Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
x86.elf

Overview

General Information

Sample name:x86.elf
Analysis ID:1581800
MD5:92b80338268fbd97f2994bad4c4e98d6
SHA1:289d89e8a7c944bb18f5119ababb276f49f1e2f1
SHA256:06858102f6c443b53241baa576c4ecfce5c61bd729379fea88a40323227ee34a
Tags:elfuser-abuse_ch
Infos:

Detection

Score:60
Range:0 - 100
Whitelisted:false

Signatures

Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Machine Learning detection for sample
Detected TCP or UDP traffic on non-standard ports
Sample has stripped symbol table
Yara signature match

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1581800
Start date and time:2024-12-29 01:07:06 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 4m 20s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:x86.elf
Detection:MAL
Classification:mal60.linELF@0/0@21/0

Runtime Messages

Command:/tmp/x86.elf
PID:5434
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
have onna deez nutz
Standard Error:

Process Tree

  • system is lnxubuntu20
  • x86.elf (PID: 5434, Parent: 5357, MD5: 92b80338268fbd97f2994bad4c4e98d6) Arguments: /tmp/x86.elf
    • x86.elf New Fork (PID: 5435, Parent: 5434)
      • x86.elf New Fork (PID: 5436, Parent: 5435)
  • cleanup

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
x86.elfLinux_Trojan_Mirai_b14f4c5dunknownunknown
  • 0x3d60:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
x86.elfLinux_Trojan_Mirai_88de437funknownunknown
  • 0x5472:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
x86.elfLinux_Trojan_Mirai_cc93863bunknownunknown
  • 0x7066:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
x86.elfLinux_Trojan_Mirai_8aa7b5d3unknownunknown
  • 0x5442:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88

Memory Dumps

SourceRuleDescriptionAuthorStrings
5434.1.0000000008048000.0000000008054000.r-x.sdmpLinux_Trojan_Mirai_b14f4c5dunknownunknown
  • 0x3d60:$a: 53 31 DB 8B 4C 24 0C 8B 54 24 08 83 F9 01 76 15 66 8B 02 83 E9 02 25 FF FF 00 00 83 C2 02 01 C3 83 F9 01 77 EB 49 75 05 0F BE 02 01 C3
5434.1.0000000008048000.0000000008054000.r-x.sdmpLinux_Trojan_Mirai_88de437funknownunknown
  • 0x5472:$a: 24 08 8B 4C 24 04 85 D2 74 0D 31 C0 89 F6 C6 04 08 00 40 39 D0
5434.1.0000000008048000.0000000008054000.r-x.sdmpLinux_Trojan_Mirai_cc93863bunknownunknown
  • 0x7066:$a: C3 57 8B 44 24 0C 8B 4C 24 10 8B 7C 24 08 F3 AA 8B 44 24 08
5434.1.0000000008048000.0000000008054000.r-x.sdmpLinux_Trojan_Mirai_8aa7b5d3unknownunknown
  • 0x5442:$a: 8B 4C 24 14 8B 74 24 0C 8B 5C 24 10 85 C9 74 0D 31 D2 8A 04 1A 88

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for submitted file
Source: x86.elfReversingLabs: Detection: 31%
Source: x86.elfVirustotal: Detection: 22%Perma Link
Machine Learning detection for sample
Source: x86.elfJoe Sandbox ML: detected
Source: global trafficTCP traffic: 192.168.2.13:58832 -> 83.222.191.146:33211
Source: global trafficDNS traffic detected: DNS query: secure-network-rebirthltd.ru

System Summary

barindex
Malicious sample detected (through community Yara rule)
Source: x86.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: x86.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: x86.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: x86.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: 5434.1.0000000008048000.0000000008054000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_b14f4c5d Author: unknown
Source: 5434.1.0000000008048000.0000000008054000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_88de437f Author: unknown
Source: 5434.1.0000000008048000.0000000008054000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_cc93863b Author: unknown
Source: 5434.1.0000000008048000.0000000008054000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_8aa7b5d3 Author: unknown
Source: ELF static info symbol of initial sample.symtab present: no
Source: x86.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: x86.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: x86.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: 5434.1.0000000008048000.0000000008054000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_b14f4c5d os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = a70d052918dd2fbc66db241da6438015130f0fb6929229bfe573546fe98da817, id = b14f4c5d-054f-46e6-9fa8-3588f1ef68b7, last_modified = 2021-09-16
Source: 5434.1.0000000008048000.0000000008054000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_88de437f reference_sample = 8dc745a6de6f319cd6021c3e147597315cc1be02099d78fc8aae94de0e1e4bc6, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = c19eb595c2b444a809bef8500c20342c9f46694d3018e268833f9b884133a1ea, id = 88de437f-9c98-4e1d-96c0-7b433c99886a, last_modified = 2021-09-16
Source: 5434.1.0000000008048000.0000000008054000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_cc93863b reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = f3ecd30f0b511a8e92cfa642409d559e7612c3f57a1659ca46c77aca809a00ac, id = cc93863b-1050-40ba-9d02-5ec9ce6a3a28, last_modified = 2022-01-26
Source: 5434.1.0000000008048000.0000000008054000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Mirai_8aa7b5d3 reference_sample = 5217f2a46cb93946e04ab00e385ad0fe0a2844b6ea04ef75ee9187aac3f3d52f, os = linux, severity = x86, creation_date = 2022-01-05, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = 02a2c18c362df4b1fceb33f3b605586514ba9a00c7afedf71c04fa54d8146444, id = 8aa7b5d3-e1eb-4b55-b36a-0d3a242c06e9, last_modified = 2022-01-26
Source: classification engineClassification label: mal60.linELF@0/0@21/0

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath InterceptionPath InterceptionDirect Volume AccessOS Credential DumpingSystem Service DiscoveryRemote ServicesData from Local System1
Non-Standard Port		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive1
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact

Malware Configuration

No configs have been found

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Number of created Files
  • Is malicious
  • Internet

Screenshots

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
x86.elf32%ReversingLabsLinux.Backdoor.Mirai
x86.elf23%VirustotalBrowse
x86.elf100%Joe Sandbox ML

Dropped Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
secure-network-rebirthltd.ru
83.222.191.146
truefalse
    		high

    World Map of Contacted IPs

    • No. of IPs < 25%
    • 25% < No. of IPs < 50%
    • 50% < No. of IPs < 75%
    • 75% < No. of IPs

    Public IPs

    IPDomainCountryFlagASNASN NameMalicious
    83.222.191.146
    		secure-network-rebirthltd.ruBulgaria
    		43561NET1-ASBGfalse

    Joe Sandbox View / Context

    IPs

    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
    83.222.191.146dlr.arm6.elfGet hashmaliciousGafgytBrowse
    • /binaries/arm6
    dlr.mpsl.elfGet hashmaliciousGafgytBrowse
    • /binaries/mpsl
    dlr.arm7.elfGet hashmaliciousUnknownBrowse
    • /binaries/arm7
    dlr.mips.elfGet hashmaliciousGafgytBrowse
    • /binaries/mips

    Domains

    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
    secure-network-rebirthltd.rux86_64.elfGet hashmaliciousUnknownBrowse
    • 83.222.191.146
    arm5.elfGet hashmaliciousUnknownBrowse
    • 83.222.191.146
    m68k.elfGet hashmaliciousUnknownBrowse
    • 83.222.191.146
    arm4.elfGet hashmaliciousUnknownBrowse
    • 83.222.191.146
    arm7.elfGet hashmaliciousMiraiBrowse
    • 83.222.191.146
    spc.elfGet hashmaliciousUnknownBrowse
    • 83.222.191.146
    mpsl.elfGet hashmaliciousUnknownBrowse
    • 83.222.191.146
    mips.elfGet hashmaliciousUnknownBrowse
    • 83.222.191.146
    x86_64.elfGet hashmaliciousGafgytBrowse
    • 83.222.191.146
    mpsl.elfGet hashmaliciousGafgytBrowse
    • 83.222.191.146

    ASNs

    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
    NET1-ASBGx86_64.elfGet hashmaliciousUnknownBrowse
    • 83.222.191.146
    arm5.elfGet hashmaliciousUnknownBrowse
    • 83.222.191.146
    m68k.elfGet hashmaliciousUnknownBrowse
    • 83.222.191.146
    arm4.elfGet hashmaliciousUnknownBrowse
    • 83.222.191.146
    arm7.elfGet hashmaliciousMiraiBrowse
    • 83.222.191.146
    spc.elfGet hashmaliciousUnknownBrowse
    • 83.222.191.146
    mpsl.elfGet hashmaliciousUnknownBrowse
    • 83.222.191.146
    mips.elfGet hashmaliciousUnknownBrowse
    • 83.222.191.146
    x86_64.elfGet hashmaliciousGafgytBrowse
    • 83.222.191.146
    dlr.arm6.elfGet hashmaliciousGafgytBrowse
    • 83.222.191.146

    JA3 Fingerprints

    No context

    Dropped Files

    No context

    Created / dropped Files

    No created / dropped files found

    Static File Info

    General

    File type:ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, stripped
    Entropy (8bit):6.474896081221385
    TrID:
    • ELF Executable and Linkable format (Linux) (4029/14) 50.16%
    • ELF Executable and Linkable format (generic) (4004/1) 49.84%
    File name:x86.elf
    File size:47'248 bytes
    MD5:92b80338268fbd97f2994bad4c4e98d6
    SHA1:289d89e8a7c944bb18f5119ababb276f49f1e2f1
    SHA256:06858102f6c443b53241baa576c4ecfce5c61bd729379fea88a40323227ee34a
    SHA512:456c4e72d9d56fcef1d3b03852f54fdd46959bf93ef8c2fd80ec10664519c07fe840182c808763d6ff668d3935f854111bd9ac1029bf086ee9fef84d5a75d1fb
    SSDEEP:768:a54i9LjisyJzrSONOiOnAo00nBnMwdz3j1QfaeRXngtzY6sK86mSMIC:a54i9LjisyJzOO8iOnPnBnhhzOngtM6G
    TLSH:AE236CC8B543D5F1FC170475207BF7379B72F53A0029EEA7C759E632AC92A01A51629C
    File Content Preview:.ELF....................d...4...........4. ...(..............................................D...D.......&..........Q.td............................U..S.......7....h........[]...$.............U......=.F...t..5.....D......D......u........t....h.4..........

    Static ELF Info

    ELF header

    Class:ELF32
    Data:2's complement, little endian
    Version:1 (current)
    Machine:Intel 80386
    Version Number:0x1
    Type:EXEC (Executable file)
    OS/ABI:UNIX - System V
    ABI Version:0
    Entry Point Address:0x8048164
    Flags:0x0
    ELF Header Size:52
    Program Header Offset:52
    Program Header Size:32
    Number of Program Headers:3
    Section Header Offset:46848
    Section Header Size:40
    Number of Section Headers:10
    Header String Table Index:9

    Sections

    NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
    NULL0x00x00x00x00x0000
    .initPROGBITS0x80480940x940x1c0x00x6AX001
    .textPROGBITS0x80480b00xb00xa0260x00x6AX0016
    .finiPROGBITS0x80520d60xa0d60x170x00x6AX001
    .rodataPROGBITS0x80521000xa1000x13bc0x00x2A0032
    .ctorsPROGBITS0x80544c00xb4c00x80x00x3WA004
    .dtorsPROGBITS0x80544c80xb4c80x80x00x3WA004
    .dataPROGBITS0x80544e00xb4e00x1e00x00x3WA0032
    .bssNOBITS0x80546c00xb6c00x24c00x00x3WA0032
    .shstrtabSTRTAB0x00xb6c00x3e0x00x0001

    Program Segments

    TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
    LOAD0x00x80480000x80480000xb4bc0xb4bc6.52350x5R E0x1000.init .text .fini .rodata
    LOAD0xb4c00x80544c00x80544c00x2000x26c02.13240x6RW 0x1000.ctors .dtors .data .bss
    GNU_STACK0x00x00x00x00x00.00000x6RW 0x4

    Network Behavior

    Network Port Distribution

    TCP Packets

    TimestampSource PortDest PortSource IPDest IP
    Dec 29, 2024 01:07:52.452259064 CET5883233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:52.571700096 CET332115883283.222.191.146192.168.2.13
    Dec 29, 2024 01:07:52.571768045 CET5883233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:52.571803093 CET5883233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:52.691293955 CET332115883283.222.191.146192.168.2.13
    Dec 29, 2024 01:07:52.691440105 CET5883233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:52.810916901 CET332115883283.222.191.146192.168.2.13
    Dec 29, 2024 01:07:53.918230057 CET332115883283.222.191.146192.168.2.13
    Dec 29, 2024 01:07:53.918296099 CET5883233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:53.918323040 CET5883233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:55.157047033 CET5883433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:55.276480913 CET332115883483.222.191.146192.168.2.13
    Dec 29, 2024 01:07:55.276635885 CET5883433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:55.276655912 CET5883433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:55.396150112 CET332115883483.222.191.146192.168.2.13
    Dec 29, 2024 01:07:55.396301985 CET5883433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:55.516253948 CET332115883483.222.191.146192.168.2.13
    Dec 29, 2024 01:07:56.648314953 CET332115883483.222.191.146192.168.2.13
    Dec 29, 2024 01:07:56.648509026 CET5883433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:56.648509026 CET5883433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:58.049019098 CET5883633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:58.168833971 CET332115883683.222.191.146192.168.2.13
    Dec 29, 2024 01:07:58.168904066 CET5883633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:58.168925047 CET5883633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:58.337327957 CET332115883683.222.191.146192.168.2.13
    Dec 29, 2024 01:07:58.337557077 CET5883633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:58.457349062 CET332115883683.222.191.146192.168.2.13
    Dec 29, 2024 01:07:59.564039946 CET332115883683.222.191.146192.168.2.13
    Dec 29, 2024 01:07:59.564209938 CET5883633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:07:59.564268112 CET5883633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:00.700571060 CET5883833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:00.820045948 CET332115883883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:00.820122957 CET5883833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:00.820358038 CET5883833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:00.939913988 CET332115883883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:00.940054893 CET5883833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:01.059612036 CET332115883883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:02.213407993 CET332115883883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:02.213527918 CET5883833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:02.213617086 CET5883833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:03.454014063 CET5884033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:03.573627949 CET332115884083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:03.573833942 CET5884033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:03.573833942 CET5884033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:03.693361998 CET332115884083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:03.693669081 CET5884033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:03.813123941 CET332115884083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:04.873995066 CET332115884083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:04.874142885 CET5884033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:04.874161959 CET5884033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:06.009398937 CET5884233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:06.129189968 CET332115884283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:06.129338980 CET5884233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:06.129338980 CET5884233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:06.248889923 CET332115884283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:06.248941898 CET5884233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:06.368489027 CET332115884283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:07.476178885 CET332115884283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:07.476528883 CET5884233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:07.476548910 CET5884233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:08.611835957 CET5884433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:08.731343031 CET332115884483.222.191.146192.168.2.13
    Dec 29, 2024 01:08:08.731609106 CET5884433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:08.731868982 CET5884433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:08.851267099 CET332115884483.222.191.146192.168.2.13
    Dec 29, 2024 01:08:08.851479053 CET5884433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:08.971050024 CET332115884483.222.191.146192.168.2.13
    Dec 29, 2024 01:08:10.077899933 CET332115884483.222.191.146192.168.2.13
    Dec 29, 2024 01:08:10.078134060 CET5884433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:10.078134060 CET5884433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:11.213505983 CET5884633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:11.332995892 CET332115884683.222.191.146192.168.2.13
    Dec 29, 2024 01:08:11.333301067 CET5884633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:11.333301067 CET5884633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:11.452836037 CET332115884683.222.191.146192.168.2.13
    Dec 29, 2024 01:08:11.452903986 CET5884633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:11.572550058 CET332115884683.222.191.146192.168.2.13
    Dec 29, 2024 01:08:17.646544933 CET5884833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:17.766079903 CET332115884883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:17.766140938 CET5884833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:17.766164064 CET5884833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:17.885735035 CET332115884883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:17.885920048 CET5884833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:18.005438089 CET332115884883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:19.118689060 CET332115884883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:19.118822098 CET5884833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:19.118870020 CET5884833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:20.243247032 CET5885033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:20.362910032 CET332115885083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:20.363183975 CET5885033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:20.363274097 CET5885033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:20.482887983 CET332115885083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:20.483052015 CET5885033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:20.602596045 CET332115885083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:21.343377113 CET5884633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:21.463150978 CET332115884683.222.191.146192.168.2.13
    Dec 29, 2024 01:08:21.716259003 CET332115885083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:21.716362953 CET5885033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:21.716362953 CET5885033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:21.783440113 CET332115884683.222.191.146192.168.2.13
    Dec 29, 2024 01:08:21.783489943 CET5884633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:22.956738949 CET5885233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:23.076498032 CET332115885283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:23.076723099 CET5885233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:23.076759100 CET5885233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:23.196578026 CET332115885283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:23.196741104 CET5885233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:23.316227913 CET332115885283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:24.377423048 CET332115885283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:24.377674103 CET5885233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:24.377772093 CET5885233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:25.514058113 CET5885433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:25.633583069 CET332115885483.222.191.146192.168.2.13
    Dec 29, 2024 01:08:25.633971930 CET5885433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:25.633971930 CET5885433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:25.753542900 CET332115885483.222.191.146192.168.2.13
    Dec 29, 2024 01:08:25.753787041 CET5885433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:25.873328924 CET332115885483.222.191.146192.168.2.13
    Dec 29, 2024 01:08:27.025964022 CET332115885483.222.191.146192.168.2.13
    Dec 29, 2024 01:08:27.026180983 CET5885433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:27.026240110 CET5885433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:28.162775040 CET5885633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:28.282494068 CET332115885683.222.191.146192.168.2.13
    Dec 29, 2024 01:08:28.282762051 CET5885633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:28.282861948 CET5885633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:28.402313948 CET332115885683.222.191.146192.168.2.13
    Dec 29, 2024 01:08:28.402426004 CET5885633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:28.521958113 CET332115885683.222.191.146192.168.2.13
    Dec 29, 2024 01:08:29.644599915 CET332115885683.222.191.146192.168.2.13
    Dec 29, 2024 01:08:29.644735098 CET5885633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:29.644785881 CET5885633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:30.780277967 CET5885833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:30.899816990 CET332115885883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:30.899897099 CET5885833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:30.899921894 CET5885833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:31.019442081 CET332115885883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:31.019495010 CET5885833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:31.139153957 CET332115885883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:32.200212002 CET332115885883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:32.200458050 CET5885833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:32.200516939 CET5885833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:33.336045027 CET5886033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:33.455605984 CET332115886083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:33.455725908 CET5886033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:33.455873966 CET5886033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:33.575510025 CET332115886083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:33.575617075 CET5886033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:33.695302963 CET332115886083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:35.001211882 CET332115886083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:35.001353979 CET5886033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:35.001373053 CET5886033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:35.045233965 CET332115886083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:35.045294046 CET5886033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:36.136831999 CET5886233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:36.256479025 CET332115886283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:36.256639004 CET5886233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:36.256660938 CET5886233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:36.376378059 CET332115886283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:36.376429081 CET5886233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:36.496109962 CET332115886283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:37.664289951 CET332115886283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:37.664391041 CET5886233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:37.664391041 CET5886233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:38.800914049 CET5886433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:38.920391083 CET332115886483.222.191.146192.168.2.13
    Dec 29, 2024 01:08:38.920466900 CET5886433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:38.920480967 CET5886433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:39.039961100 CET332115886483.222.191.146192.168.2.13
    Dec 29, 2024 01:08:39.040013075 CET5886433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:39.159610033 CET332115886483.222.191.146192.168.2.13
    Dec 29, 2024 01:08:40.317409992 CET332115886483.222.191.146192.168.2.13
    Dec 29, 2024 01:08:40.317586899 CET5886433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:40.317625999 CET5886433211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:41.453114986 CET5886633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:41.575467110 CET332115886683.222.191.146192.168.2.13
    Dec 29, 2024 01:08:41.575541019 CET5886633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:41.575645924 CET5886633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:41.695180893 CET332115886683.222.191.146192.168.2.13
    Dec 29, 2024 01:08:41.695236921 CET5886633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:41.814917088 CET332115886683.222.191.146192.168.2.13
    Dec 29, 2024 01:08:42.876127005 CET332115886683.222.191.146192.168.2.13
    Dec 29, 2024 01:08:42.876281023 CET5886633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:42.876355886 CET5886633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:44.116324902 CET5886833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:44.235838890 CET332115886883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:44.236078024 CET5886833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:44.236181974 CET5886833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:44.355586052 CET332115886883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:44.355726957 CET5886833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:44.475269079 CET332115886883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:45.641390085 CET332115886883.222.191.146192.168.2.13
    Dec 29, 2024 01:08:45.641514063 CET5886833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:45.641566038 CET5886833211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:46.777515888 CET5887033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:46.897085905 CET332115887083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:46.897166014 CET5887033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:46.897294998 CET5887033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:47.016936064 CET332115887083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:47.016992092 CET5887033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:47.136651993 CET332115887083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:48.243753910 CET332115887083.222.191.146192.168.2.13
    Dec 29, 2024 01:08:48.243849039 CET5887033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:48.243995905 CET5887033211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:49.379698992 CET5887233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:49.499258995 CET332115887283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:49.499335051 CET5887233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:49.499450922 CET5887233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:49.619151115 CET332115887283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:49.619332075 CET5887233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:49.738847971 CET332115887283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:59.509577036 CET5887233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:08:59.629410028 CET332115887283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:59.940134048 CET332115887283.222.191.146192.168.2.13
    Dec 29, 2024 01:08:59.940382957 CET5887233211192.168.2.1383.222.191.146
    Dec 29, 2024 01:09:21.835551977 CET5884633211192.168.2.1383.222.191.146
    Dec 29, 2024 01:09:21.957488060 CET332115884683.222.191.146192.168.2.13
    Dec 29, 2024 01:09:22.275846958 CET332115884683.222.191.146192.168.2.13
    Dec 29, 2024 01:09:22.276138067 CET5884633211192.168.2.1383.222.191.146

    UDP Packets

    TimestampSource PortDest PortSource IPDest IP
    Dec 29, 2024 01:07:52.215197086 CET4668353192.168.2.138.8.8.8
    Dec 29, 2024 01:07:52.452153921 CET53466838.8.8.8192.168.2.13
    Dec 29, 2024 01:07:54.919317961 CET4608453192.168.2.138.8.8.8
    Dec 29, 2024 01:07:55.156816959 CET53460848.8.8.8192.168.2.13
    Dec 29, 2024 01:07:57.649430990 CET5789153192.168.2.138.8.8.8
    Dec 29, 2024 01:07:58.048823118 CET53578918.8.8.8192.168.2.13
    Dec 29, 2024 01:08:00.566540003 CET4468353192.168.2.138.8.8.8
    Dec 29, 2024 01:08:00.700350046 CET53446838.8.8.8192.168.2.13
    Dec 29, 2024 01:08:03.215189934 CET5139653192.168.2.138.8.8.8
    Dec 29, 2024 01:08:03.453797102 CET53513968.8.8.8192.168.2.13
    Dec 29, 2024 01:08:05.875346899 CET5586453192.168.2.138.8.8.8
    Dec 29, 2024 01:08:06.009222984 CET53558648.8.8.8192.168.2.13
    Dec 29, 2024 01:08:08.477915049 CET3368153192.168.2.138.8.8.8
    Dec 29, 2024 01:08:08.611604929 CET53336818.8.8.8192.168.2.13
    Dec 29, 2024 01:08:11.079560041 CET5481553192.168.2.138.8.8.8
    Dec 29, 2024 01:08:11.213298082 CET53548158.8.8.8192.168.2.13
    Dec 29, 2024 01:08:17.249125004 CET3290653192.168.2.138.8.8.8
    Dec 29, 2024 01:08:17.646446943 CET53329068.8.8.8192.168.2.13
    Dec 29, 2024 01:08:20.120217085 CET5312253192.168.2.138.8.8.8
    Dec 29, 2024 01:08:20.242964029 CET53531228.8.8.8192.168.2.13
    Dec 29, 2024 01:08:22.717556000 CET4195253192.168.2.138.8.8.8
    Dec 29, 2024 01:08:22.956640959 CET53419528.8.8.8192.168.2.13
    Dec 29, 2024 01:08:25.379539013 CET5916553192.168.2.138.8.8.8
    Dec 29, 2024 01:08:25.513746023 CET53591658.8.8.8192.168.2.13
    Dec 29, 2024 01:08:28.027865887 CET6081853192.168.2.138.8.8.8
    Dec 29, 2024 01:08:28.162453890 CET53608188.8.8.8192.168.2.13
    Dec 29, 2024 01:08:30.646369934 CET3587253192.168.2.138.8.8.8
    Dec 29, 2024 01:08:30.780189991 CET53358728.8.8.8192.168.2.13
    Dec 29, 2024 01:08:33.201977015 CET4628153192.168.2.138.8.8.8
    Dec 29, 2024 01:08:33.335864067 CET53462818.8.8.8192.168.2.13
    Dec 29, 2024 01:08:36.002609015 CET4750353192.168.2.138.8.8.8
    Dec 29, 2024 01:08:36.136763096 CET53475038.8.8.8192.168.2.13
    Dec 29, 2024 01:08:38.665515900 CET5416753192.168.2.138.8.8.8
    Dec 29, 2024 01:08:38.800781965 CET53541678.8.8.8192.168.2.13
    Dec 29, 2024 01:08:41.319089890 CET4159353192.168.2.138.8.8.8
    Dec 29, 2024 01:08:41.452920914 CET53415938.8.8.8192.168.2.13
    Dec 29, 2024 01:08:43.877226114 CET4834053192.168.2.138.8.8.8
    Dec 29, 2024 01:08:44.115989923 CET53483408.8.8.8192.168.2.13
    Dec 29, 2024 01:08:46.642874956 CET5309953192.168.2.138.8.8.8
    Dec 29, 2024 01:08:46.777292967 CET53530998.8.8.8192.168.2.13
    Dec 29, 2024 01:08:49.245424986 CET5523953192.168.2.138.8.8.8
    Dec 29, 2024 01:08:49.379291058 CET53552398.8.8.8192.168.2.13

    DNS Queries

    TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
    Dec 29, 2024 01:07:52.215197086 CET192.168.2.138.8.8.80x30b0Standard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:07:54.919317961 CET192.168.2.138.8.8.80x515dStandard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:07:57.649430990 CET192.168.2.138.8.8.80x416bStandard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:00.566540003 CET192.168.2.138.8.8.80x400bStandard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:03.215189934 CET192.168.2.138.8.8.80x1d4cStandard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:05.875346899 CET192.168.2.138.8.8.80xe73dStandard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:08.477915049 CET192.168.2.138.8.8.80xfe5dStandard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:11.079560041 CET192.168.2.138.8.8.80xc20eStandard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:17.249125004 CET192.168.2.138.8.8.80x30b0Standard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:20.120217085 CET192.168.2.138.8.8.80x515dStandard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:22.717556000 CET192.168.2.138.8.8.80x416bStandard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:25.379539013 CET192.168.2.138.8.8.80x400bStandard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:28.027865887 CET192.168.2.138.8.8.80x1d4cStandard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:30.646369934 CET192.168.2.138.8.8.80xe73dStandard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:33.201977015 CET192.168.2.138.8.8.80xfe5dStandard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:36.002609015 CET192.168.2.138.8.8.80xc20eStandard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:38.665515900 CET192.168.2.138.8.8.80xf4f5Standard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:41.319089890 CET192.168.2.138.8.8.80x78e9Standard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:43.877226114 CET192.168.2.138.8.8.80x4b64Standard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:46.642874956 CET192.168.2.138.8.8.80xdc57Standard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:49.245424986 CET192.168.2.138.8.8.80x5796Standard query (0)secure-network-rebirthltd.ruA (IP address)IN (0x0001)false

    DNS Answers

    TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
    Dec 29, 2024 01:07:52.452153921 CET8.8.8.8192.168.2.130x30b0No error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:07:55.156816959 CET8.8.8.8192.168.2.130x515dNo error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:07:58.048823118 CET8.8.8.8192.168.2.130x416bNo error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:00.700350046 CET8.8.8.8192.168.2.130x400bNo error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:03.453797102 CET8.8.8.8192.168.2.130x1d4cNo error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:06.009222984 CET8.8.8.8192.168.2.130xe73dNo error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:08.611604929 CET8.8.8.8192.168.2.130xfe5dNo error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:11.213298082 CET8.8.8.8192.168.2.130xc20eNo error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:17.646446943 CET8.8.8.8192.168.2.130x30b0No error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:20.242964029 CET8.8.8.8192.168.2.130x515dNo error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:22.956640959 CET8.8.8.8192.168.2.130x416bNo error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:25.513746023 CET8.8.8.8192.168.2.130x400bNo error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:28.162453890 CET8.8.8.8192.168.2.130x1d4cNo error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:30.780189991 CET8.8.8.8192.168.2.130xe73dNo error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:33.335864067 CET8.8.8.8192.168.2.130xfe5dNo error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:36.136763096 CET8.8.8.8192.168.2.130xc20eNo error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:38.800781965 CET8.8.8.8192.168.2.130xf4f5No error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:41.452920914 CET8.8.8.8192.168.2.130x78e9No error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:44.115989923 CET8.8.8.8192.168.2.130x4b64No error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:46.777292967 CET8.8.8.8192.168.2.130xdc57No error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false
    Dec 29, 2024 01:08:49.379291058 CET8.8.8.8192.168.2.130x5796No error (0)secure-network-rebirthltd.ru83.222.191.146A (IP address)IN (0x0001)false

    System Behavior

    General

    Start time (UTC):00:07:50
    Start date (UTC):29/12/2024
    Path:/tmp/x86.elf
    Arguments:/tmp/x86.elf
    File size:47248 bytes
    MD5 hash:92b80338268fbd97f2994bad4c4e98d6

    Chronological Activities


    General

    Start time (UTC):00:07:51
    Start date (UTC):29/12/2024
    Path:/tmp/x86.elf
    Arguments:-
    File size:47248 bytes
    MD5 hash:92b80338268fbd97f2994bad4c4e98d6

    Chronological Activities


    General

    Start time (UTC):00:07:51
    Start date (UTC):29/12/2024
    Path:/tmp/x86.elf
    Arguments:-
    File size:47248 bytes
    MD5 hash:92b80338268fbd97f2994bad4c4e98d6

    Chronological Activities