                                        .finiPROGBITS0x40b6360xb6360xe0x00x6AX001
                                                        .rodataPROGBITS0x40b6600xb6600x1e700x00x2A0032
                                                        .ctorsPROGBITS0x50e0000xe0000x100x00x3WA008
                                                        .dtorsPROGBITS0x50e0100xe0100x100x00x3WA008
                                                        .dataPROGBITS0x50e0400xe0400x4800x00x3WA0032
                                                        .bssNOBITS0x50e4c00xe4c00x29a80x00x3WA0032
                                                        .shstrtabSTRTAB0x00xe4c00x3e0x00x0001

                                                        Program Segments

                                                        TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                                                        LOAD0x00x4000000x4000000xd4d00xd4d06.35110x5R E0x100000.init .text .fini .rodata
                                                        LOAD0xe0000x50e0000x50e0000x4c00x2e682.64580x6RW 0x100000.ctors .dtors .data .bss
                                                        GNU_STACK0x00x00x00x00x00.00000x6RW 0x8

                                                        Network Behavior

                                                        Network Port Distribution

                                                        TCP Packets

                                                        TimestampSource PortDest PortSource IPDest IP
                                                        Dec 29, 2024 00:02:47.109364986 CET4082833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:47.228887081 CET3396640828193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:47.229046106 CET4082833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:47.229906082 CET4082833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:47.349322081 CET3396640828193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:47.349464893 CET4082833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:47.468918085 CET3396640828193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:47.779956102 CET43928443192.168.2.2391.189.91.42
                                                        Dec 29, 2024 00:02:48.519831896 CET3396640828193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:48.519944906 CET4082833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:48.519987106 CET4082833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:49.017409086 CET4083033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:49.136888027 CET3396640830193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:49.137042046 CET4083033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:49.138101101 CET4083033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:49.257603884 CET3396640830193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:49.257888079 CET4083033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:49.377517939 CET3396640830193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:50.427762032 CET3396640830193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:50.428020000 CET4083033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:50.428020000 CET4083033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:50.925987005 CET4083233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:51.045541048 CET3396640832193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:51.045716047 CET4083233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:51.046498060 CET4083233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:51.165926933 CET3396640832193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:51.166218042 CET4083233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:51.285715103 CET3396640832193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:52.373219967 CET3396640832193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:52.373349905 CET4083233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:52.373372078 CET4083233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:52.870707035 CET4083433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:52.990184069 CET3396640834193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:52.990279913 CET4083433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:52.991072893 CET4083433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:53.110551119 CET3396640834193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:53.110707998 CET4083433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:53.230273008 CET3396640834193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:53.411096096 CET42836443192.168.2.2391.189.91.43
                                                        Dec 29, 2024 00:02:54.283579111 CET3396640834193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:54.283665895 CET4083433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:54.283694029 CET4083433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:54.554414988 CET4083633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:54.673939943 CET3396640836193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:54.673995018 CET4083633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:54.674683094 CET4083633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:54.690860033 CET4251680192.168.2.23109.202.202.202
                                                        Dec 29, 2024 00:02:54.794101000 CET3396640836193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:54.794174910 CET4083633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:54.913741112 CET3396640836193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:55.955993891 CET3396640836193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:55.956223011 CET4083633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:55.956223011 CET4083633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:56.226655006 CET4083833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:56.346282959 CET3396640838193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:56.346340895 CET4083833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:56.347150087 CET4083833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:56.466583967 CET3396640838193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:56.466634989 CET4083833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:56.586184025 CET3396640838193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:57.636373997 CET3396640838193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:57.636481047 CET4083833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:57.636481047 CET4083833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:58.134993076 CET4084033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:58.254704952 CET3396640840193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:58.254940033 CET4084033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:58.255595922 CET4084033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:58.375130892 CET3396640840193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:58.375278950 CET4084033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:58.494882107 CET3396640840193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:59.537082911 CET3396640840193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:59.537190914 CET4084033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:59.537230968 CET4084033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:59.808083057 CET4084233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:59.927592993 CET3396640842193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:02:59.927678108 CET4084233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:02:59.928560019 CET4084233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:00.048182011 CET3396640842193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:00.048294067 CET4084233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:00.168112993 CET3396640842193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:01.172379017 CET3396640842193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:01.172486067 CET4084233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:01.172486067 CET4084233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:01.443628073 CET4084433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:01.563352108 CET3396640844193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:01.563632011 CET4084433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:01.564547062 CET4084433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:01.684010983 CET3396640844193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:01.684201002 CET4084433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:01.803826094 CET3396640844193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:02.845736027 CET3396640844193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:02.846002102 CET4084433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:02.846118927 CET4084433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:03.344003916 CET4084633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:03.463861942 CET3396640846193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:03.464070082 CET4084633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:03.465256929 CET4084633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:03.584701061 CET3396640846193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:03.584832907 CET4084633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:03.704449892 CET3396640846193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:04.756655931 CET3396640846193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:04.756783009 CET4084633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:04.756810904 CET4084633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:05.017811060 CET4084833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:05.138720989 CET3396640848193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:05.139024973 CET4084833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:05.140002012 CET4084833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:05.260912895 CET3396640848193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:05.261048079 CET4084833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:05.380520105 CET3396640848193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:06.428042889 CET3396640848193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:06.428168058 CET4084833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:06.428333044 CET4084833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:06.699351072 CET4085033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:06.819926023 CET3396640850193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:06.820097923 CET4085033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:06.821099043 CET4085033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:06.940589905 CET3396640850193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:06.940740108 CET4085033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:07.060384035 CET3396640850193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:08.001055956 CET43928443192.168.2.2391.189.91.42
                                                        Dec 29, 2024 00:03:08.109507084 CET3396640850193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:08.109663963 CET4085033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:08.109663963 CET4085033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:08.380755901 CET4085233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:08.500446081 CET3396640852193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:08.500590086 CET4085233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:08.501537085 CET4085233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:08.621092081 CET3396640852193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:08.621237993 CET4085233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:08.740895033 CET3396640852193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:09.837002993 CET3396640852193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:09.837205887 CET4085233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:09.837205887 CET4085233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:10.096879959 CET4085433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:10.216655016 CET3396640854193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:10.216821909 CET4085433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:10.217427969 CET4085433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:10.337063074 CET3396640854193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:10.337140083 CET4085433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:10.456679106 CET3396640854193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:11.498723030 CET3396640854193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:11.498858929 CET4085433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:11.498858929 CET4085433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:11.757750034 CET4085633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:11.877311945 CET3396640856193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:11.877527952 CET4085633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:11.878570080 CET4085633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:11.998051882 CET3396640856193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:11.998280048 CET4085633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:12.118217945 CET3396640856193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:13.114351034 CET3396640856193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:13.114598989 CET4085633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:13.114598989 CET4085633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:13.373867035 CET4085833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:13.493741035 CET3396640858193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:13.493949890 CET4085833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:13.494899988 CET4085833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:13.615683079 CET3396640858193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:13.615853071 CET4085833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:13.735639095 CET3396640858193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:14.738554001 CET3396640858193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:14.738833904 CET4085833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:14.738833904 CET4085833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:14.998415947 CET4086033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:15.118364096 CET3396640860193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:15.118432045 CET4086033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:15.119175911 CET4086033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:15.238706112 CET3396640860193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:15.238889933 CET4086033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:15.358629942 CET3396640860193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:16.454137087 CET3396640860193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:16.454319954 CET4086033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:16.454320908 CET4086033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:16.724111080 CET4086233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:16.843616962 CET3396640862193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:16.843825102 CET4086233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:16.844798088 CET4086233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:16.964397907 CET3396640862193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:16.964499950 CET4086233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:17.084083080 CET3396640862193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:18.133897066 CET3396640862193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:18.134337902 CET4086233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:18.137671947 CET4086233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:18.634949923 CET4086433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:18.754656076 CET3396640864193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:18.754793882 CET4086433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:18.755399942 CET4086433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:18.874978065 CET3396640864193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:18.875183105 CET4086433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:18.994807005 CET3396640864193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:19.989953995 CET3396640864193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:19.990171909 CET4086433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:19.990247011 CET4086433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:20.249876976 CET4086633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:20.287348032 CET42836443192.168.2.2391.189.91.43
                                                        Dec 29, 2024 00:03:20.369446039 CET3396640866193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:20.369796038 CET4086633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:20.370706081 CET4086633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:20.490170002 CET3396640866193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:20.490391970 CET4086633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:20.609934092 CET3396640866193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:21.703684092 CET3396640866193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:21.703958988 CET4086633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:21.704057932 CET4086633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:21.974986076 CET4086833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:22.094578028 CET3396640868193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:22.094887972 CET4086833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:22.096144915 CET4086833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:22.215600967 CET3396640868193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:22.215815067 CET4086833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:22.335915089 CET3396640868193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:23.338443995 CET3396640868193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:23.338629961 CET4086833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:23.338813066 CET4086833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:23.610323906 CET4087033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:23.729938984 CET3396640870193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:23.730087042 CET4087033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:23.731333017 CET4087033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:23.850899935 CET3396640870193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:23.851030111 CET4087033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:23.970629930 CET3396640870193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:24.382865906 CET4251680192.168.2.23109.202.202.202
                                                        Dec 29, 2024 00:03:24.967235088 CET3396640870193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:24.967494965 CET4087033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:24.967526913 CET4087033966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:25.226387978 CET4087233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:25.346257925 CET3396640872193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:25.346343040 CET4087233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:25.347553015 CET4087233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:25.466995001 CET3396640872193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:25.467201948 CET4087233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:25.586677074 CET3396640872193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:26.638279915 CET3396640872193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:26.638459921 CET4087233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:26.638544083 CET4087233966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:26.910267115 CET4087433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:27.029934883 CET3396640874193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:27.030078888 CET4087433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:27.031213999 CET4087433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:27.150691032 CET3396640874193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:27.150845051 CET4087433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:27.270405054 CET3396640874193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:28.330616951 CET3396640874193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:28.330784082 CET4087433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:28.330929041 CET4087433966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:28.579302073 CET4087633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:28.699007988 CET3396640876193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:28.699153900 CET4087633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:28.700336933 CET4087633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:28.819983006 CET3396640876193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:28.820235968 CET4087633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:28.939819098 CET3396640876193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:29.992254019 CET3396640876193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:29.992373943 CET4087633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:29.992465019 CET4087633966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:30.264611006 CET4087833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:30.384248972 CET3396640878193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:30.384335041 CET4087833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:30.385620117 CET4087833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:30.505637884 CET3396640878193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:30.505733013 CET4087833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:30.625480890 CET3396640878193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:31.471299887 CET4087833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:31.591139078 CET3396640878193.200.78.37192.168.2.23
                                                        Dec 29, 2024 00:03:31.591239929 CET4087833966192.168.2.23193.200.78.37
                                                        Dec 29, 2024 00:03:48.955359936 CET43928443192.168.2.2391.189.91.42

                                                        UDP Packets

                                                        TimestampSource PortDest PortSource IPDest IP
                                                        Dec 29, 2024 00:02:46.485359907 CET3291153192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:46.844866037 CET53329118.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:46.846138000 CET5745653192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:47.108598948 CET53574568.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:48.520816088 CET5690753192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:48.654531002 CET53569078.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:48.655603886 CET4345153192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:49.016590118 CET53434518.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:50.428822994 CET3701153192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:50.790167093 CET53370118.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:50.791105032 CET3445453192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:50.925573111 CET53344548.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:52.374231100 CET5273553192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:52.734997034 CET53527358.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:52.736030102 CET3987653192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:52.870158911 CET53398768.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:54.284785986 CET3785053192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:54.418705940 CET53378508.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:54.419553041 CET5428453192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:54.553790092 CET53542848.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:55.957019091 CET4573353192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:56.091394901 CET53457338.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:56.092286110 CET4175053192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:56.226150036 CET53417508.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:57.637264013 CET5086153192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:57.999596119 CET53508618.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:58.000684023 CET3484653192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:58.134505033 CET53348468.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:59.538096905 CET4159153192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:59.672060966 CET53415918.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:02:59.673361063 CET4077253192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:02:59.807288885 CET53407728.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:01.173572063 CET5706053192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:01.307914019 CET53570608.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:01.309129000 CET5277453192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:01.443061113 CET53527748.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:02.847342968 CET5841453192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:03.208396912 CET53584148.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:03.209639072 CET4640153192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:03.343373060 CET53464018.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:04.757997036 CET5506953192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:04.891658068 CET53550698.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:04.892993927 CET5169653192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:05.016940117 CET53516968.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:06.429378033 CET4471853192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:06.563769102 CET53447188.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:06.564876080 CET5635553192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:06.698849916 CET53563558.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:08.110887051 CET4434053192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:08.244700909 CET53443408.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:08.245980978 CET3772153192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:08.379874945 CET53377218.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:09.838309050 CET3952053192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:09.972193956 CET53395208.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:09.973491907 CET4404853192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:10.096225023 CET53440488.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:11.499675035 CET3959953192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:11.622061968 CET53395998.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:11.623262882 CET5692453192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:11.757033110 CET53569248.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:13.115580082 CET5738653192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:13.238065004 CET53573868.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:13.239379883 CET4659353192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:13.373122931 CET53465938.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:14.739567041 CET3538353192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:14.862164974 CET53353838.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:14.863513947 CET5056353192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:14.997813940 CET53505638.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:16.455001116 CET3991353192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:16.588742971 CET53399138.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:16.589623928 CET4728653192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:16.723324060 CET53472868.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:18.138219118 CET3339953192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:18.271955967 CET53333998.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:18.273269892 CET3609753192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:18.633945942 CET53360978.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:19.991364956 CET3596953192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:20.113637924 CET53359698.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:20.115164042 CET5603653192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:20.248812914 CET53560368.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:21.705235958 CET4503153192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:21.838907957 CET53450318.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:21.840281010 CET4603753192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:21.974003077 CET53460378.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:23.339996099 CET3465953192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:23.474286079 CET53346598.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:23.475732088 CET6065053192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:23.609380007 CET53606508.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:24.968291998 CET5386453192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:25.102646112 CET53538648.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:25.103475094 CET5484253192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:25.225908041 CET53548428.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:26.639513016 CET5746653192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:26.773056984 CET53574668.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:26.774389982 CET3689153192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:26.909265041 CET53368918.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:28.331991911 CET3593453192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:28.454912901 CET53359348.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:28.456218958 CET4278753192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:28.578562021 CET53427878.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:29.993674040 CET5012953192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:30.128303051 CET53501298.8.8.8192.168.2.23
                                                        Dec 29, 2024 00:03:30.129690886 CET5021053192.168.2.238.8.8.8
                                                        Dec 29, 2024 00:03:30.263715029 CET53502108.8.8.8192.168.2.23

                                                        DNS Queries

                                                        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
                                                        Dec 29, 2024 00:02:46.485359907 CET192.168.2.238.8.8.80x9d2bStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:46.846138000 CET192.168.2.238.8.8.80x1986Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:48.520816088 CET192.168.2.238.8.8.80xfa21Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:48.655603886 CET192.168.2.238.8.8.80xb720Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:50.428822994 CET192.168.2.238.8.8.80xddbeStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:50.791105032 CET192.168.2.238.8.8.80x2291Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:52.374231100 CET192.168.2.238.8.8.80xf3fcStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:52.736030102 CET192.168.2.238.8.8.80xed3Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:54.284785986 CET192.168.2.238.8.8.80x6007Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:54.419553041 CET192.168.2.238.8.8.80x20a3Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:55.957019091 CET192.168.2.238.8.8.80x4412Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:56.092286110 CET192.168.2.238.8.8.80x3701Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:57.637264013 CET192.168.2.238.8.8.80x5420Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:58.000684023 CET192.168.2.238.8.8.80xa6d6Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:59.538096905 CET192.168.2.238.8.8.80x6384Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:59.673361063 CET192.168.2.238.8.8.80xb808Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:01.173572063 CET192.168.2.238.8.8.80x152aStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:01.309129000 CET192.168.2.238.8.8.80xbf80Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:02.847342968 CET192.168.2.238.8.8.80xb56dStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:03.209639072 CET192.168.2.238.8.8.80xf869Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:04.757997036 CET192.168.2.238.8.8.80xfc73Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:04.892993927 CET192.168.2.238.8.8.80xeffeStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:06.429378033 CET192.168.2.238.8.8.80x7848Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:06.564876080 CET192.168.2.238.8.8.80x68bdStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:08.110887051 CET192.168.2.238.8.8.80x2e8fStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:08.245980978 CET192.168.2.238.8.8.80xc2cfStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:09.838309050 CET192.168.2.238.8.8.80x2e39Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:09.973491907 CET192.168.2.238.8.8.80x5db6Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:11.499675035 CET192.168.2.238.8.8.80xc931Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:11.623262882 CET192.168.2.238.8.8.80xe06bStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:13.115580082 CET192.168.2.238.8.8.80x8e77Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:13.239379883 CET192.168.2.238.8.8.80x3b32Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:14.739567041 CET192.168.2.238.8.8.80x5af6Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:14.863513947 CET192.168.2.238.8.8.80xc02eStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:16.455001116 CET192.168.2.238.8.8.80x706aStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:16.589623928 CET192.168.2.238.8.8.80x47a6Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:18.138219118 CET192.168.2.238.8.8.80xc166Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:18.273269892 CET192.168.2.238.8.8.80x372dStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:19.991364956 CET192.168.2.238.8.8.80xf0daStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:20.115164042 CET192.168.2.238.8.8.80xf16aStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:21.705235958 CET192.168.2.238.8.8.80x12cStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:21.840281010 CET192.168.2.238.8.8.80xb8f0Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:23.339996099 CET192.168.2.238.8.8.80x5829Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:23.475732088 CET192.168.2.238.8.8.80x5302Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:24.968291998 CET192.168.2.238.8.8.80x5100Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:25.103475094 CET192.168.2.238.8.8.80xbb8aStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:26.639513016 CET192.168.2.238.8.8.80x910dStandard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:26.774389982 CET192.168.2.238.8.8.80x9a72Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:28.331991911 CET192.168.2.238.8.8.80x9588Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:28.456218958 CET192.168.2.238.8.8.80x7374Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:29.993674040 CET192.168.2.238.8.8.80xe328Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:30.129690886 CET192.168.2.238.8.8.80xf7b9Standard query (0)raw.intenseapi.comA (IP address)IN (0x0001)false

                                                        DNS Answers

                                                        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
                                                        Dec 29, 2024 00:02:46.844866037 CET8.8.8.8192.168.2.230x9d2bNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:47.108598948 CET8.8.8.8192.168.2.230x1986No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:48.654531002 CET8.8.8.8192.168.2.230xfa21No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:49.016590118 CET8.8.8.8192.168.2.230xb720No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:50.790167093 CET8.8.8.8192.168.2.230xddbeNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:50.925573111 CET8.8.8.8192.168.2.230x2291No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:52.734997034 CET8.8.8.8192.168.2.230xf3fcNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:52.870158911 CET8.8.8.8192.168.2.230xed3No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:54.418705940 CET8.8.8.8192.168.2.230x6007No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:54.553790092 CET8.8.8.8192.168.2.230x20a3No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:56.091394901 CET8.8.8.8192.168.2.230x4412No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:56.226150036 CET8.8.8.8192.168.2.230x3701No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:57.999596119 CET8.8.8.8192.168.2.230x5420No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:58.134505033 CET8.8.8.8192.168.2.230xa6d6No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:59.672060966 CET8.8.8.8192.168.2.230x6384No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:02:59.807288885 CET8.8.8.8192.168.2.230xb808No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:01.307914019 CET8.8.8.8192.168.2.230x152aNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:01.443061113 CET8.8.8.8192.168.2.230xbf80No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:03.208396912 CET8.8.8.8192.168.2.230xb56dNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:03.343373060 CET8.8.8.8192.168.2.230xf869No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:04.891658068 CET8.8.8.8192.168.2.230xfc73No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:05.016940117 CET8.8.8.8192.168.2.230xeffeNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:06.563769102 CET8.8.8.8192.168.2.230x7848No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:06.698849916 CET8.8.8.8192.168.2.230x68bdNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:08.244700909 CET8.8.8.8192.168.2.230x2e8fNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:08.379874945 CET8.8.8.8192.168.2.230xc2cfNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:09.972193956 CET8.8.8.8192.168.2.230x2e39No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:10.096225023 CET8.8.8.8192.168.2.230x5db6No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:11.622061968 CET8.8.8.8192.168.2.230xc931No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:11.757033110 CET8.8.8.8192.168.2.230xe06bNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:13.238065004 CET8.8.8.8192.168.2.230x8e77No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:13.373122931 CET8.8.8.8192.168.2.230x3b32No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:14.862164974 CET8.8.8.8192.168.2.230x5af6No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:14.997813940 CET8.8.8.8192.168.2.230xc02eNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:16.588742971 CET8.8.8.8192.168.2.230x706aNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:16.723324060 CET8.8.8.8192.168.2.230x47a6No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:18.271955967 CET8.8.8.8192.168.2.230xc166No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:18.633945942 CET8.8.8.8192.168.2.230x372dNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:20.113637924 CET8.8.8.8192.168.2.230xf0daNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:20.248812914 CET8.8.8.8192.168.2.230xf16aNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:21.838907957 CET8.8.8.8192.168.2.230x12cNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:21.974003077 CET8.8.8.8192.168.2.230xb8f0No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:23.474286079 CET8.8.8.8192.168.2.230x5829No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:23.609380007 CET8.8.8.8192.168.2.230x5302No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:25.102646112 CET8.8.8.8192.168.2.230x5100No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:25.225908041 CET8.8.8.8192.168.2.230xbb8aNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:26.773056984 CET8.8.8.8192.168.2.230x910dNo error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:26.909265041 CET8.8.8.8192.168.2.230x9a72No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:28.454912901 CET8.8.8.8192.168.2.230x9588No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:28.578562021 CET8.8.8.8192.168.2.230x7374No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:30.128303051 CET8.8.8.8192.168.2.230xe328No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false
                                                        Dec 29, 2024 00:03:30.263715029 CET8.8.8.8192.168.2.230xf7b9No error (0)raw.intenseapi.com193.200.78.37A (IP address)IN (0x0001)false

                                                        System Behavior

                                                        General

                                                        Start time (UTC):23:02:45
                                                        Start date (UTC):28/12/2024
                                                        Path:/tmp/Aqua.dbg.elf
                                                        Arguments:/tmp/Aqua.dbg.elf
                                                        File size:59264 bytes
                                                        MD5 hash:508628e4841a44a7322afda52e41d4dd

                                                        Chronological Activities