Edit tour
Windows
Analysis Report
1.exe
Overview
General Information
| Sample name: | 1.exe |
| Analysis ID: | 1583283 |
| MD5: | 9afad044f9ff1201826fb08e602d3e1d |
| SHA1: | e10ffb85d9252ae4067708553ec07141b85e8d58 |
| SHA256: | d2f3bf1f985fdd93088380843143d235c55b7188b99d7e728a1c49f8cbeb0a9e |
| Tags: | CobaltStrikeexemalwareuser-Joker |
| Infos: |  |
 | |
Detection
CobaltStrike
| Score: | 100 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Antivirus / Scanner detection for submitted sample
Found malware configuration
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Yara detected CobaltStrike
AI detected suspicious sample
C2 URLs / IPs found in malware configuration
Installs new ROOT certificates
Machine Learning detection for sample
Contains functionality to call native functions
Detected potential crypto function
Internet Provider seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Monitors certain registry keys / values for changes (often done to protect autostart functionality)
PE file contains more sections than normal
PE file contains sections with non-standard names
Program does not show much activity (idle)
Sample file is different than original file name gathered from version info
Stores large binary data to the registry
Suricata IDS alerts with low severity for network traffic
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Yara signature match
Classification
- System is w10x64
1.exe (PID: 5540 cmdline: "C:\Users\ user\Deskt op\1.exe" MD5: 9AFAD044F9FF1201826FB08E602D3E1D)
- cleanup
| Name | Description | Attribution | Blogpost URLs | Link |
|---|---|---|---|---|
| Cobalt Strike, CobaltStrike | Cobalt Strike is a paid penetration testing product that allows an attacker to deploy an agent named 'Beacon' on the victim machine. Beacon includes a wealth of functionality to the attacker, including, but not limited to command execution, key logging, file transfer, SOCKS proxying, privilege escalation, mimikatz, port scanning and lateral movement. Beacon is in-memory/file-less, in that it consists of stageless or multi-stage shellcode that once loaded by exploiting a vulnerability or executing a shellcode loader, will reflectively load itself into the memory of a process without touching the disk. It supports C2 and staging over HTTP, HTTPS, DNS, SMB named pipes as well as forward and reverse TCP; Beacons can be daisy-chained. Cobalt Strike comes with a toolkit for developing shellcode loaders, called Artifact Kit.The Beacon implant has become popular amongst targeted attackers and criminal users as it is well written, stable, and highly customizable. |
{"BeaconType": ["HTTPS"], "Port": 443, "SleepTime": 10000, "MaxGetSize": 1403644, "Jitter": 37, "MaxDNS": "Not Found", "C2Server": "45.116.78.127,/jquery-3.3.1.min.js", "UserAgent": "Not Found", "HttpPostUri": "Not Found", "Malleable_C2_Instructions": "Not Found", "HttpGet_Metadata": "Not Found", "HttpPost_Metadata": "Not Found", "PipeName": "Not Found", "DNS_Idle": "Not Found", "DNS_Sleep": "Not Found", "SSH_Host": "Not Found", "SSH_Port": "Not Found", "SSH_Username": "Not Found", "SSH_Password_Plaintext": "Not Found", "SSH_Password_Pubkey": "Not Found", "HttpGet_Verb": "GET", "HttpPost_Verb": "POST", "HttpPostChunk": 0, "Spawnto_x86": "%windir%\\syswow64\\dllhost.exe", "Spawnto_x64": "%windir%\\sysnative\\dllhost.exe", "CryptoScheme": 0, "Proxy_Config": "Not Found", "Proxy_User": "Not Found", "Proxy_Password": "Not Found", "Proxy_Behavior": "Not Found", "Watermark": 100000000, "bStageCleanup": "True", "bCFGCaution": "False", "KillDate": "Not Found", "bProcInject_StartRWX": "Not Found", "bProcInject_UseRWX": "Not Found", "bProcInject_MinAllocSize": "Not Found", "ProcInject_PrependAppend_x86": "Not Found", "ProcInject_PrependAppend_x64": "Not Found", "ProcInject_Execute": "Not Found", "ProcInject_AllocationMethod": "Not Found", "bUsesCookies": "Not Found", "HostHeader": "Not Found"}| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_CobaltStrike_3 | Yara detected CobaltStrike | Joe Security | ||
| JoeSecurity_CobaltStrike_3 | Yara detected CobaltStrike | Joe Security | ||
| Windows_Trojan_CobaltStrike_663fc95d | Identifies CobaltStrike via unidentified function code | unknown |
| |
| Windows_Trojan_CobaltStrike_b54b94ac | Rule for beacon sleep obfuscation routine | unknown |
| |
| JoeSecurity_CobaltStrike_3 | Yara detected CobaltStrike | Joe Security | ||
| Click to see the 2 entries | ||||
⊘No Sigma rule has matched
| Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2025-01-02T10:34:00.428365+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49704 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:09.748404+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49705 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:11.637389+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49706 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:13.557834+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49707 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:15.540284+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49708 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:17.647622+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49714 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:19.572535+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49717 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:21.519447+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49728 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:23.397687+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49739 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:25.327733+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49755 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:27.236320+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49766 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:29.151741+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49782 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:31.044480+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49794 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:32.900275+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49809 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:34.809395+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49822 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:36.675522+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49836 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:38.585436+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49849 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:40.544573+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49863 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:42.434575+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49878 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:44.430146+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49890 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:46.361190+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49906 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:48.315748+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49918 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:50.274161+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49933 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:52.701561+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49945 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:54.643270+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49962 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:56.589408+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49978 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:58.519753+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 49989 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:00.428509+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50003 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:02.397660+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50004 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:04.283634+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50005 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:06.243736+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50006 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:08.085295+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50007 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:09.896562+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50008 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:11.765317+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50009 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:13.334887+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50010 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:15.081504+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50011 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:17.044023+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50012 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:19.139603+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50013 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:21.913780+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50014 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:23.901675+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50015 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:25.816225+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50016 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:27.731440+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50017 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:29.605768+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50018 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:31.486285+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50019 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:34.183638+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50020 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:36.097843+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50021 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:38.162854+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50022 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:39.937789+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50023 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:41.839749+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50024 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:43.792569+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50025 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:45.480638+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50026 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:47.399653+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50027 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:49.391791+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50028 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:51.318409+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50029 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:53.183655+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50030 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:55.109773+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50031 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:57.023569+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50032 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:58.954272+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50033 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:36:00.904156+0100 | 2028765 | 3 | Unknown Traffic | 192.168.2.5 | 50034 | 45.116.78.127 | 443 | TCP |
| Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2025-01-02T10:34:01.092715+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49704 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:10.434039+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49705 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:12.343974+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49706 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:14.238635+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49707 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:16.239468+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49708 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:18.316328+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49714 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:20.255143+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49717 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:22.192772+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49728 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:24.107141+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49739 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:26.034082+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49755 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:27.937620+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49766 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:29.816572+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49782 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:31.706974+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49794 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:33.555179+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49809 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:35.465882+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49822 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:37.338965+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49836 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:39.287641+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49849 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:41.211719+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49863 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:43.153663+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49878 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:45.134788+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49890 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:47.129666+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49906 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:48.979834+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49918 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:50.944422+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49933 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:53.351892+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49945 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:55.316109+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49962 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:57.256975+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49978 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:59.189687+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 49989 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:01.105692+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50003 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:03.061089+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50004 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:04.954043+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50005 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:06.909697+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50006 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:08.737331+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50007 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:10.420539+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50008 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:12.243598+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50009 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:13.863025+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50010 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:15.776542+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50011 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:17.712476+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50012 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:19.806754+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50013 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:22.587459+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50014 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:24.575099+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50015 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:26.483418+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50016 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:28.391452+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50017 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:30.273853+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50018 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:33.002512+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50019 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:34.851482+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50020 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:36.795278+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50021 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:38.814912+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50022 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:40.639081+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50023 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:42.555830+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50024 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:44.443340+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50025 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:46.148932+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50026 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:48.093172+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50027 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:50.042937+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50028 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:51.989380+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50029 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:53.848224+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50030 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:55.773488+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50031 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:57.685330+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50032 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:59.670152+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50033 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:36:01.621895+0100 | 2033928 | 1 | A Network Trojan was detected | 192.168.2.5 | 50034 | 45.116.78.127 | 443 | TCP |
| Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2025-01-02T10:34:01.092715+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:10.434039+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49705 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:12.343974+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49706 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:14.238635+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49707 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:16.239468+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49708 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:18.316328+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49714 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:20.255143+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49717 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:22.192772+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49728 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:24.107141+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49739 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:26.034082+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49755 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:27.937620+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49766 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:29.816572+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49782 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:31.706974+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49794 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:33.555179+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49809 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:35.465882+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49822 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:37.338965+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49836 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:39.287641+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49849 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:41.211719+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49863 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:43.153663+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49878 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:45.134788+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49890 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:47.129666+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49906 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:48.979834+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49918 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:50.944422+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49933 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:53.351892+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49945 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:55.316109+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49962 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:57.256975+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49978 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:59.189687+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49989 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:01.105692+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50003 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:03.061089+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50004 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:04.954043+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50005 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:06.909697+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50006 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:08.737331+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50007 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:10.420539+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50008 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:12.243598+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50009 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:13.863025+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50010 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:15.776542+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50011 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:17.712476+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50012 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:19.806754+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50013 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:22.587459+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50014 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:24.575099+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50015 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:26.483418+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50016 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:28.391452+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50017 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:30.273853+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50018 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:33.002512+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50019 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:34.851482+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50020 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:36.795278+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50021 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:38.814912+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50022 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:40.639081+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50023 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:42.555830+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50024 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:44.443340+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50025 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:46.148932+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50026 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:48.093172+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50027 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:50.042937+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50028 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:51.989380+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50029 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:53.848224+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50030 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:55.773488+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50031 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:57.685330+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50032 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:59.670152+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50033 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:36:01.621895+0100 | 2033658 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 50034 | 45.116.78.127 | 443 | TCP |
| Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2025-01-02T10:34:01.092931+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49704 | TCP |
| 2025-01-02T10:34:10.436015+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49705 | TCP |
| 2025-01-02T10:34:12.344200+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49706 | TCP |
| 2025-01-02T10:34:14.239065+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49707 | TCP |
| 2025-01-02T10:34:16.239762+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49708 | TCP |
| 2025-01-02T10:34:18.324834+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49714 | TCP |
| 2025-01-02T10:34:20.256075+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49717 | TCP |
| 2025-01-02T10:34:22.193088+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49728 | TCP |
| 2025-01-02T10:34:24.112399+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49739 | TCP |
| 2025-01-02T10:34:26.034223+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49755 | TCP |
| 2025-01-02T10:34:27.938313+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49766 | TCP |
| 2025-01-02T10:34:29.816835+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49782 | TCP |
| 2025-01-02T10:34:31.707424+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49794 | TCP |
| 2025-01-02T10:34:33.555591+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49809 | TCP |
| 2025-01-02T10:34:35.466219+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49822 | TCP |
| 2025-01-02T10:34:37.345373+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49836 | TCP |
| 2025-01-02T10:34:39.289599+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49849 | TCP |
| 2025-01-02T10:34:41.212082+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49863 | TCP |
| 2025-01-02T10:34:43.153994+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49878 | TCP |
| 2025-01-02T10:34:45.135478+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49890 | TCP |
| 2025-01-02T10:34:47.135266+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49906 | TCP |
| 2025-01-02T10:34:48.988027+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49918 | TCP |
| 2025-01-02T10:34:50.944662+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49933 | TCP |
| 2025-01-02T10:34:53.352483+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49945 | TCP |
| 2025-01-02T10:34:55.317666+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49962 | TCP |
| 2025-01-02T10:34:57.258298+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49978 | TCP |
| 2025-01-02T10:34:59.190054+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 49989 | TCP |
| 2025-01-02T10:35:01.106608+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50003 | TCP |
| 2025-01-02T10:35:03.065114+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50004 | TCP |
| 2025-01-02T10:35:04.954891+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50005 | TCP |
| 2025-01-02T10:35:06.910071+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50006 | TCP |
| 2025-01-02T10:35:08.737598+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50007 | TCP |
| 2025-01-02T10:35:10.428495+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50008 | TCP |
| 2025-01-02T10:35:12.244025+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50009 | TCP |
| 2025-01-02T10:35:13.868644+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50010 | TCP |
| 2025-01-02T10:35:15.776816+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50011 | TCP |
| 2025-01-02T10:35:17.712836+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50012 | TCP |
| 2025-01-02T10:35:20.575136+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50013 | TCP |
| 2025-01-02T10:35:22.601054+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50014 | TCP |
| 2025-01-02T10:35:24.575376+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50015 | TCP |
| 2025-01-02T10:35:26.490360+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50016 | TCP |
| 2025-01-02T10:35:28.391743+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50017 | TCP |
| 2025-01-02T10:35:30.280709+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50018 | TCP |
| 2025-01-02T10:35:33.002755+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50019 | TCP |
| 2025-01-02T10:35:34.851723+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50020 | TCP |
| 2025-01-02T10:35:36.800172+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50021 | TCP |
| 2025-01-02T10:35:38.815252+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50022 | TCP |
| 2025-01-02T10:35:40.639319+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50023 | TCP |
| 2025-01-02T10:35:42.556071+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50024 | TCP |
| 2025-01-02T10:35:44.443519+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50025 | TCP |
| 2025-01-02T10:35:46.149196+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50026 | TCP |
| 2025-01-02T10:35:48.093491+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50027 | TCP |
| 2025-01-02T10:35:50.047585+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50028 | TCP |
| 2025-01-02T10:35:51.990056+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50029 | TCP |
| 2025-01-02T10:35:53.851213+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50030 | TCP |
| 2025-01-02T10:35:55.773742+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50031 | TCP |
| 2025-01-02T10:35:57.685613+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50032 | TCP |
| 2025-01-02T10:35:59.670445+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50033 | TCP |
| 2025-01-02T10:36:01.622123+0100 | 2033009 | 1 | Malware Command and Control Activity Detected | 45.116.78.127 | 443 | 192.168.2.5 | 50034 | TCP |
Click to jump to signature section
Show All Signature Results
AV Detection |   |
|---|
| Source: | Avira: | ||
| Source: | Malware Configuration Extractor: | ||
| Source: | Virustotal: | Perma Link | ||
| Source: | ReversingLabs: | |||
| Source: | Integrated Neural Analysis Model: | ||
| Source: | Joe Sandbox ML: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Static PE information: | ||
Networking | |
|---|
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | URLs: | ||
| Source: | ASN Name: | ||
| Source: | JA3 fingerprint: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | Suricata IDS: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | TCP traffic detected without corresponding DNS query: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
System Summary | |
|---|
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Code function: | 0_2_00007FF7AD0414D8 | |
| Source: | Code function: | 0_2_00007FF7AD044190 | |
| Source: | Code function: | 0_2_00007FF7AD045370 | |
| Source: | Code function: | 0_2_000002B66A0BFC3E | |
| Source: | Code function: | 0_2_000002B66A0CA708 | |
| Source: | Code function: | 0_2_000002B66A0D7740 | |
| Source: | Code function: | 0_2_000002B66A0BFDD6 | |
| Source: | Code function: | 0_2_000002B66A0CD384 | |
| Source: | Code function: | 0_2_000002B66A0C4820 | |
| Source: | Code function: | 0_2_000002B66A0CC888 | |
| Source: | Code function: | 0_2_000002B66A0D80B0 | |
| Source: | Code function: | 0_2_000002B66A0CC11C | |
| Source: | Static PE information: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Matched rule: | ||
| Source: | Classification label: | ||
| Source: | Static PE information: | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | Virustotal: | ||
| Source: | ReversingLabs: | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Key value queried: | Jump to behavior | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Code function: | 0_3_000002B669FB8525 | |
| Source: | Code function: | 0_3_000002B669FB451E | |
| Source: | Code function: | 0_3_000002B669FB84F6 | |
| Source: | Code function: | 0_3_000002B669FB4C8F | |
| Source: | Code function: | 0_3_000002B669FB681A | |
| Source: | Code function: | 0_3_000002B669FB5EB3 | |
| Source: | Code function: | 0_3_000002B669FB41F2 | |
| Source: | Code function: | 0_3_000002B669FB799E | |
| Source: | Code function: | 0_3_000002B669FB582A | |
| Source: | Code function: | 0_3_000002B669FB582A | |
| Source: | Code function: | 0_3_000002B669FB681A | |
| Source: | Code function: | 0_3_000002B669FB73A2 | |
| Source: | Code function: | 0_3_000002B669FB5B3E | |
| Source: | Code function: | 0_3_000002B669FB4B58 | |
| Source: | Code function: | 0_3_000002B669FB736E | |
| Source: | Code function: | 0_3_000002B669FB62E9 | |
| Source: | Code function: | 0_2_000002B66A0B971F | |
| Source: | Code function: | 0_2_000002B66A0D5C05 | |
| Source: | Code function: | 0_2_000002B66A0BAD59 | |
| Source: | Code function: | 0_2_000002B66A0C6A4B | |
| Source: | Code function: | 0_2_000002B66A0B935E | |
| Source: | Code function: | 0_2_000002B66A0D5BBC | |
| Source: | Code function: | 0_2_000002B66A0D5BDC | |
Persistence and Installation Behavior | |
|---|
| Source: | Registry value created: | Jump to behavior | ||
| Source: | Registry value created: | Jump to behavior | ||
| Source: | Registry key monitored for changes: | Jump to behavior | ||
| Source: | Key value created or modified: | Jump to behavior | ||
| Source: | Thread injection, dropped files, key value created, disk infection and DNS query: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Thread injection, dropped files, key value created, disk infection and DNS query: | ||
| Source: | Code function: | 0_2_00007FF7AD041180 | |
| Source: | Code function: | 0_2_00007FF7AD047FFA | |
| Source: | Code function: | 0_2_00007FF7AD099320 | |
| Source: | Memory allocated: | Jump to behavior | ||
| Source: | Code function: | 0_2_000002B66A0C2FA8 | |
| Source: | Key value queried: | Jump to behavior | ||
Remote Access Functionality | |
|---|
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Source: | File source: | ||
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 DLL Side-Loading | 1 DLL Side-Loading | 1 Modify Registry | OS Credential Dumping | 1 Query Registry | Remote Services | 1 Archive Collected Data | 11 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
| Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Disable or Modify Tools | LSASS Memory | 1 Security Software Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Ingress Tool Transfer | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 Obfuscated Files or Information | Security Account Manager | 1 Account Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
| Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 Install Root Certificate | NTDS | 1 System Owner/User Discovery | Distributed Component Object Model | Input Capture | 112 Application Layer Protocol | Traffic Duplication | Data Destruction |
| Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 1 DLL Side-Loading | LSA Secrets | 2 System Information Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 57% | Virustotal | Browse | ||
| 61% | ReversingLabs | Win64.Trojan.CobaltStrike | ||
| 100% | Avira | HEUR/AGEN.1329646 | ||
| 100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe | ||
| 0% | Avira URL Cloud | safe |
⊘No contacted domains info
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| true |
| unknown | |
| true |
| unknown |
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false | unknown | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false | unknown | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false | unknown | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false | unknown | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false | high | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false | unknown | |||
| false |
| unknown | ||
| false | unknown | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false | unknown | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false | unknown | |||
| false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 45.116.78.127 | unknown | Hong Kong | 55933 | CLOUDIE-AS-APCloudieLimitedHK | true |
| Joe Sandbox version: | 41.0.0 Charoite |
| Analysis ID: | 1583283 |
| Start date and time: | 2025-01-02 10:33:07 +01:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | 0h 4m 14s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | default.jbs |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 4 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Sample name: | 1.exe |
| Detection: | MAL |
| Classification: | mal100.troj.winEXE@1/1@0/1 |
| EGA Information: |
|
| HCA Information: |
|
| Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe
- Excluded IPs from analysis (whitelisted): 52.149.20.212, 13.107.246.45
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
- Report size getting too big, too many NtDeviceIoControlFile calls found.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
⊘No simulations
⊘No context
⊘No context
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| CLOUDIE-AS-APCloudieLimitedHK | Get hash | malicious | Mirai | Browse |
| |
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | ConnectBack | Browse |
| ||
| Get hash | malicious | CobaltStrike, Metasploit | Browse |
| ||
| Get hash | malicious | GhostRat, Mimikatz | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai, Moobot | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 51c64c77e60f3980eea90869b68c58a8 | Get hash | malicious | CobaltStrike, Metasploit | Browse |
| |
| Get hash | malicious | DanaBot | Browse |
| ||
| Get hash | malicious | Socks5Systemz | Browse |
| ||
| Get hash | malicious | Socks5Systemz | Browse |
| ||
| Get hash | malicious | Socks5Systemz | Browse |
| ||
| Get hash | malicious | Socks5Systemz | Browse |
| ||
| Get hash | malicious | Socks5Systemz | Browse |
| ||
| Get hash | malicious | Socks5Systemz | Browse |
| ||
| Get hash | malicious | Socks5Systemz | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
|
⊘No context
| Process: | C:\Users\user\Desktop\1.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 265737 |
| Entropy (8bit): | 7.574074995457399 |
| Encrypted: | false |
| SSDEEP: | 3072:XgGBm36hbPChTWjQWvWLGNkPd1Pt0PaQti4RVxFrqi/BAQuOYqEqCGy5IN:wd6hO1WMWvOGNKXd47PdYqEqCGy5IN |
| MD5: | 844488F5A671540E8D6D8B3F89B3D273 |
| SHA1: | 93378D999C19D1B8AD8C39A6CA4E4F277183FB5A |
| SHA-256: | 08F463716E035F7739876AFC20557C4ACC5DB12E29D1CBAB525EF40B652EE7D3 |
| SHA-512: | 4B88D039458719DC4FB979FEA7B5BD2BF928FE6A1B70D41D4A5226592B65247F32F6F7A03D04F4FD55A5788B44B1E7E1906FBBAD33246589755B94AE35B90C26 |
| Malicious: | false |
| Reputation: | low |
| Preview: |
| File type: | |
| Entropy (8bit): | 6.371945169519287 |
| TrID: |
|
| File name: | 1.exe |
| File size: | 526'848 bytes |
| MD5: | 9afad044f9ff1201826fb08e602d3e1d |
| SHA1: | e10ffb85d9252ae4067708553ec07141b85e8d58 |
| SHA256: | d2f3bf1f985fdd93088380843143d235c55b7188b99d7e728a1c49f8cbeb0a9e |
| SHA512: | 2f02f51d009539b1ba39f563461652bdce99f45ca89f78c61e12d110f8641f4bbc8cf5d348c10ed2c2fc0f35c48d1a821893b301511d5b3f55d1cee5bbdb1ed5 |
| SSDEEP: | 6144:DShCXd6hO1WMWvOGNKXd47PdYqEqCGy5IxH/vmvBn9XF:BN6o1WxvOyH7PdYqEqbgI5/voxF |
| TLSH: | 03B48B024352687DE1179D35E2F2F4FC3861DC58E8F399C78A937E99BB39A4653000AB |
| File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..d...f.&f...............).r.....................@.....................................2....`... ............................ |
 | |
| Icon Hash: | 1f346261d84c6712 |
| Entrypoint: | 0x1400013d0 |
| Entrypoint Section: | .text |
| Digitally signed: | false |
| Imagebase: | 0x140000000 |
| Subsystem: | windows gui |
| Image File Characteristics: | EXECUTABLE_IMAGE, LINE_NUMS_STRIPPED, LOCAL_SYMS_STRIPPED, LARGE_ADDRESS_AWARE, DEBUG_STRIPPED |
| DLL Characteristics: | HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT |
| Time Stamp: | 0x6626E166 [Mon Apr 22 22:15:02 2024 UTC] |
| TLS Callbacks: | 0x40001b70, 0x1, 0x40001b40, 0x1 |
| CLR (.Net) Version: | |
| OS Version Major: | 4 |
| OS Version Minor: | 0 |
| File Version Major: | 4 |
| File Version Minor: | 0 |
| Subsystem Version Major: | 4 |
| Subsystem Version Minor: | 0 |
| Import Hash: | d6e5bae1c8b524150e56169bc0241790 |
| Instruction |
|---|
| dec eax |
| sub esp, 28h |
| dec eax |
| mov eax, dword ptr [000543E5h] |
| mov dword ptr [eax], 00000001h |
| call 00007FCA4C81F01Fh |
| nop |
| nop |
| dec eax |
| add esp, 28h |
| ret |
| nop dword ptr [eax] |
| dec eax |
| sub esp, 28h |
| dec eax |
| mov eax, dword ptr [000543C5h] |
| mov dword ptr [eax], 00000000h |
| call 00007FCA4C81EFFFh |
| nop |
| nop |
| dec eax |
| add esp, 28h |
| ret |
| nop dword ptr [eax] |
| dec eax |
| sub esp, 28h |
| call 00007FCA4C825D94h |
| dec eax |
| cmp eax, 01h |
| sbb eax, eax |
| dec eax |
| add esp, 28h |
| ret |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| dec eax |
| lea ecx, dword ptr [00000009h] |
| jmp 00007FCA4C81F259h |
| nop dword ptr [eax+00h] |
| ret |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| nop |
| push ebx |
| dec eax |
| sub esp, 20h |
| dec eax |
| mov eax, dword ptr [00000020h] |
| dec eax |
| mov eax, dword ptr [eax] |
| mov ebx, dword ptr [eax] |
| call dword ptr [00057E3Fh] |
| dec eax |
| mov ecx, eax |
| mov edx, ebx |
| call dword ptr [00057EE4h] |
| dec eax |
| mov ecx, dword ptr [00056BCDh] |
| dec eax |
| add esp, 20h |
| pop ebx |
| dec eax |
| jmp dword ptr [00057EB1h] |
| push ebx |
| dec eax |
| sub esp, 20h |
| dec eax |
| mov ebx, ecx |
| call dword ptr [00057E1Bh] |
| mov dword ptr [000000A5h], eax |
| Name | Virtual Address | Virtual Size | Is in Section |
|---|---|---|---|
| IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IMPORT | 0x59000 | 0x990 | .idata |
| IMAGE_DIRECTORY_ENTRY_RESOURCE | 0x5c000 | 0x2a8f0 | .rsrc |
| IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x56000 | 0x4e0 | .pdata |
| IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x87000 | 0x80 | .reloc |
| IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_TLS | 0x55080 | 0x28 | .rdata |
| IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IAT | 0x59260 | 0x220 | .idata |
| IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
| Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
|---|---|---|---|---|---|---|---|---|---|
| .text | 0x1000 | 0x7138 | 0x7200 | a862a3159dd03ba874c09f8875653b15 | False | 0.5865885416666666 | data | 6.318653270923573 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
| .data | 0x9000 | 0x4bcd0 | 0x4be00 | 902c1d957aa07d9b4868bcc79abf54ec | False | 0.572745057660626 | zlib compressed data | 7.054400837416238 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
| .rdata | 0x55000 | 0xe10 | 0x1000 | 880e799edacf8a7a40eb6e596fa84a27 | False | 0.27197265625 | data | 4.375500397708199 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .pdata | 0x56000 | 0x4e0 | 0x600 | 5f87c73a15265ff27134c24e1f6ec14c | False | 0.4420572916666667 | data | 3.9083658914282964 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .xdata | 0x57000 | 0x498 | 0x600 | 534c1d4a7a003b6d28868cf2afd7036c | False | 0.2682291666666667 | data | 3.691608001970335 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .bss | 0x58000 | 0xc60 | 0x0 | d41d8cd98f00b204e9800998ecf8427e | False | 0 | empty | 0.0 | IMAGE_SCN_CNT_UNINITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
| .idata | 0x59000 | 0x990 | 0xa00 | 31033ba972d920c39656978835d548e0 | False | 0.35 | data | 4.224022858761624 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
| .CRT | 0x5a000 | 0x60 | 0x200 | 2ba86c405a5e7276b45875ad739ffbeb | False | 0.068359375 | data | 0.27950974526108024 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
| .tls | 0x5b000 | 0x10 | 0x200 | bf619eac0cdf3f68d496ea9344137e8b | False | 0.02734375 | data | 0.0 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
| .rsrc | 0x5c000 | 0x2a8f0 | 0x2aa00 | c8f9680d2ba7f206bc377703a81f9228 | False | 0.23968452162756598 | data | 4.160698559536376 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .reloc | 0x87000 | 0x80 | 0x200 | 7e4c3f671b8159e7c99c5a83bd6eb190 | False | 0.251953125 | data | 1.5593077198912917 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
| Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
|---|---|---|---|---|---|---|
| RT_ICON | 0x5c388 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 640 | English | United States | 0.3817204301075269 |
| RT_ICON | 0x5c670 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | United States | 0.5472972972972973 |
| RT_ICON | 0x5c798 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 2688 | English | United States | 0.43443496801705755 |
| RT_ICON | 0x5d640 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 1152 | English | United States | 0.5875451263537906 |
| RT_ICON | 0x5dee8 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 320 | English | United States | 0.671242774566474 |
| RT_ICON | 0x5e450 | 0x3bf3 | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | English | United States | 0.9913338111683065 |
| RT_ICON | 0x62048 | 0x10828 | Device independent bitmap graphic, 128 x 256 x 32, image size 67584 | English | United States | 0.09962439370637644 |
| RT_ICON | 0x72870 | 0x94a8 | Device independent bitmap graphic, 96 x 192 x 32, image size 38016 | English | United States | 0.1279167542568846 |
| RT_ICON | 0x7bd18 | 0x4228 | Device independent bitmap graphic, 64 x 128 x 32, image size 16896 | English | United States | 0.1831601322626358 |
| RT_ICON | 0x7ff40 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 9600 | English | United States | 0.2337136929460581 |
| RT_ICON | 0x824e8 | 0x1a68 | Device independent bitmap graphic, 40 x 80 x 32, image size 6720 | English | United States | 0.26612426035502956 |
| RT_ICON | 0x83f50 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 4224 | English | United States | 0.3320825515947467 |
| RT_ICON | 0x84ff8 | 0x988 | Device independent bitmap graphic, 24 x 48 x 32, image size 2400 | English | United States | 0.4209016393442623 |
| RT_ICON | 0x85980 | 0x6b8 | Device independent bitmap graphic, 20 x 40 x 32, image size 1680 | English | United States | 0.4994186046511628 |
| RT_ICON | 0x86038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 1088 | English | United States | 0.5709219858156028 |
| RT_GROUP_ICON | 0x864a0 | 0xd8 | data | English | United States | 0.6296296296296297 |
| RT_VERSION | 0x86578 | 0x374 | data | English | United States | 0.417420814479638 |
| DLL | Import |
|---|---|
| KERNEL32.dll | CloseHandle, ConvertThreadToFiber, CreateFiber, CreateFileA, CreateMailslotA, CreateThread, DeleteCriticalSection, DeleteFiber, EnterCriticalSection, GetCurrentProcess, GetCurrentThreadId, GetLastError, GetMailslotInfo, GetModuleHandleA, GetProcAddress, GetTickCount, HeapAlloc, HeapCreate, HeapReAlloc, InitializeCriticalSection, IsDBCSLeadByteEx, LeaveCriticalSection, MultiByteToWideChar, ReadFile, SetUnhandledExceptionFilter, Sleep, SleepEx, SwitchToFiber, TlsGetValue, VirtualProtect, VirtualQuery, WaitForSingleObject, WideCharToMultiByte, WriteFile |
| msvcrt.dll | __C_specific_handler, ___lc_codepage_func, ___mb_cur_max_func, __getmainargs, __initenv, __iob_func, __set_app_type, __setusermatherr, _amsg_exit, _cexit, _commode, _errno, _fmode, _initterm, _onexit, abort, calloc, exit, fprintf, fputc, free, fwrite, localeconv, malloc, memcpy, memset, signal, strerror, strlen, strncmp, vfprintf, wcslen |
| Language of compilation system | Country where language is spoken | Map |
|---|---|---|
| English | United States |  |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node| Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
|---|---|---|---|---|---|---|---|---|
| 2025-01-02T10:34:00.428365+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49704 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:01.092715+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49704 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:01.092715+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49704 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:01.092931+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49704 | TCP |
| 2025-01-02T10:34:09.748404+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49705 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:10.434039+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49705 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:10.434039+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49705 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:10.436015+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49705 | TCP |
| 2025-01-02T10:34:11.637389+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49706 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:12.343974+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49706 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:12.343974+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49706 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:12.344200+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49706 | TCP |
| 2025-01-02T10:34:13.557834+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49707 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:14.238635+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49707 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:14.238635+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49707 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:14.239065+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49707 | TCP |
| 2025-01-02T10:34:15.540284+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49708 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:16.239468+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49708 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:16.239468+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49708 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:16.239762+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49708 | TCP |
| 2025-01-02T10:34:17.647622+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49714 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:18.316328+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49714 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:18.316328+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49714 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:18.324834+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49714 | TCP |
| 2025-01-02T10:34:19.572535+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49717 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:20.255143+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49717 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:20.255143+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49717 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:20.256075+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49717 | TCP |
| 2025-01-02T10:34:21.519447+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49728 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:22.192772+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49728 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:22.192772+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49728 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:22.193088+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49728 | TCP |
| 2025-01-02T10:34:23.397687+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49739 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:24.107141+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49739 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:24.107141+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49739 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:24.112399+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49739 | TCP |
| 2025-01-02T10:34:25.327733+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49755 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:26.034082+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49755 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:26.034082+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49755 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:26.034223+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49755 | TCP |
| 2025-01-02T10:34:27.236320+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49766 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:27.937620+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49766 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:27.937620+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49766 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:27.938313+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49766 | TCP |
| 2025-01-02T10:34:29.151741+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49782 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:29.816572+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49782 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:29.816572+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49782 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:29.816835+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49782 | TCP |
| 2025-01-02T10:34:31.044480+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49794 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:31.706974+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49794 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:31.706974+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49794 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:31.707424+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49794 | TCP |
| 2025-01-02T10:34:32.900275+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49809 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:33.555179+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49809 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:33.555179+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49809 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:33.555591+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49809 | TCP |
| 2025-01-02T10:34:34.809395+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49822 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:35.465882+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49822 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:35.465882+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49822 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:35.466219+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49822 | TCP |
| 2025-01-02T10:34:36.675522+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49836 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:37.338965+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49836 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:37.338965+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49836 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:37.345373+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49836 | TCP |
| 2025-01-02T10:34:38.585436+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49849 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:39.287641+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49849 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:39.287641+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49849 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:39.289599+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49849 | TCP |
| 2025-01-02T10:34:40.544573+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49863 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:41.211719+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49863 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:41.211719+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49863 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:41.212082+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49863 | TCP |
| 2025-01-02T10:34:42.434575+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49878 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:43.153663+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49878 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:43.153663+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49878 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:43.153994+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49878 | TCP |
| 2025-01-02T10:34:44.430146+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49890 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:45.134788+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49890 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:45.134788+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49890 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:45.135478+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49890 | TCP |
| 2025-01-02T10:34:46.361190+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49906 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:47.129666+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49906 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:47.129666+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49906 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:47.135266+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49906 | TCP |
| 2025-01-02T10:34:48.315748+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49918 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:48.979834+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49918 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:48.979834+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49918 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:48.988027+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49918 | TCP |
| 2025-01-02T10:34:50.274161+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49933 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:50.944422+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49933 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:50.944422+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49933 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:50.944662+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49933 | TCP |
| 2025-01-02T10:34:52.701561+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49945 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:53.351892+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49945 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:53.351892+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49945 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:53.352483+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49945 | TCP |
| 2025-01-02T10:34:54.643270+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49962 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:55.316109+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49962 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:55.316109+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49962 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:55.317666+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49962 | TCP |
| 2025-01-02T10:34:56.589408+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49978 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:57.256975+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49978 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:57.256975+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49978 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:57.258298+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49978 | TCP |
| 2025-01-02T10:34:58.519753+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 49989 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:59.189687+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 49989 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:59.189687+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 49989 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:34:59.190054+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 49989 | TCP |
| 2025-01-02T10:35:00.428509+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50003 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:01.105692+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50003 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:01.105692+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50003 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:01.106608+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50003 | TCP |
| 2025-01-02T10:35:02.397660+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50004 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:03.061089+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50004 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:03.061089+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50004 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:03.065114+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50004 | TCP |
| 2025-01-02T10:35:04.283634+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50005 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:04.954043+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50005 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:04.954043+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50005 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:04.954891+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50005 | TCP |
| 2025-01-02T10:35:06.243736+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50006 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:06.909697+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50006 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:06.909697+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50006 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:06.910071+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50006 | TCP |
| 2025-01-02T10:35:08.085295+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50007 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:08.737331+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50007 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:08.737331+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50007 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:08.737598+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50007 | TCP |
| 2025-01-02T10:35:09.896562+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50008 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:10.420539+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50008 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:10.420539+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50008 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:10.428495+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50008 | TCP |
| 2025-01-02T10:35:11.765317+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50009 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:12.243598+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50009 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:12.243598+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50009 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:12.244025+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50009 | TCP |
| 2025-01-02T10:35:13.334887+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50010 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:13.863025+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50010 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:13.863025+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50010 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:13.868644+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50010 | TCP |
| 2025-01-02T10:35:15.081504+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50011 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:15.776542+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50011 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:15.776542+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50011 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:15.776816+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50011 | TCP |
| 2025-01-02T10:35:17.044023+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50012 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:17.712476+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50012 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:17.712476+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50012 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:17.712836+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50012 | TCP |
| 2025-01-02T10:35:19.139603+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50013 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:19.806754+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50013 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:19.806754+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50013 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:20.575136+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50013 | TCP |
| 2025-01-02T10:35:21.913780+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50014 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:22.587459+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50014 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:22.587459+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50014 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:22.601054+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50014 | TCP |
| 2025-01-02T10:35:23.901675+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50015 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:24.575099+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50015 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:24.575099+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50015 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:24.575376+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50015 | TCP |
| 2025-01-02T10:35:25.816225+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50016 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:26.483418+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50016 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:26.483418+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50016 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:26.490360+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50016 | TCP |
| 2025-01-02T10:35:27.731440+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50017 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:28.391452+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50017 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:28.391452+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50017 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:28.391743+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50017 | TCP |
| 2025-01-02T10:35:29.605768+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50018 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:30.273853+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50018 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:30.273853+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50018 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:30.280709+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50018 | TCP |
| 2025-01-02T10:35:31.486285+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50019 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:33.002512+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50019 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:33.002512+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50019 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:33.002755+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50019 | TCP |
| 2025-01-02T10:35:34.183638+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50020 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:34.851482+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50020 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:34.851482+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50020 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:34.851723+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50020 | TCP |
| 2025-01-02T10:35:36.097843+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50021 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:36.795278+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50021 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:36.795278+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50021 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:36.800172+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50021 | TCP |
| 2025-01-02T10:35:38.162854+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50022 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:38.814912+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50022 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:38.814912+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50022 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:38.815252+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50022 | TCP |
| 2025-01-02T10:35:39.937789+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50023 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:40.639081+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50023 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:40.639081+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50023 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:40.639319+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50023 | TCP |
| 2025-01-02T10:35:41.839749+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50024 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:42.555830+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50024 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:42.555830+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50024 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:42.556071+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50024 | TCP |
| 2025-01-02T10:35:43.792569+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50025 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:44.443340+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50025 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:44.443340+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50025 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:44.443519+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50025 | TCP |
| 2025-01-02T10:35:45.480638+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50026 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:46.148932+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50026 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:46.148932+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50026 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:46.149196+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50026 | TCP |
| 2025-01-02T10:35:47.399653+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50027 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:48.093172+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50027 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:48.093172+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50027 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:48.093491+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50027 | TCP |
| 2025-01-02T10:35:49.391791+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50028 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:50.042937+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50028 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:50.042937+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50028 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:50.047585+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50028 | TCP |
| 2025-01-02T10:35:51.318409+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50029 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:51.989380+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50029 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:51.989380+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50029 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:51.990056+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50029 | TCP |
| 2025-01-02T10:35:53.183655+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50030 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:53.848224+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50030 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:53.848224+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50030 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:53.851213+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50030 | TCP |
| 2025-01-02T10:35:55.109773+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50031 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:55.773488+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50031 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:55.773488+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50031 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:55.773742+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50031 | TCP |
| 2025-01-02T10:35:57.023569+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50032 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:57.685330+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50032 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:57.685330+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50032 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:57.685613+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50032 | TCP |
| 2025-01-02T10:35:58.954272+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50033 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:59.670152+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50033 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:59.670152+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50033 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:35:59.670445+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50033 | TCP |
| 2025-01-02T10:36:00.904156+0100 | 2028765 | ET JA3 Hash - [Abuse.ch] Possible Dridex | 3 | 192.168.2.5 | 50034 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:36:01.621895+0100 | 2033658 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile M2 | 1 | 192.168.2.5 | 50034 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:36:01.621895+0100 | 2033928 | ET MALWARE Cobalt Strike Beacon Activity (GET) | 1 | 192.168.2.5 | 50034 | 45.116.78.127 | 443 | TCP |
| 2025-01-02T10:36:01.622123+0100 | 2033009 | ET MALWARE Cobalt Strike Malleable C2 JQuery Custom Profile Response | 1 | 45.116.78.127 | 443 | 192.168.2.5 | 50034 | TCP |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Jan 2, 2025 10:33:59.235516071 CET | 49704 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:33:59.235572100 CET | 443 | 49704 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:33:59.235662937 CET | 49704 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:33:59.243611097 CET | 49704 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:33:59.243626118 CET | 443 | 49704 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:00.428268909 CET | 443 | 49704 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:00.428364992 CET | 49704 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:00.492456913 CET | 49704 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:00.492491961 CET | 443 | 49704 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:00.492841005 CET | 443 | 49704 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:00.492891073 CET | 49704 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:00.494878054 CET | 49704 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:00.539341927 CET | 443 | 49704 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:01.092730045 CET | 443 | 49704 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:01.092802048 CET | 443 | 49704 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:01.092804909 CET | 49704 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:01.092834949 CET | 443 | 49704 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:01.092852116 CET | 49704 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:01.092856884 CET | 443 | 49704 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:01.092884064 CET | 49704 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:01.092912912 CET | 49704 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:01.107945919 CET | 49704 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:01.107979059 CET | 443 | 49704 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:08.602133036 CET | 49705 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:08.602168083 CET | 443 | 49705 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:08.602237940 CET | 49705 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:08.602601051 CET | 49705 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:08.602618933 CET | 443 | 49705 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:09.748230934 CET | 443 | 49705 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:09.748404026 CET | 49705 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:09.748944044 CET | 49705 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:09.748960972 CET | 443 | 49705 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:09.754791975 CET | 49705 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:09.754797935 CET | 443 | 49705 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:10.434056044 CET | 443 | 49705 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:10.434135914 CET | 49705 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:10.435863972 CET | 443 | 49705 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:10.435926914 CET | 49705 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:10.435926914 CET | 443 | 49705 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:10.435977936 CET | 49705 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:10.440460920 CET | 49705 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:10.440479040 CET | 443 | 49705 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:10.445729017 CET | 49706 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:10.445770979 CET | 443 | 49706 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:10.445861101 CET | 49706 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:10.446043015 CET | 49706 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:10.446060896 CET | 443 | 49706 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:11.637327909 CET | 443 | 49706 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:11.637388945 CET | 49706 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:11.638020039 CET | 49706 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:11.638027906 CET | 443 | 49706 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:11.639501095 CET | 49706 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:11.639506102 CET | 443 | 49706 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:12.343981028 CET | 443 | 49706 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:12.344052076 CET | 443 | 49706 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:12.344065905 CET | 49706 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:12.344095945 CET | 443 | 49706 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:12.344110966 CET | 443 | 49706 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:12.344110966 CET | 49706 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:12.344150066 CET | 49706 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:12.357047081 CET | 49706 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:12.357078075 CET | 443 | 49706 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:12.383100986 CET | 49707 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:12.383147955 CET | 443 | 49707 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:12.383229971 CET | 49707 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:12.383402109 CET | 49707 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:12.383419037 CET | 443 | 49707 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:13.557740927 CET | 443 | 49707 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:13.557833910 CET | 49707 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:13.592109919 CET | 49707 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:13.592125893 CET | 443 | 49707 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:13.600467920 CET | 49707 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:13.600480080 CET | 443 | 49707 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:14.238678932 CET | 443 | 49707 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:14.238756895 CET | 49707 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:14.238893986 CET | 443 | 49707 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:14.238956928 CET | 443 | 49707 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:14.238962889 CET | 49707 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:14.239007950 CET | 49707 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:14.253465891 CET | 49707 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:14.253484011 CET | 443 | 49707 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:14.253495932 CET | 49707 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:14.253530025 CET | 49707 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:14.352077961 CET | 49708 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:14.352118015 CET | 443 | 49708 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:14.352190971 CET | 49708 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:14.352497101 CET | 49708 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:14.352511883 CET | 443 | 49708 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:15.540216923 CET | 443 | 49708 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:15.540283918 CET | 49708 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:15.540549040 CET | 49708 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:15.540555954 CET | 443 | 49708 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:15.541678905 CET | 49708 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:15.541683912 CET | 443 | 49708 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:16.239494085 CET | 443 | 49708 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:16.239615917 CET | 443 | 49708 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:16.239675045 CET | 443 | 49708 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:16.239753962 CET | 49708 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:16.240106106 CET | 49708 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:16.396157026 CET | 49708 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:16.396183968 CET | 443 | 49708 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:16.477674961 CET | 49714 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:16.477700949 CET | 443 | 49714 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:16.477777958 CET | 49714 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:16.478321075 CET | 49714 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:16.478342056 CET | 443 | 49714 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:17.647439957 CET | 443 | 49714 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:17.647622108 CET | 49714 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:17.648190022 CET | 49714 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:17.648196936 CET | 443 | 49714 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:17.655725002 CET | 49714 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:17.655731916 CET | 443 | 49714 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:18.316339970 CET | 443 | 49714 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:18.316564083 CET | 49714 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:18.324686050 CET | 443 | 49714 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:18.324754953 CET | 443 | 49714 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:18.324789047 CET | 49714 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:18.324826956 CET | 49714 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:18.334533930 CET | 49714 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:18.334549904 CET | 443 | 49714 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:18.383085012 CET | 49717 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:18.383106947 CET | 443 | 49717 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:18.383212090 CET | 49717 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:18.383367062 CET | 49717 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:18.383382082 CET | 443 | 49717 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:19.572352886 CET | 443 | 49717 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:19.572535038 CET | 49717 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:19.573148012 CET | 49717 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:19.573156118 CET | 443 | 49717 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:19.578100920 CET | 49717 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:19.578110933 CET | 443 | 49717 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:20.255155087 CET | 443 | 49717 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:20.255242109 CET | 49717 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:20.255935907 CET | 443 | 49717 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:20.256002903 CET | 443 | 49717 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:20.256006002 CET | 49717 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:20.256045103 CET | 49717 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:20.262851954 CET | 49717 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:20.262871027 CET | 443 | 49717 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:20.351814032 CET | 49728 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:20.351841927 CET | 443 | 49728 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:20.351905107 CET | 49728 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:20.352080107 CET | 49728 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:20.352092981 CET | 443 | 49728 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:21.519356012 CET | 443 | 49728 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:21.519447088 CET | 49728 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:21.519690037 CET | 49728 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:21.519697905 CET | 443 | 49728 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:21.520721912 CET | 49728 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:21.520726919 CET | 443 | 49728 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:22.192797899 CET | 443 | 49728 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:22.192945957 CET | 443 | 49728 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:22.192977905 CET | 49728 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:22.192995071 CET | 443 | 49728 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:22.193006992 CET | 443 | 49728 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:22.193011999 CET | 49728 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:22.193054914 CET | 49728 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:22.201895952 CET | 49728 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:22.201913118 CET | 443 | 49728 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:22.226855040 CET | 49739 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:22.226910114 CET | 443 | 49739 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:22.226999998 CET | 49739 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:22.227247953 CET | 49739 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:22.227262974 CET | 443 | 49739 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:23.397598982 CET | 443 | 49739 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:23.397686958 CET | 49739 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:23.398097038 CET | 49739 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:23.398104906 CET | 443 | 49739 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:23.399141073 CET | 49739 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:23.399144888 CET | 443 | 49739 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:24.107189894 CET | 443 | 49739 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:24.107273102 CET | 49739 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:24.112246037 CET | 443 | 49739 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:24.112308979 CET | 443 | 49739 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:24.112337112 CET | 49739 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:24.112375975 CET | 49739 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:24.128669977 CET | 49739 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:24.128709078 CET | 443 | 49739 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:24.128735065 CET | 49739 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:24.129369974 CET | 49739 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:24.180455923 CET | 49755 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:24.180494070 CET | 443 | 49755 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:24.180586100 CET | 49755 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:24.180850029 CET | 49755 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:24.180864096 CET | 443 | 49755 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:25.327652931 CET | 443 | 49755 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:25.327733040 CET | 49755 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:25.328624964 CET | 49755 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:25.328629017 CET | 443 | 49755 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:25.329715967 CET | 49755 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:25.329720974 CET | 443 | 49755 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:26.034015894 CET | 443 | 49755 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:26.034071922 CET | 443 | 49755 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:26.034137011 CET | 443 | 49755 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:26.034171104 CET | 49755 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:26.034171104 CET | 49755 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:26.034198046 CET | 49755 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:26.042695999 CET | 49755 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:26.042712927 CET | 443 | 49755 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:26.070580959 CET | 49766 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:26.070599079 CET | 443 | 49766 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:26.070709944 CET | 49766 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:26.070878983 CET | 49766 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:26.070893049 CET | 443 | 49766 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:27.236138105 CET | 443 | 49766 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:27.236320019 CET | 49766 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:27.236651897 CET | 49766 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:27.236661911 CET | 443 | 49766 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:27.237838984 CET | 49766 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:27.237844944 CET | 443 | 49766 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:27.937638998 CET | 443 | 49766 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:27.937706947 CET | 49766 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:27.938179970 CET | 443 | 49766 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:27.938235998 CET | 443 | 49766 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:27.938242912 CET | 49766 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:27.938286066 CET | 49766 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:27.963598967 CET | 49766 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:27.963612080 CET | 443 | 49766 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:27.963622093 CET | 49766 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:27.966083050 CET | 49766 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:28.008500099 CET | 49782 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:28.008541107 CET | 443 | 49782 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:28.008624077 CET | 49782 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:28.008856058 CET | 49782 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:28.008868933 CET | 443 | 49782 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:29.151658058 CET | 443 | 49782 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:29.151741028 CET | 49782 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:29.152142048 CET | 49782 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:29.152149916 CET | 443 | 49782 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:29.153028011 CET | 49782 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:29.153032064 CET | 443 | 49782 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:29.816606045 CET | 443 | 49782 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:29.816677094 CET | 443 | 49782 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:29.816682100 CET | 49782 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:29.816705942 CET | 443 | 49782 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:29.816730022 CET | 49782 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:29.816735029 CET | 443 | 49782 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:29.816787004 CET | 49782 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:29.847011089 CET | 49782 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:29.847028971 CET | 443 | 49782 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:29.899468899 CET | 49794 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:29.899506092 CET | 443 | 49794 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:29.899842024 CET | 49794 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:29.900130033 CET | 49794 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:29.900147915 CET | 443 | 49794 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:31.044423103 CET | 443 | 49794 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:31.044480085 CET | 49794 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:31.044812918 CET | 49794 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:31.044821024 CET | 443 | 49794 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:31.045842886 CET | 49794 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:31.045846939 CET | 443 | 49794 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:31.707014084 CET | 443 | 49794 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:31.707122087 CET | 49794 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:31.707201004 CET | 443 | 49794 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:31.707295895 CET | 443 | 49794 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:31.707299948 CET | 49794 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:31.707350016 CET | 49794 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:31.714977026 CET | 49794 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:31.714992046 CET | 443 | 49794 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:31.742834091 CET | 49809 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:31.742866039 CET | 443 | 49809 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:31.743125916 CET | 49809 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:31.743235111 CET | 49809 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:31.743246078 CET | 443 | 49809 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:32.900201082 CET | 443 | 49809 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:32.900274992 CET | 49809 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:32.900551081 CET | 49809 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:32.900557995 CET | 443 | 49809 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:32.901709080 CET | 49809 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:32.901716948 CET | 443 | 49809 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:33.555188894 CET | 443 | 49809 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:33.555239916 CET | 49809 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:33.555433035 CET | 443 | 49809 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:33.555480003 CET | 443 | 49809 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:33.555494070 CET | 49809 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:33.555531025 CET | 49809 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:33.572169065 CET | 49809 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:33.572185993 CET | 443 | 49809 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:33.572196007 CET | 49809 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:33.572237968 CET | 49809 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:33.634407043 CET | 49822 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:33.634423018 CET | 443 | 49822 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:33.634509087 CET | 49822 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:33.634681940 CET | 49822 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:33.634694099 CET | 443 | 49822 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:34.809314966 CET | 443 | 49822 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:34.809395075 CET | 49822 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:34.809860945 CET | 49822 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:34.809866905 CET | 443 | 49822 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:34.810921907 CET | 49822 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:34.810926914 CET | 443 | 49822 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:35.465926886 CET | 443 | 49822 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:35.465986013 CET | 49822 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:35.465991974 CET | 443 | 49822 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:35.466023922 CET | 443 | 49822 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:35.466048956 CET | 49822 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:35.466078997 CET | 49822 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:35.466085911 CET | 443 | 49822 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:35.466114044 CET | 443 | 49822 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:35.466156006 CET | 49822 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:35.483967066 CET | 49822 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:35.483978987 CET | 443 | 49822 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:35.523819923 CET | 49836 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:35.523844957 CET | 443 | 49836 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:35.523920059 CET | 49836 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:35.524128914 CET | 49836 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:35.524139881 CET | 443 | 49836 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:36.675420046 CET | 443 | 49836 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:36.675522089 CET | 49836 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:36.675966024 CET | 49836 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:36.675970078 CET | 443 | 49836 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:36.677058935 CET | 49836 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:36.677062035 CET | 443 | 49836 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:37.339001894 CET | 443 | 49836 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:37.339062929 CET | 49836 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:37.345149994 CET | 443 | 49836 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:37.345225096 CET | 49836 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:37.345230103 CET | 443 | 49836 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:37.345246077 CET | 443 | 49836 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:37.345274925 CET | 49836 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:37.345309019 CET | 49836 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:37.364327908 CET | 49836 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:37.364346027 CET | 443 | 49836 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:37.364356041 CET | 49836 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:37.364391088 CET | 49836 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:37.414628029 CET | 49849 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:37.414661884 CET | 443 | 49849 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:37.414737940 CET | 49849 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:37.415050983 CET | 49849 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:37.415066957 CET | 443 | 49849 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:38.585347891 CET | 443 | 49849 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:38.585436106 CET | 49849 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:38.586103916 CET | 49849 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:38.586111069 CET | 443 | 49849 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:38.587479115 CET | 49849 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:38.587486029 CET | 443 | 49849 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:39.287674904 CET | 443 | 49849 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:39.287775993 CET | 49849 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:39.289401054 CET | 443 | 49849 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:39.289474964 CET | 49849 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:39.289483070 CET | 443 | 49849 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:39.289496899 CET | 443 | 49849 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:39.289530993 CET | 49849 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:39.289568901 CET | 49849 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:39.308373928 CET | 49849 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:39.308384895 CET | 443 | 49849 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:39.308396101 CET | 49849 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:39.308456898 CET | 49849 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:39.337084055 CET | 49863 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:39.337124109 CET | 443 | 49863 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:39.337223053 CET | 49863 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:39.337450981 CET | 49863 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:39.337461948 CET | 443 | 49863 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:40.544455051 CET | 443 | 49863 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:40.544573069 CET | 49863 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:40.545118093 CET | 49863 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:40.545125008 CET | 443 | 49863 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:40.546551943 CET | 49863 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:40.546557903 CET | 443 | 49863 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:41.211751938 CET | 443 | 49863 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:41.211823940 CET | 443 | 49863 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:41.211843014 CET | 49863 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:41.211858988 CET | 443 | 49863 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:41.211903095 CET | 49863 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:41.211932898 CET | 49863 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:41.211939096 CET | 443 | 49863 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:41.211951971 CET | 443 | 49863 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:41.211977005 CET | 49863 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:41.211993933 CET | 49863 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:41.221496105 CET | 49863 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:41.221513987 CET | 443 | 49863 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:41.274257898 CET | 49878 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:41.274280071 CET | 443 | 49878 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:41.274373055 CET | 49878 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:41.274666071 CET | 49878 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:41.274677992 CET | 443 | 49878 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:42.434461117 CET | 443 | 49878 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:42.434575081 CET | 49878 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:42.435235977 CET | 49878 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:42.435245991 CET | 443 | 49878 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:42.436791897 CET | 49878 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:42.436795950 CET | 443 | 49878 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:43.153678894 CET | 443 | 49878 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:43.153767109 CET | 49878 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:43.153798103 CET | 443 | 49878 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:43.153853893 CET | 49878 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:43.153861046 CET | 443 | 49878 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:43.153882027 CET | 443 | 49878 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:43.153903961 CET | 49878 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:43.153917074 CET | 49878 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:43.165847063 CET | 49878 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:43.165863037 CET | 443 | 49878 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:43.258560896 CET | 49890 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:43.258618116 CET | 443 | 49890 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:43.258814096 CET | 49890 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:43.259047031 CET | 49890 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:43.259068012 CET | 443 | 49890 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:44.428662062 CET | 443 | 49890 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:44.430145979 CET | 49890 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:44.430589914 CET | 49890 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:44.430598021 CET | 443 | 49890 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:44.431816101 CET | 49890 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:44.431823015 CET | 443 | 49890 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:45.134886980 CET | 443 | 49890 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:45.134983063 CET | 49890 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:45.135040045 CET | 443 | 49890 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:45.135113955 CET | 49890 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:45.135144949 CET | 443 | 49890 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:45.135217905 CET | 443 | 49890 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:45.135273933 CET | 49890 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:45.148232937 CET | 49890 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:45.148264885 CET | 443 | 49890 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:45.227339029 CET | 49906 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:45.227368116 CET | 443 | 49906 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:45.227459908 CET | 49906 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:45.227601051 CET | 49906 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:45.227611065 CET | 443 | 49906 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:46.359559059 CET | 443 | 49906 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:46.361190081 CET | 49906 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:46.364629984 CET | 49906 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:46.364641905 CET | 443 | 49906 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:46.365968943 CET | 49906 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:46.365978003 CET | 443 | 49906 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:47.129662037 CET | 443 | 49906 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:47.132251978 CET | 49906 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:47.135082960 CET | 443 | 49906 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:47.135137081 CET | 443 | 49906 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:47.135169029 CET | 49906 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:47.135216951 CET | 49906 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:47.146274090 CET | 49906 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:47.146287918 CET | 443 | 49906 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:47.164541960 CET | 49918 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:47.164567947 CET | 443 | 49918 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:47.164751053 CET | 49918 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:47.164840937 CET | 49918 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:47.164849043 CET | 443 | 49918 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:48.315548897 CET | 443 | 49918 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:48.315747976 CET | 49918 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:48.368076086 CET | 49918 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:48.368086100 CET | 443 | 49918 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:48.369400978 CET | 49918 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:48.369405031 CET | 443 | 49918 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:48.979845047 CET | 443 | 49918 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:48.979913950 CET | 49918 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:48.980521917 CET | 443 | 49918 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:48.980592966 CET | 49918 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:48.987899065 CET | 443 | 49918 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:48.987941027 CET | 443 | 49918 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:48.987946987 CET | 49918 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:48.987987995 CET | 49918 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:48.989259958 CET | 49918 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:48.989268064 CET | 443 | 49918 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:49.055115938 CET | 49933 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:49.055140018 CET | 443 | 49933 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:49.055202007 CET | 49933 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:49.055393934 CET | 49933 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:49.055408001 CET | 443 | 49933 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:50.273699045 CET | 443 | 49933 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:50.274161100 CET | 49933 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:50.274413109 CET | 49933 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:50.274416924 CET | 443 | 49933 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:50.275507927 CET | 49933 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:50.275512934 CET | 443 | 49933 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:50.944452047 CET | 443 | 49933 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:50.944503069 CET | 443 | 49933 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:50.944571972 CET | 443 | 49933 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:50.944577932 CET | 49933 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:50.944602013 CET | 49933 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:50.944637060 CET | 49933 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:51.290549994 CET | 49933 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:51.290579081 CET | 443 | 49933 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:51.368114948 CET | 49945 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:51.368143082 CET | 443 | 49945 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:51.368208885 CET | 49945 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:51.368438005 CET | 49945 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:51.368453026 CET | 443 | 49945 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:52.701462984 CET | 443 | 49945 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:52.701560974 CET | 49945 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:52.701977968 CET | 49945 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:52.701983929 CET | 443 | 49945 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:52.703186035 CET | 49945 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:52.703191996 CET | 443 | 49945 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:53.351890087 CET | 443 | 49945 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:53.351989985 CET | 49945 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:53.352322102 CET | 443 | 49945 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:53.352372885 CET | 443 | 49945 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:53.352394104 CET | 49945 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:53.352447033 CET | 49945 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:53.372684002 CET | 49945 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:53.372703075 CET | 443 | 49945 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:53.372714043 CET | 49945 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:53.372754097 CET | 49945 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:53.477107048 CET | 49962 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:53.477138042 CET | 443 | 49962 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:53.477231026 CET | 49962 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:53.477488041 CET | 49962 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:53.477499962 CET | 443 | 49962 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:54.643196106 CET | 443 | 49962 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:54.643270016 CET | 49962 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:54.643762112 CET | 49962 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:54.643764973 CET | 443 | 49962 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:54.645113945 CET | 49962 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:54.645117998 CET | 443 | 49962 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:55.316121101 CET | 443 | 49962 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:55.316186905 CET | 49962 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:55.317507029 CET | 443 | 49962 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:55.317569971 CET | 443 | 49962 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:55.317575932 CET | 49962 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:55.317617893 CET | 49962 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:55.346030951 CET | 49962 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:55.346050024 CET | 443 | 49962 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:55.432651997 CET | 49978 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:55.432684898 CET | 443 | 49978 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:55.432770014 CET | 49978 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:55.433067083 CET | 49978 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:55.433090925 CET | 443 | 49978 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:56.589337111 CET | 443 | 49978 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:56.589407921 CET | 49978 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:56.589714050 CET | 49978 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:56.589719057 CET | 443 | 49978 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:56.590797901 CET | 49978 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:56.590802908 CET | 443 | 49978 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:57.256982088 CET | 443 | 49978 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:57.257575035 CET | 49978 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:57.258126020 CET | 443 | 49978 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:57.258192062 CET | 443 | 49978 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:57.258193970 CET | 49978 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:57.258239031 CET | 49978 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:57.287605047 CET | 49978 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:57.287616968 CET | 443 | 49978 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:57.367908955 CET | 49989 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:57.367933035 CET | 443 | 49989 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:57.368010044 CET | 49989 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:57.368211031 CET | 49989 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:57.368223906 CET | 443 | 49989 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:58.519695997 CET | 443 | 49989 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:58.519752979 CET | 49989 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:58.570728064 CET | 49989 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:58.570741892 CET | 443 | 49989 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:58.571805954 CET | 49989 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:58.571810961 CET | 443 | 49989 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:59.189704895 CET | 443 | 49989 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:59.189762115 CET | 49989 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:59.189871073 CET | 443 | 49989 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:59.189929962 CET | 49989 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:59.189938068 CET | 443 | 49989 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:59.189951897 CET | 443 | 49989 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:59.189991951 CET | 49989 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:59.215218067 CET | 49989 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:59.215233088 CET | 443 | 49989 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:59.215243101 CET | 49989 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:59.215289116 CET | 49989 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:59.243206978 CET | 50003 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:59.243282080 CET | 443 | 50003 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:34:59.243351936 CET | 50003 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:59.243696928 CET | 50003 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:34:59.243712902 CET | 443 | 50003 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:00.428299904 CET | 443 | 50003 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:00.428508997 CET | 50003 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:00.429086924 CET | 50003 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:00.429102898 CET | 443 | 50003 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:00.430507898 CET | 50003 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:00.430521965 CET | 443 | 50003 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:01.105782032 CET | 443 | 50003 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:01.105880976 CET | 50003 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:01.106066942 CET | 443 | 50003 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:01.106138945 CET | 50003 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:01.106157064 CET | 443 | 50003 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:01.106208086 CET | 50003 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:01.106303930 CET | 443 | 50003 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:01.106357098 CET | 50003 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:01.202944040 CET | 50003 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:01.202986002 CET | 443 | 50003 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:01.243645906 CET | 50004 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:01.243674994 CET | 443 | 50004 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:01.243746042 CET | 50004 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:01.244088888 CET | 50004 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:01.244107962 CET | 443 | 50004 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:02.397581100 CET | 443 | 50004 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:02.397660017 CET | 50004 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:02.398154974 CET | 50004 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:02.398160934 CET | 443 | 50004 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:02.399501085 CET | 50004 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:02.399507046 CET | 443 | 50004 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:03.061094046 CET | 443 | 50004 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:03.061172962 CET | 50004 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:03.064954996 CET | 443 | 50004 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:03.065011978 CET | 443 | 50004 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:03.065022945 CET | 50004 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:03.065061092 CET | 50004 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:03.086247921 CET | 50004 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:03.086266994 CET | 443 | 50004 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:03.086276054 CET | 50004 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:03.086316109 CET | 50004 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:03.149178982 CET | 50005 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:03.149209023 CET | 443 | 50005 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:03.149302006 CET | 50005 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:03.149591923 CET | 50005 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:03.149602890 CET | 443 | 50005 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:04.283535004 CET | 443 | 50005 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:04.283633947 CET | 50005 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:04.284271955 CET | 50005 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:04.284276962 CET | 443 | 50005 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:04.285734892 CET | 50005 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:04.285738945 CET | 443 | 50005 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:04.954072952 CET | 443 | 50005 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:04.954138041 CET | 50005 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:04.954716921 CET | 443 | 50005 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:04.954783916 CET | 50005 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:04.954787970 CET | 443 | 50005 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:04.954838037 CET | 50005 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:04.968674898 CET | 50005 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:04.968692064 CET | 443 | 50005 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:05.055573940 CET | 50006 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:05.055588007 CET | 443 | 50006 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:05.055706978 CET | 50006 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:05.055979967 CET | 50006 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:05.055995941 CET | 443 | 50006 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:06.243671894 CET | 443 | 50006 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:06.243736029 CET | 50006 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:06.255783081 CET | 50006 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:06.255789995 CET | 443 | 50006 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:06.263139009 CET | 50006 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:06.263144970 CET | 443 | 50006 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:06.909732103 CET | 443 | 50006 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:06.909810066 CET | 50006 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:06.909842014 CET | 443 | 50006 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:06.909917116 CET | 50006 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:06.909929037 CET | 443 | 50006 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:06.909945011 CET | 443 | 50006 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:06.909980059 CET | 50006 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:06.909995079 CET | 50006 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:06.920273066 CET | 50006 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:06.920293093 CET | 443 | 50006 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:06.945641041 CET | 50007 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:06.945681095 CET | 443 | 50007 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:06.945756912 CET | 50007 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:06.945918083 CET | 50007 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:06.945930004 CET | 443 | 50007 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:08.085235119 CET | 443 | 50007 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:08.085294962 CET | 50007 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:08.085714102 CET | 50007 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:08.085721970 CET | 443 | 50007 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:08.086981058 CET | 50007 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:08.086987019 CET | 443 | 50007 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:08.737339020 CET | 443 | 50007 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:08.737422943 CET | 50007 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:08.737441063 CET | 443 | 50007 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:08.737492085 CET | 443 | 50007 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:08.737500906 CET | 50007 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:08.737541914 CET | 50007 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:08.759104967 CET | 50007 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:08.759120941 CET | 443 | 50007 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:08.867680073 CET | 50008 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:08.867727995 CET | 443 | 50008 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:08.867815971 CET | 50008 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:08.868014097 CET | 50008 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:08.868026972 CET | 443 | 50008 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:09.896440983 CET | 443 | 50008 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:09.896562099 CET | 50008 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:09.897207975 CET | 50008 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:09.897217035 CET | 443 | 50008 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:09.898998976 CET | 50008 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:09.899003029 CET | 443 | 50008 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:10.420536041 CET | 443 | 50008 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:10.420619011 CET | 50008 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:10.428360939 CET | 443 | 50008 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:10.428409100 CET | 443 | 50008 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:10.428427935 CET | 50008 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:10.428472042 CET | 50008 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:10.429790020 CET | 50008 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:10.429797888 CET | 443 | 50008 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:10.508400917 CET | 50009 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:10.508425951 CET | 443 | 50009 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:10.508552074 CET | 50009 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:10.508754969 CET | 50009 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:10.508769989 CET | 443 | 50009 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:11.765228987 CET | 443 | 50009 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:11.765316963 CET | 50009 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:11.765903950 CET | 50009 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:11.765909910 CET | 443 | 50009 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:11.767276049 CET | 50009 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:11.767281055 CET | 443 | 50009 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:12.243602037 CET | 443 | 50009 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:12.243676901 CET | 50009 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:12.243886948 CET | 443 | 50009 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:12.243936062 CET | 443 | 50009 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:12.243949890 CET | 50009 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:12.244002104 CET | 50009 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:12.252968073 CET | 50009 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:12.252980947 CET | 443 | 50009 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:12.289807081 CET | 50010 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:12.289828062 CET | 443 | 50010 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:12.289910078 CET | 50010 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:12.290220022 CET | 50010 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:12.290229082 CET | 443 | 50010 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:13.334799051 CET | 443 | 50010 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:13.334887028 CET | 50010 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:13.335493088 CET | 50010 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:13.335501909 CET | 443 | 50010 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:13.336927891 CET | 50010 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:13.336934090 CET | 443 | 50010 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:13.863046885 CET | 443 | 50010 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:13.863122940 CET | 50010 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:13.868494987 CET | 443 | 50010 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:13.868550062 CET | 443 | 50010 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:13.868562937 CET | 50010 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:13.868607998 CET | 50010 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:13.872788906 CET | 50010 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:13.872797966 CET | 443 | 50010 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:13.914607048 CET | 50011 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:13.914634943 CET | 443 | 50011 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:13.914710045 CET | 50011 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:13.914901972 CET | 50011 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:13.914915085 CET | 443 | 50011 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:15.081415892 CET | 443 | 50011 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:15.081504107 CET | 50011 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:15.081934929 CET | 50011 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:15.081943989 CET | 443 | 50011 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:15.095062971 CET | 50011 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:15.095069885 CET | 443 | 50011 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:15.776562929 CET | 443 | 50011 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:15.776631117 CET | 443 | 50011 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:15.776650906 CET | 50011 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:15.776695013 CET | 443 | 50011 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:15.776710987 CET | 443 | 50011 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:15.776715040 CET | 50011 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:15.776738882 CET | 50011 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:15.776777029 CET | 50011 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:15.796310902 CET | 50011 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:15.796336889 CET | 443 | 50011 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:15.852035999 CET | 50012 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:15.852088928 CET | 443 | 50012 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:15.852184057 CET | 50012 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:15.852418900 CET | 50012 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:15.852433920 CET | 443 | 50012 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:17.043948889 CET | 443 | 50012 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:17.044023037 CET | 50012 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:17.044682980 CET | 50012 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:17.044689894 CET | 443 | 50012 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:17.046475887 CET | 50012 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:17.046480894 CET | 443 | 50012 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:17.712472916 CET | 443 | 50012 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:17.712603092 CET | 50012 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:17.712691069 CET | 443 | 50012 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:17.712743998 CET | 443 | 50012 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:17.712755919 CET | 50012 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:17.712807894 CET | 50012 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:17.908943892 CET | 50012 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:17.908953905 CET | 443 | 50012 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:17.992986917 CET | 50013 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:17.993062973 CET | 443 | 50013 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:17.993159056 CET | 50013 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:17.993374109 CET | 50013 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:17.993407965 CET | 443 | 50013 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:19.139528990 CET | 443 | 50013 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:19.139602900 CET | 50013 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:19.140453100 CET | 50013 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:19.140470028 CET | 443 | 50013 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:19.141843081 CET | 50013 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:19.141855001 CET | 443 | 50013 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:19.806759119 CET | 443 | 50013 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:19.806834936 CET | 50013 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:20.574964046 CET | 443 | 50013 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:20.575033903 CET | 443 | 50013 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:20.575042963 CET | 50013 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:20.575098038 CET | 50013 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:20.645505905 CET | 50013 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:20.645534992 CET | 443 | 50013 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:20.713356018 CET | 50014 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:20.713390112 CET | 443 | 50014 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:20.713464022 CET | 50014 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:20.713788986 CET | 50014 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:20.713805914 CET | 443 | 50014 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:21.913712025 CET | 443 | 50014 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:21.913779974 CET | 50014 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:21.914200068 CET | 50014 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:21.914205074 CET | 443 | 50014 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:21.915343046 CET | 50014 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:21.915348053 CET | 443 | 50014 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:22.587479115 CET | 443 | 50014 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:22.587549925 CET | 50014 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:22.600922108 CET | 443 | 50014 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:22.600977898 CET | 443 | 50014 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:22.600995064 CET | 50014 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:22.601035118 CET | 50014 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:22.619873047 CET | 50014 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:22.619879961 CET | 443 | 50014 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:22.619889021 CET | 50014 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:22.619925976 CET | 50014 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:22.741040945 CET | 50015 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:22.741122007 CET | 443 | 50015 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:22.741205931 CET | 50015 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:22.741496086 CET | 50015 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:22.741524935 CET | 443 | 50015 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:23.901540041 CET | 443 | 50015 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:23.901674986 CET | 50015 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:23.902111053 CET | 50015 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:23.902137995 CET | 443 | 50015 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:23.903435946 CET | 50015 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:23.903450966 CET | 443 | 50015 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:24.575118065 CET | 443 | 50015 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:24.575218916 CET | 443 | 50015 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:24.575238943 CET | 50015 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:24.575277090 CET | 443 | 50015 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:24.575293064 CET | 50015 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:24.575352907 CET | 50015 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:24.580409050 CET | 50015 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:24.580451012 CET | 443 | 50015 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:24.664664030 CET | 50016 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:24.664697886 CET | 443 | 50016 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:24.664879084 CET | 50016 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:24.665061951 CET | 50016 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:24.665071011 CET | 443 | 50016 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:25.816140890 CET | 443 | 50016 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:25.816225052 CET | 50016 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:25.816833019 CET | 50016 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:25.816838026 CET | 443 | 50016 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:25.818185091 CET | 50016 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:25.818188906 CET | 443 | 50016 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:26.483419895 CET | 443 | 50016 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:26.483536959 CET | 50016 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:26.490211010 CET | 443 | 50016 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:26.490259886 CET | 443 | 50016 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:26.490314007 CET | 50016 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:26.490358114 CET | 50016 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:26.536468983 CET | 50016 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:26.536482096 CET | 443 | 50016 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:26.571362019 CET | 50017 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:26.571398020 CET | 443 | 50017 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:26.571489096 CET | 50017 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:26.571739912 CET | 50017 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:26.571754932 CET | 443 | 50017 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:27.731370926 CET | 443 | 50017 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:27.731440067 CET | 50017 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:27.731969118 CET | 50017 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:27.731975079 CET | 443 | 50017 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:27.733249903 CET | 50017 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:27.733254910 CET | 443 | 50017 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:28.391464949 CET | 443 | 50017 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:28.391597986 CET | 443 | 50017 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:28.391623020 CET | 50017 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:28.391634941 CET | 443 | 50017 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:28.391648054 CET | 443 | 50017 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:28.391654968 CET | 50017 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:28.391706944 CET | 50017 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:28.411958933 CET | 50017 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:28.411981106 CET | 443 | 50017 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:28.445949078 CET | 50018 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:28.445974112 CET | 443 | 50018 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:28.446080923 CET | 50018 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:28.446345091 CET | 50018 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:28.446356058 CET | 443 | 50018 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:29.605679035 CET | 443 | 50018 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:29.605767965 CET | 50018 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:29.606137037 CET | 50018 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:29.606141090 CET | 443 | 50018 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:29.607198000 CET | 50018 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:29.607202053 CET | 443 | 50018 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:30.273855925 CET | 443 | 50018 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:30.273926973 CET | 50018 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:30.280519009 CET | 443 | 50018 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:30.280584097 CET | 50018 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:30.280594110 CET | 443 | 50018 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:30.280610085 CET | 443 | 50018 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:30.280641079 CET | 50018 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:30.280670881 CET | 50018 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:30.284837008 CET | 50018 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:30.284852028 CET | 443 | 50018 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:30.337244987 CET | 50019 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:30.337294102 CET | 443 | 50019 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:30.337357044 CET | 50019 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:30.337783098 CET | 50019 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:30.337804079 CET | 443 | 50019 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:31.485814095 CET | 443 | 50019 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:31.486284971 CET | 50019 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:31.486675024 CET | 50019 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:31.486680031 CET | 443 | 50019 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:31.487735033 CET | 50019 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:31.487740040 CET | 443 | 50019 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:33.002523899 CET | 443 | 50019 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:33.002574921 CET | 443 | 50019 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:33.002618074 CET | 50019 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:33.002640009 CET | 443 | 50019 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:33.002654076 CET | 50019 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:33.002654076 CET | 443 | 50019 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:33.002703905 CET | 50019 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:33.012878895 CET | 50019 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:33.012897968 CET | 443 | 50019 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:33.040746927 CET | 50020 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:33.040795088 CET | 443 | 50020 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:33.040888071 CET | 50020 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:33.041687012 CET | 50020 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:33.041703939 CET | 443 | 50020 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:34.183557034 CET | 443 | 50020 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:34.183638096 CET | 50020 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:34.184139967 CET | 50020 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:34.184145927 CET | 443 | 50020 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:34.185559988 CET | 50020 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:34.185570955 CET | 443 | 50020 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:34.851486921 CET | 443 | 50020 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:34.851589918 CET | 443 | 50020 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:34.851633072 CET | 443 | 50020 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:34.851685047 CET | 50020 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:34.851685047 CET | 50020 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:34.851708889 CET | 50020 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:34.861790895 CET | 50020 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:34.861799955 CET | 443 | 50020 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:34.930428982 CET | 50021 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:34.930454969 CET | 443 | 50021 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:34.930543900 CET | 50021 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:34.930860043 CET | 50021 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:34.930871010 CET | 443 | 50021 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:36.097659111 CET | 443 | 50021 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:36.097842932 CET | 50021 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:36.098366022 CET | 50021 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:36.098372936 CET | 443 | 50021 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:36.099752903 CET | 50021 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:36.099757910 CET | 443 | 50021 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:36.795285940 CET | 443 | 50021 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:36.798371077 CET | 50021 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:36.800043106 CET | 443 | 50021 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:36.800088882 CET | 443 | 50021 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:36.800226927 CET | 50021 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:36.865442038 CET | 50021 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:36.865456104 CET | 443 | 50021 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:36.930408001 CET | 50022 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:36.930459023 CET | 443 | 50022 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:36.930543900 CET | 50022 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:36.930794001 CET | 50022 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:36.930810928 CET | 443 | 50022 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:38.162782907 CET | 443 | 50022 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:38.162853956 CET | 50022 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:38.163249969 CET | 50022 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:38.163260937 CET | 443 | 50022 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:38.164524078 CET | 50022 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:38.164530039 CET | 443 | 50022 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:38.814920902 CET | 443 | 50022 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:38.815088034 CET | 50022 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:38.815112114 CET | 443 | 50022 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:38.815165043 CET | 443 | 50022 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:38.815176010 CET | 50022 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:38.815228939 CET | 50022 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:38.824234962 CET | 50022 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:38.824249029 CET | 443 | 50022 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:38.899029016 CET | 50023 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:38.899060965 CET | 443 | 50023 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:38.899128914 CET | 50023 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:38.899332047 CET | 50023 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:38.899346113 CET | 443 | 50023 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:39.937705994 CET | 443 | 50023 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:39.937788963 CET | 50023 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:39.938288927 CET | 50023 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:39.938302994 CET | 443 | 50023 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:39.939491987 CET | 50023 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:39.939496040 CET | 443 | 50023 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:40.639097929 CET | 443 | 50023 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:40.639153004 CET | 443 | 50023 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:40.639164925 CET | 50023 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:40.639190912 CET | 443 | 50023 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:40.639204979 CET | 50023 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:40.639220953 CET | 443 | 50023 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:40.639236927 CET | 50023 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:40.639265060 CET | 50023 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:40.656706095 CET | 50023 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:40.656722069 CET | 443 | 50023 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:40.695739031 CET | 50024 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:40.695780993 CET | 443 | 50024 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:40.695859909 CET | 50024 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:40.696021080 CET | 50024 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:40.696037054 CET | 443 | 50024 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:41.839670897 CET | 443 | 50024 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:41.839749098 CET | 50024 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:41.840224981 CET | 50024 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:41.840236902 CET | 443 | 50024 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:41.841593027 CET | 50024 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:41.841598034 CET | 443 | 50024 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:42.555840015 CET | 443 | 50024 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:42.555924892 CET | 443 | 50024 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:42.555928946 CET | 50024 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:42.555963039 CET | 443 | 50024 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:42.555982113 CET | 443 | 50024 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:42.555985928 CET | 50024 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:42.556029081 CET | 50024 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:42.575678110 CET | 50024 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:42.575695038 CET | 443 | 50024 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:42.633533955 CET | 50025 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:42.633567095 CET | 443 | 50025 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:42.633668900 CET | 50025 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:42.633898020 CET | 50025 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:42.633913040 CET | 443 | 50025 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:43.792480946 CET | 443 | 50025 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:43.792568922 CET | 50025 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:43.793153048 CET | 50025 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:43.793164015 CET | 443 | 50025 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:43.794435024 CET | 50025 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:43.794440985 CET | 443 | 50025 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:44.443327904 CET | 443 | 50025 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:44.443376064 CET | 443 | 50025 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:44.443413019 CET | 50025 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:44.443419933 CET | 443 | 50025 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:44.443455935 CET | 50025 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:44.443512917 CET | 50025 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:44.453438997 CET | 50025 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:44.453460932 CET | 443 | 50025 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:44.461564064 CET | 50026 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:44.461591959 CET | 443 | 50026 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:44.461684942 CET | 50026 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:44.461905003 CET | 50026 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:44.461916924 CET | 443 | 50026 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:45.480551004 CET | 443 | 50026 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:45.480638027 CET | 50026 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:45.481059074 CET | 50026 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:45.481072903 CET | 443 | 50026 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:45.482244968 CET | 50026 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:45.482264996 CET | 443 | 50026 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:46.148955107 CET | 443 | 50026 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:46.149019957 CET | 443 | 50026 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:46.149029016 CET | 50026 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:46.149054050 CET | 443 | 50026 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:46.149069071 CET | 50026 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:46.149090052 CET | 443 | 50026 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:46.149113894 CET | 50026 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:46.149139881 CET | 50026 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:46.158411980 CET | 50026 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:46.158427000 CET | 443 | 50026 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:46.242551088 CET | 50027 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:46.242593050 CET | 443 | 50027 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:46.242674112 CET | 50027 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:46.242839098 CET | 50027 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:46.242851973 CET | 443 | 50027 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:47.399558067 CET | 443 | 50027 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:47.399652958 CET | 50027 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:47.400067091 CET | 50027 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:47.400074959 CET | 443 | 50027 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:47.401076078 CET | 50027 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:47.401081085 CET | 443 | 50027 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:48.093205929 CET | 443 | 50027 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:48.093290091 CET | 443 | 50027 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:48.093291044 CET | 50027 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:48.093310118 CET | 443 | 50027 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:48.093342066 CET | 50027 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:48.093372107 CET | 443 | 50027 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:48.093374014 CET | 50027 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:48.093417883 CET | 50027 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:48.124403954 CET | 50027 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:48.124418974 CET | 443 | 50027 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:48.227309942 CET | 50028 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:48.227360964 CET | 443 | 50028 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:48.227436066 CET | 50028 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:48.227785110 CET | 50028 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:48.227797985 CET | 443 | 50028 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:49.391721010 CET | 443 | 50028 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:49.391791105 CET | 50028 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:49.392328978 CET | 50028 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:49.392334938 CET | 443 | 50028 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:49.393657923 CET | 50028 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:49.393663883 CET | 443 | 50028 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:50.042937040 CET | 443 | 50028 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:50.043051004 CET | 50028 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:50.047435045 CET | 443 | 50028 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:50.047483921 CET | 443 | 50028 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:50.047513962 CET | 50028 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:50.047564030 CET | 50028 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:50.117259026 CET | 50028 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:50.117286921 CET | 443 | 50028 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:50.159670115 CET | 50029 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:50.159763098 CET | 443 | 50029 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:50.159890890 CET | 50029 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:50.160157919 CET | 50029 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:50.160188913 CET | 443 | 50029 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:51.318062067 CET | 443 | 50029 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:51.318408966 CET | 50029 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:51.318892956 CET | 50029 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:51.318917990 CET | 443 | 50029 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:51.320393085 CET | 50029 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:51.320405960 CET | 443 | 50029 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:51.989379883 CET | 443 | 50029 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:51.989523888 CET | 50029 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:51.989919901 CET | 443 | 50029 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:51.989972115 CET | 443 | 50029 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:51.990019083 CET | 50029 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:51.990053892 CET | 50029 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:52.002506018 CET | 50029 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:52.002542019 CET | 443 | 50029 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:52.024219990 CET | 50030 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:52.024276972 CET | 443 | 50030 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:52.024358034 CET | 50030 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:52.024660110 CET | 50030 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:52.024676085 CET | 443 | 50030 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:53.183569908 CET | 443 | 50030 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:53.183655024 CET | 50030 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:53.184107065 CET | 50030 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:53.184119940 CET | 443 | 50030 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:53.185169935 CET | 50030 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:53.185175896 CET | 443 | 50030 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:53.848239899 CET | 443 | 50030 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:53.848474979 CET | 50030 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:53.851037979 CET | 443 | 50030 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:53.851104975 CET | 443 | 50030 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:53.851212025 CET | 50030 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:53.873604059 CET | 50030 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:53.873616934 CET | 443 | 50030 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:53.930244923 CET | 50031 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:53.930346012 CET | 443 | 50031 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:53.930439949 CET | 50031 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:53.930624962 CET | 50031 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:53.930660009 CET | 443 | 50031 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:55.109692097 CET | 443 | 50031 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:55.109772921 CET | 50031 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:55.110213041 CET | 50031 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:55.110236883 CET | 443 | 50031 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:55.111417055 CET | 50031 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:55.111430883 CET | 443 | 50031 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:55.773520947 CET | 443 | 50031 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:55.773578882 CET | 443 | 50031 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:55.773642063 CET | 50031 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:55.773642063 CET | 50031 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:55.773653030 CET | 443 | 50031 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:55.773698092 CET | 50031 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:55.785859108 CET | 50031 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:55.785901070 CET | 443 | 50031 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:55.852111101 CET | 50032 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:55.852159977 CET | 443 | 50032 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:55.852233887 CET | 50032 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:55.852494955 CET | 50032 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:55.852509975 CET | 443 | 50032 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:57.023479939 CET | 443 | 50032 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:57.023569107 CET | 50032 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:57.024249077 CET | 50032 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:57.024260044 CET | 443 | 50032 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:57.025952101 CET | 50032 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:57.025957108 CET | 443 | 50032 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:57.685329914 CET | 443 | 50032 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:57.685410976 CET | 50032 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:57.685452938 CET | 443 | 50032 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:57.685499907 CET | 443 | 50032 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:57.685519934 CET | 50032 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:57.685563087 CET | 50032 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:57.704967976 CET | 50032 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:57.704997063 CET | 443 | 50032 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:57.790302992 CET | 50033 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:57.790342093 CET | 443 | 50033 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:57.790462971 CET | 50033 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:57.790823936 CET | 50033 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:57.790834904 CET | 443 | 50033 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:58.954056025 CET | 443 | 50033 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:58.954272032 CET | 50033 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:58.954813957 CET | 50033 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:58.954822063 CET | 443 | 50033 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:58.956211090 CET | 50033 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:58.956217051 CET | 443 | 50033 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:59.670152903 CET | 443 | 50033 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:59.670226097 CET | 50033 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:59.670311928 CET | 443 | 50033 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:59.670361042 CET | 443 | 50033 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:59.670387983 CET | 50033 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:59.670434952 CET | 50033 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:59.675111055 CET | 50033 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:59.675127029 CET | 443 | 50033 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:59.729410887 CET | 50034 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:59.729463100 CET | 443 | 50034 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:35:59.729553938 CET | 50034 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:59.729788065 CET | 50034 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:35:59.729803085 CET | 443 | 50034 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:36:00.903534889 CET | 443 | 50034 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:36:00.904155970 CET | 50034 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:36:00.904819965 CET | 50034 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:36:00.904831886 CET | 443 | 50034 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:36:00.906459093 CET | 50034 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:36:00.906465054 CET | 443 | 50034 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:36:01.621907949 CET | 443 | 50034 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:36:01.621962070 CET | 50034 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:36:01.621987104 CET | 443 | 50034 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:36:01.622041941 CET | 50034 | 443 | 192.168.2.5 | 45.116.78.127 |
| Jan 2, 2025 10:36:01.622041941 CET | 443 | 50034 | 45.116.78.127 | 192.168.2.5 |
| Jan 2, 2025 10:36:01.622081041 CET | 50034 | 443 | 192.168.2.5 | 45.116.78.127 |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 0 | 192.168.2.5 | 49704 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:00 UTC | 511 | OUT | |
| 2025-01-02 09:34:01 UTC | 267 | IN | |
| 2025-01-02 09:34:01 UTC | 5671 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 1 | 192.168.2.5 | 49705 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:09 UTC | 511 | OUT | |
| 2025-01-02 09:34:10 UTC | 267 | IN | |
| 2025-01-02 09:34:10 UTC | 5692 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 2 | 192.168.2.5 | 49706 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:11 UTC | 511 | OUT | |
| 2025-01-02 09:34:12 UTC | 267 | IN | |
| 2025-01-02 09:34:12 UTC | 5607 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 3 | 192.168.2.5 | 49707 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:13 UTC | 511 | OUT | |
| 2025-01-02 09:34:14 UTC | 267 | IN | |
| 2025-01-02 09:34:14 UTC | 5671 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 4 | 192.168.2.5 | 49708 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:15 UTC | 511 | OUT | |
| 2025-01-02 09:34:16 UTC | 267 | IN | |
| 2025-01-02 09:34:16 UTC | 5607 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 5 | 192.168.2.5 | 49714 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:17 UTC | 511 | OUT | |
| 2025-01-02 09:34:18 UTC | 267 | IN | |
| 2025-01-02 09:34:18 UTC | 5671 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 6 | 192.168.2.5 | 49717 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:19 UTC | 511 | OUT | |
| 2025-01-02 09:34:20 UTC | 267 | IN | |
| 2025-01-02 09:34:20 UTC | 5607 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 7 | 192.168.2.5 | 49728 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:21 UTC | 511 | OUT | |
| 2025-01-02 09:34:22 UTC | 267 | IN | |
| 2025-01-02 09:34:22 UTC | 5649 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 8 | 192.168.2.5 | 49739 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:23 UTC | 511 | OUT | |
| 2025-01-02 09:34:24 UTC | 267 | IN | |
| 2025-01-02 09:34:24 UTC | 5628 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 9 | 192.168.2.5 | 49755 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:25 UTC | 511 | OUT | |
| 2025-01-02 09:34:26 UTC | 267 | IN | |
| 2025-01-02 09:34:26 UTC | 5628 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 10 | 192.168.2.5 | 49766 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:27 UTC | 511 | OUT | |
| 2025-01-02 09:34:27 UTC | 267 | IN | |
| 2025-01-02 09:34:27 UTC | 5649 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 11 | 192.168.2.5 | 49782 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:29 UTC | 511 | OUT | |
| 2025-01-02 09:34:29 UTC | 267 | IN | |
| 2025-01-02 09:34:29 UTC | 5692 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 12 | 192.168.2.5 | 49794 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:31 UTC | 511 | OUT | |
| 2025-01-02 09:34:31 UTC | 267 | IN | |
| 2025-01-02 09:34:31 UTC | 5649 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 13 | 192.168.2.5 | 49809 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:32 UTC | 511 | OUT | |
| 2025-01-02 09:34:33 UTC | 267 | IN | |
| 2025-01-02 09:34:33 UTC | 5671 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 14 | 192.168.2.5 | 49822 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:34 UTC | 511 | OUT | |
| 2025-01-02 09:34:35 UTC | 267 | IN | |
| 2025-01-02 09:34:35 UTC | 5692 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 15 | 192.168.2.5 | 49836 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:36 UTC | 511 | OUT | |
| 2025-01-02 09:34:37 UTC | 267 | IN | |
| 2025-01-02 09:34:37 UTC | 5649 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 16 | 192.168.2.5 | 49849 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:38 UTC | 511 | OUT | |
| 2025-01-02 09:34:39 UTC | 267 | IN | |
| 2025-01-02 09:34:39 UTC | 5649 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 17 | 192.168.2.5 | 49863 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:40 UTC | 511 | OUT | |
| 2025-01-02 09:34:41 UTC | 267 | IN | |
| 2025-01-02 09:34:41 UTC | 5671 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 18 | 192.168.2.5 | 49878 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:42 UTC | 511 | OUT | |
| 2025-01-02 09:34:43 UTC | 267 | IN | |
| 2025-01-02 09:34:43 UTC | 5628 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 19 | 192.168.2.5 | 49890 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:44 UTC | 511 | OUT | |
| 2025-01-02 09:34:45 UTC | 267 | IN | |
| 2025-01-02 09:34:45 UTC | 5649 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 20 | 192.168.2.5 | 49906 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:46 UTC | 511 | OUT | |
| 2025-01-02 09:34:47 UTC | 267 | IN | |
| 2025-01-02 09:34:47 UTC | 5607 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 21 | 192.168.2.5 | 49918 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:48 UTC | 511 | OUT | |
| 2025-01-02 09:34:48 UTC | 267 | IN | |
| 2025-01-02 09:34:48 UTC | 5671 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 22 | 192.168.2.5 | 49933 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:50 UTC | 511 | OUT | |
| 2025-01-02 09:34:50 UTC | 267 | IN | |
| 2025-01-02 09:34:50 UTC | 5628 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 23 | 192.168.2.5 | 49945 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:52 UTC | 511 | OUT | |
| 2025-01-02 09:34:53 UTC | 267 | IN | |
| 2025-01-02 09:34:53 UTC | 5628 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 24 | 192.168.2.5 | 49962 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:54 UTC | 511 | OUT | |
| 2025-01-02 09:34:55 UTC | 267 | IN | |
| 2025-01-02 09:34:55 UTC | 5671 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 25 | 192.168.2.5 | 49978 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:56 UTC | 511 | OUT | |
| 2025-01-02 09:34:57 UTC | 267 | IN | |
| 2025-01-02 09:34:57 UTC | 5649 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 26 | 192.168.2.5 | 49989 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:34:58 UTC | 511 | OUT | |
| 2025-01-02 09:34:59 UTC | 267 | IN | |
| 2025-01-02 09:34:59 UTC | 5628 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 27 | 192.168.2.5 | 50003 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:00 UTC | 511 | OUT | |
| 2025-01-02 09:35:01 UTC | 267 | IN | |
| 2025-01-02 09:35:01 UTC | 5628 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 28 | 192.168.2.5 | 50004 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:02 UTC | 511 | OUT | |
| 2025-01-02 09:35:03 UTC | 267 | IN | |
| 2025-01-02 09:35:03 UTC | 5671 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 29 | 192.168.2.5 | 50005 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:04 UTC | 511 | OUT | |
| 2025-01-02 09:35:04 UTC | 267 | IN | |
| 2025-01-02 09:35:04 UTC | 5692 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 30 | 192.168.2.5 | 50006 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:06 UTC | 511 | OUT | |
| 2025-01-02 09:35:06 UTC | 267 | IN | |
| 2025-01-02 09:35:06 UTC | 5649 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 31 | 192.168.2.5 | 50007 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:08 UTC | 511 | OUT | |
| 2025-01-02 09:35:08 UTC | 267 | IN | |
| 2025-01-02 09:35:08 UTC | 5628 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 32 | 192.168.2.5 | 50008 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:09 UTC | 511 | OUT | |
| 2025-01-02 09:35:10 UTC | 267 | IN | |
| 2025-01-02 09:35:10 UTC | 5649 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 33 | 192.168.2.5 | 50009 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:11 UTC | 511 | OUT | |
| 2025-01-02 09:35:12 UTC | 267 | IN | |
| 2025-01-02 09:35:12 UTC | 5692 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 34 | 192.168.2.5 | 50010 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:13 UTC | 511 | OUT | |
| 2025-01-02 09:35:13 UTC | 267 | IN | |
| 2025-01-02 09:35:13 UTC | 5692 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 35 | 192.168.2.5 | 50011 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:15 UTC | 511 | OUT | |
| 2025-01-02 09:35:15 UTC | 267 | IN | |
| 2025-01-02 09:35:15 UTC | 5607 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 36 | 192.168.2.5 | 50012 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:17 UTC | 511 | OUT | |
| 2025-01-02 09:35:17 UTC | 267 | IN | |
| 2025-01-02 09:35:17 UTC | 5671 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 37 | 192.168.2.5 | 50013 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:19 UTC | 511 | OUT | |
| 2025-01-02 09:35:19 UTC | 267 | IN | |
| 2025-01-02 09:35:20 UTC | 5607 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 38 | 192.168.2.5 | 50014 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:21 UTC | 511 | OUT | |
| 2025-01-02 09:35:22 UTC | 267 | IN | |
| 2025-01-02 09:35:22 UTC | 5607 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 39 | 192.168.2.5 | 50015 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:23 UTC | 511 | OUT | |
| 2025-01-02 09:35:24 UTC | 267 | IN | |
| 2025-01-02 09:35:24 UTC | 5607 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 40 | 192.168.2.5 | 50016 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:25 UTC | 511 | OUT | |
| 2025-01-02 09:35:26 UTC | 267 | IN | |
| 2025-01-02 09:35:26 UTC | 5607 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 41 | 192.168.2.5 | 50017 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:27 UTC | 511 | OUT | |
| 2025-01-02 09:35:28 UTC | 267 | IN | |
| 2025-01-02 09:35:28 UTC | 5713 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 42 | 192.168.2.5 | 50018 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:29 UTC | 511 | OUT | |
| 2025-01-02 09:35:30 UTC | 267 | IN | |
| 2025-01-02 09:35:30 UTC | 5607 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 43 | 192.168.2.5 | 50019 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:31 UTC | 511 | OUT | |
| 2025-01-02 09:35:32 UTC | 267 | IN | |
| 2025-01-02 09:35:32 UTC | 5692 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 44 | 192.168.2.5 | 50020 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:34 UTC | 511 | OUT | |
| 2025-01-02 09:35:34 UTC | 267 | IN | |
| 2025-01-02 09:35:34 UTC | 5692 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 45 | 192.168.2.5 | 50021 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:36 UTC | 511 | OUT | |
| 2025-01-02 09:35:36 UTC | 267 | IN | |
| 2025-01-02 09:35:36 UTC | 5713 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 46 | 192.168.2.5 | 50022 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:38 UTC | 511 | OUT | |
| 2025-01-02 09:35:38 UTC | 267 | IN | |
| 2025-01-02 09:35:38 UTC | 5692 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 47 | 192.168.2.5 | 50023 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:39 UTC | 511 | OUT | |
| 2025-01-02 09:35:40 UTC | 267 | IN | |
| 2025-01-02 09:35:40 UTC | 5649 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 48 | 192.168.2.5 | 50024 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:41 UTC | 511 | OUT | |
| 2025-01-02 09:35:42 UTC | 267 | IN | |
| 2025-01-02 09:35:42 UTC | 5649 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 49 | 192.168.2.5 | 50025 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:43 UTC | 511 | OUT | |
| 2025-01-02 09:35:44 UTC | 267 | IN | |
| 2025-01-02 09:35:44 UTC | 5671 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 50 | 192.168.2.5 | 50026 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:45 UTC | 511 | OUT | |
| 2025-01-02 09:35:46 UTC | 267 | IN | |
| 2025-01-02 09:35:46 UTC | 5692 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 51 | 192.168.2.5 | 50027 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:47 UTC | 511 | OUT | |
| 2025-01-02 09:35:48 UTC | 267 | IN | |
| 2025-01-02 09:35:48 UTC | 5649 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 52 | 192.168.2.5 | 50028 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:49 UTC | 511 | OUT | |
| 2025-01-02 09:35:50 UTC | 267 | IN | |
| 2025-01-02 09:35:50 UTC | 5692 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 53 | 192.168.2.5 | 50029 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:51 UTC | 511 | OUT | |
| 2025-01-02 09:35:51 UTC | 267 | IN | |
| 2025-01-02 09:35:51 UTC | 5692 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 54 | 192.168.2.5 | 50030 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:53 UTC | 511 | OUT | |
| 2025-01-02 09:35:53 UTC | 267 | IN | |
| 2025-01-02 09:35:53 UTC | 5628 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 55 | 192.168.2.5 | 50031 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:55 UTC | 511 | OUT | |
| 2025-01-02 09:35:55 UTC | 267 | IN | |
| 2025-01-02 09:35:55 UTC | 5649 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 56 | 192.168.2.5 | 50032 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:57 UTC | 511 | OUT | |
| 2025-01-02 09:35:57 UTC | 267 | IN | |
| 2025-01-02 09:35:57 UTC | 5692 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 57 | 192.168.2.5 | 50033 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:35:58 UTC | 511 | OUT | |
| 2025-01-02 09:35:59 UTC | 267 | IN | |
| 2025-01-02 09:35:59 UTC | 5607 | IN |
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 58 | 192.168.2.5 | 50034 | 45.116.78.127 | 443 | 5540 | C:\Users\user\Desktop\1.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2025-01-02 09:36:00 UTC | 511 | OUT | |
| 2025-01-02 09:36:01 UTC | 267 | IN | |
| 2025-01-02 09:36:01 UTC | 5649 | IN |
| Target ID: | 0 |
| Start time: | 04:33:55 |
| Start date: | 02/01/2025 |
| Path: | C:\Users\user\Desktop\1.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff7ad040000 |
| File size: | 526'848 bytes |
| MD5 hash: | 9AFAD044F9FF1201826FB08E602D3E1D |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Yara matches: |
|
| Reputation: | low |
| Has exited: | false |
Execution Graph
| Execution Coverage: | 2.5% |
| Dynamic/Decrypted Code Coverage: | 79.1% |
| Signature Coverage: | 9.7% |
| Total number of Nodes: | 632 |
| Total number of Limit Nodes: | 30 |
Graph
Function 00007FF7AD0414D8 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 77memorylibrarynativeCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7AD041180 Relevance: 10.6, APIs: 7, Instructions: 138sleepstringCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000002B66A0C2FA8 Relevance: 4.7, APIs: 3, Instructions: 190stringCOMMONLIBRARYCODE
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0BFC3E Relevance: .2, Instructions: 211COMMON
Download Yara Rule
Control-flow Graph
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 00007FF7AD0417A0 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 53filesleepCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000002B66A0BCCD4 Relevance: 7.7, APIs: 5, Instructions: 239networkCOMMONLIBRARYCODE
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0BD570 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 103networkCOMMONLIBRARYCODE
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7AD0416BC Relevance: 6.1, APIs: 4, Instructions: 57memorythreadCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7AD0418F9 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 34COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000002B66A0BD054 Relevance: 3.2, APIs: 2, Instructions: 157networkCOMMONLIBRARYCODE
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7AD0480D0 Relevance: 3.0, APIs: 2, Instructions: 13synchronizationCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000002B66A0C5FA4 Relevance: 1.3, APIs: 1, Instructions: 61COMMONLIBRARYCODE
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0CD384 Relevance: 32.5, APIs: 16, Strings: 2, Instructions: 1030COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0CC888 Relevance: 30.8, APIs: 16, Strings: 1, Instructions: 1022COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0C4820 Relevance: 13.3, APIs: 10, Instructions: 790COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 00007FF7AD045370 Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 1385COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000002B66A0CA708 Relevance: 1.8, APIs: 1, Instructions: 304COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0D80B0 Relevance: .8, Instructions: 783COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0D7740 Relevance: .8, Instructions: 761COMMON
Download Yara Rule
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 00007FF7AD099320 Relevance: .0, Instructions: 18COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7AD047FFA Relevance: .0, Instructions: 6COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000002B66A0D117C Relevance: 16.6, APIs: 11, Instructions: 108COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0D1F68 Relevance: 15.1, APIs: 10, Instructions: 93COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0D1DF0 Relevance: 15.1, APIs: 10, Instructions: 89COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0D0794 Relevance: 13.6, APIs: 9, Instructions: 89COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0CFFB8 Relevance: 13.6, APIs: 9, Instructions: 71COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0CA4CC Relevance: 12.6, APIs: 10, Instructions: 116COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 00007FF7AD041D20 Relevance: 12.4, APIs: 3, Strings: 4, Instructions: 138COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000002B66A0B360C Relevance: 11.6, APIs: 9, Instructions: 305COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0CA370 Relevance: 10.6, APIs: 7, Instructions: 107COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0D4AA8 Relevance: 10.6, APIs: 7, Instructions: 78COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0CB070 Relevance: 9.3, APIs: 6, Instructions: 257COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0B3170 Relevance: 8.9, APIs: 7, Instructions: 181COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0BBA74 Relevance: 7.8, APIs: 6, Instructions: 337COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0B44F0 Relevance: 7.7, APIs: 6, Instructions: 175COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0CC654 Relevance: 7.6, APIs: 5, Instructions: 149COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0D4958 Relevance: 7.5, APIs: 5, Instructions: 41COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 00007FF7AD041F00 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 231memoryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000002B66A0C9698 Relevance: 6.3, APIs: 5, Instructions: 76COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000002B66A0CAB8C Relevance: 6.2, APIs: 4, Instructions: 194COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0B00D0 Relevance: 6.1, APIs: 4, Instructions: 90COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0D9A98 Relevance: 6.1, APIs: 4, Instructions: 84stringCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000002B66A0C83D0 Relevance: 5.4, APIs: 4, Instructions: 378COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0C9DC0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 69COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 00007FF7AD041C10 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 38COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7AD041CB0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 25COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7AD041CD0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 25COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7AD041CC0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 25COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7AD041CF0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 25COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7AD041CE0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 25COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7AD041C48 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 24COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 000002B66A0C7898 Relevance: 5.2, APIs: 4, Instructions: 226COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0BD208 Relevance: 5.2, APIs: 4, Instructions: 200COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|
Function 000002B66A0B3300 Relevance: 5.2, APIs: 4, Instructions: 179COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
| Joe Sandbox IDA Plugin |
|
| Yara matches |
| Similarity |
|