Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
ub8ehJSePAfc9FYqZIT6.mpsl.elf

Overview

General Information

Sample name:ub8ehJSePAfc9FYqZIT6.mpsl.elf
Analysis ID:1583851
MD5:3b8497fe3fa99368bf45cd732f3571e0
SHA1:5be119c3d8c5eba13b4b2991895194cda0cbdf04
SHA256:b6e72937a27d08132efb5a7dbcf36ee1170437696ade39fc0217ef6a43347c27
Tags:elfuser-abuse_ch
Infos:

Detection

Score:60
Range:0 - 100
Whitelisted:false

Signatures

Antivirus / Scanner detection for submitted sample
Malicious sample detected (through community Yara rule)
Sample is packed with UPX
Detected TCP or UDP traffic on non-standard ports
ELF contains segments with high entropy indicating compressed/encrypted content
Enumerates processes within the "proc" file system
Sample contains only a LOAD segment without any section mappings
Uses the "uname" system call to query kernel version information (possible evasion)
Yara signature match

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1583851
Start date and time:2025-01-03 18:36:11 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 4m 58s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:ub8ehJSePAfc9FYqZIT6.mpsl.elf
Detection:MAL
Classification:mal60.evad.linELF@0/0@0/0

Warnings

  • VT rate limit hit for: ub8ehJSePAfc9FYqZIT6.mpsl.elf

Runtime Messages

Command:/tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf
PID:5841
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
lzrd cock fest"/proc/"/exe
Standard Error:

Process Tree

  • system is lnxubuntu20
  • cleanup

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
5843.1.00007fdeb0400000.00007fdeb042a000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0x2739c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273b0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273c4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273d8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273ec:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27400:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27414:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27428:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x2743c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27450:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27464:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27478:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x2748c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27504:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27518:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x2752c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
5852.1.00007fdeb0400000.00007fdeb042a000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0x2739c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273b0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273c4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273d8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273ec:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27400:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27414:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27428:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x2743c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27450:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27464:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27478:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x2748c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27504:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27518:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x2752c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
5841.1.00007fdeb0400000.00007fdeb042a000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0x2739c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273b0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273c4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273d8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273ec:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27400:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27414:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27428:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x2743c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27450:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27464:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27478:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x2748c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27504:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27518:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x2752c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
5845.1.00007fdeb0400000.00007fdeb042a000.r-x.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0x2739c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273b0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273c4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273d8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273ec:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27400:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27414:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27428:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x2743c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27450:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27464:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27478:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x2748c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x274f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27504:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x27518:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x2752c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
Process Memory Space: ub8ehJSePAfc9FYqZIT6.mpsl.elf PID: 5841Linux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0x35cc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x35e0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x35f4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3608:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x361c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3630:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3644:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3658:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x366c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3680:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3694:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x36a8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x36bc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x36d0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x36e4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x36f8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x370c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3720:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3734:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3748:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x375c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
Click to see the 3 entries

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Antivirus / Scanner detection for submitted sample
Source: ub8ehJSePAfc9FYqZIT6.mpsl.elfAvira: detected
Source: global trafficTCP traffic: 192.168.2.15:40814 -> 141.11.33.73:3778
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: unknownTCP traffic detected without corresponding DNS query: 141.11.33.73
Source: ub8ehJSePAfc9FYqZIT6.mpsl.elfString found in binary or memory: http://upx.sf.net

System Summary

barindex
Malicious sample detected (through community Yara rule)
Source: 5843.1.00007fdeb0400000.00007fdeb042a000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5852.1.00007fdeb0400000.00007fdeb042a000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5841.1.00007fdeb0400000.00007fdeb042a000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5845.1.00007fdeb0400000.00007fdeb042a000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.mpsl.elf PID: 5841, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.mpsl.elf PID: 5843, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.mpsl.elf PID: 5845, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.mpsl.elf PID: 5852, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: LOAD without section mappingsProgram segment: 0x100000
Source: 5843.1.00007fdeb0400000.00007fdeb042a000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5852.1.00007fdeb0400000.00007fdeb042a000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5841.1.00007fdeb0400000.00007fdeb042a000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5845.1.00007fdeb0400000.00007fdeb042a000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.mpsl.elf PID: 5841, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.mpsl.elf PID: 5843, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.mpsl.elf PID: 5845, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.mpsl.elf PID: 5852, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: classification engineClassification label: mal60.evad.linELF@0/0@0/0

Data Obfuscation

barindex
Sample is packed with UPX
Source: initial sampleString containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sampleString containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sampleString containing UPX found: $Id: UPX 3.94 Copyright (C) 1996-2017 the UPX Team. All Rights Reserved. $
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/110/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/231/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/111/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/112/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/233/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/113/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/114/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/235/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/115/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/1333/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/116/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/1695/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/117/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/118/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/119/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/911/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/914/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/10/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/917/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/11/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/12/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/13/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/14/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/15/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/16/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/17/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/18/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/19/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/1591/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/120/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/121/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/1/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/122/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/243/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/2/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/123/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/3/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/124/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/1588/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/125/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/4/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/246/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/126/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/5/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/127/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/6/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/1585/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/128/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/7/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/129/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/8/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/800/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/9/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/802/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/803/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/804/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/5824/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/20/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/5825/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/21/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/3407/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/22/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/23/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/24/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/25/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/26/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/27/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/28/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/29/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/1484/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/490/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/250/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/130/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/251/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/131/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/132/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/133/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/1479/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/378/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/258/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/259/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/931/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/1595/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/812/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/933/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/30/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/3419/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/35/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/3310/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/260/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/261/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/262/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/142/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/263/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/264/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/265/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/145/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/266/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/267/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/268/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/3303/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/269/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/1486/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/5841/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)File opened: /proc/1806/statusJump to behavior
Source: ub8ehJSePAfc9FYqZIT6.mpsl.elfSubmission file: segment LOAD with 7.9446 entropy (max. 8.0)
Source: /tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf (PID: 5841)Queries kernel information via 'uname': Jump to behavior
Source: ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5841.1.0000560e063f4000.0000560e0649c000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5843.1.0000560e063f4000.0000560e0649c000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5845.1.0000560e063f4000.0000560e0649c000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5852.1.0000560e063f4000.0000560e0649c000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/mipsel
Source: ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5841.1.0000560e063f4000.0000560e0649c000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5843.1.0000560e063f4000.0000560e0649c000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5845.1.0000560e063f4000.0000560e0649c000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5852.1.0000560e063f4000.0000560e0649c000.rw-.sdmpBinary or memory string: V!/etc/qemu-binfmt/mipsel
Source: ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5841.1.00007ffcd76f8000.00007ffcd7719000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5843.1.00007ffcd76f8000.00007ffcd7719000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5845.1.00007ffcd76f8000.00007ffcd7719000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5852.1.00007ffcd76f8000.00007ffcd7719000.rw-.sdmpBinary or memory string: /usr/bin/qemu-mipsel
Source: ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5841.1.00007ffcd76f8000.00007ffcd7719000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5843.1.00007ffcd76f8000.00007ffcd7719000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5845.1.00007ffcd76f8000.00007ffcd7719000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.mpsl.elf, 5852.1.00007ffcd76f8000.00007ffcd7719000.rw-.sdmpBinary or memory string: x86_64/usr/bin/qemu-mipsel/tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath InterceptionPath Interception11
Obfuscated Files or Information		1
OS Credential Dumping		11
Security Software Discovery		Remote ServicesData from Local System1
Non-Standard Port		Exfiltration Over Other Network MediumAbuse Accessibility Features

Malware Configuration

No configs have been found

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Number of created Files
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1583851 Sample: ub8ehJSePAfc9FYqZIT6.mpsl.elf Startdate: 03/01/2025 Architecture: LINUX Score: 60 20 141.11.33.73, 3778, 40814, 40816 BELWUEBelWue-KoordinationEU United Kingdom 2->20 22 Malicious sample detected (through community Yara rule) 2->22 24 Antivirus / Scanner detection for submitted sample 2->24 26 Sample is packed with UPX 2->26 8 ub8ehJSePAfc9FYqZIT6.mpsl.elf 2->8         started        signatures3 process4 process5 10 ub8ehJSePAfc9FYqZIT6.mpsl.elf 8->10         started        12 ub8ehJSePAfc9FYqZIT6.mpsl.elf 8->12         started        14 ub8ehJSePAfc9FYqZIT6.mpsl.elf 8->14         started        process6 16 ub8ehJSePAfc9FYqZIT6.mpsl.elf 10->16         started        18 ub8ehJSePAfc9FYqZIT6.mpsl.elf 10->18         started       

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
ub8ehJSePAfc9FYqZIT6.mpsl.elf100%AviraEXP/ELF.Agent.M.28

Dropped Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

No contacted domains info

URLs from Memory and Binaries

NameSourceMaliciousAntivirus DetectionReputation
http://upx.sf.netub8ehJSePAfc9FYqZIT6.mpsl.elffalse
    		high

    World Map of Contacted IPs

    • No. of IPs < 25%
    • 25% < No. of IPs < 50%
    • 50% < No. of IPs < 75%
    • 75% < No. of IPs

    Public IPs

    IPDomainCountryFlagASNASN NameMalicious
    141.11.33.73
    		unknownUnited Kingdom
    		553BELWUEBelWue-KoordinationEUfalse

    Joe Sandbox View / Context

    IPs

    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
    141.11.33.73ub8ehJSePAfc9FYqZIT6.m68k.elfGet hashmaliciousMiraiBrowse
      ub8ehJSePAfc9FYqZIT6.x86_64.elfGet hashmaliciousUnknownBrowse
        ub8ehJSePAfc9FYqZIT6.arm.elfGet hashmaliciousMiraiBrowse
          ub8ehJSePAfc9FYqZIT6.x86.elfGet hashmaliciousUnknownBrowse
            boatnet.mpsl.elfGet hashmaliciousMiraiBrowse
              boatnet.arm7.elfGet hashmaliciousMiraiBrowse
                141.11.33.73-boatnet.arm-2025-01-03T05_39_17.elfGet hashmaliciousMiraiBrowse

                  Domains

                  No context

                  ASNs

                  MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                  BELWUEBelWue-KoordinationEUub8ehJSePAfc9FYqZIT6.m68k.elfGet hashmaliciousMiraiBrowse
                  • 141.11.33.73
                  ub8ehJSePAfc9FYqZIT6.x86_64.elfGet hashmaliciousUnknownBrowse
                  • 141.11.33.73
                  ub8ehJSePAfc9FYqZIT6.arm.elfGet hashmaliciousMiraiBrowse
                  • 141.11.33.73
                  ub8ehJSePAfc9FYqZIT6.x86.elfGet hashmaliciousUnknownBrowse
                  • 141.11.33.73
                  boatnet.mpsl.elfGet hashmaliciousMiraiBrowse
                  • 141.11.33.73
                  boatnet.arm7.elfGet hashmaliciousMiraiBrowse
                  • 141.11.33.73
                  141.11.33.73-boatnet.arm-2025-01-03T05_39_17.elfGet hashmaliciousMiraiBrowse
                  • 141.11.33.73
                  Hilix.mips.elfGet hashmaliciousMiraiBrowse
                  • 134.155.120.154
                  armv5l.elfGet hashmaliciousUnknownBrowse
                  • 141.79.218.248
                  kwari.arm.elfGet hashmaliciousUnknownBrowse
                  • 134.34.202.108

                  JA3 Fingerprints

                  No context

                  Dropped Files

                  No context

                  Created / dropped Files

                  No created / dropped files found

                  Static File Info

                  General

                  File type:ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, no section header
                  Entropy (8bit):7.942026226621317
                  TrID:
                  • ELF Executable and Linkable format (generic) (4004/1) 100.00%
                  File name:ub8ehJSePAfc9FYqZIT6.mpsl.elf
                  File size:44'328 bytes
                  MD5:3b8497fe3fa99368bf45cd732f3571e0
                  SHA1:5be119c3d8c5eba13b4b2991895194cda0cbdf04
                  SHA256:b6e72937a27d08132efb5a7dbcf36ee1170437696ade39fc0217ef6a43347c27
                  SHA512:e0aabaa17c41e93b6e4fd57eaaeb2e12debdc21e2a908ac10940608e18a6f50fbb7cdd6cababcd76f8395ef06d2530db9b293cd46762ce60cfdbbb4018a68aed
                  SSDEEP:768:9XDzmAafwB5kfY+r39Frew/RBek/VRW6cLJ7xzrUWlTaQ9g6yuy7QOSkxS5W9:ZDtMwEzaWRTavAW5a8g6qQOJSy
                  TLSH:9F13F2ADEBF57453C70D5D76C09E272C9B04A5A9B799570EA302CCC9B42490FA84BCF4
                  File Content Preview:.ELF........................4...........4. ...(...............................................C...C.....................UPX!d...................V..........?.E.h;....#......b.L#>g7.9f......1....F.....f.u.(L.X.Ak..8......~.Dl0..Wl../... ..il..............p?

                  Static ELF Info

                  ELF header

                  Class:ELF32
                  Data:2's complement, little endian
                  Version:1 (current)
                  Machine:MIPS R3000
                  Version Number:0x1
                  Type:EXEC (Executable file)
                  OS/ABI:UNIX - System V
                  ABI Version:0
                  Entry Point Address:0x1098c0
                  Flags:0x1007
                  ELF Header Size:52
                  Program Header Offset:52
                  Program Header Size:32
                  Number of Program Headers:2
                  Section Header Offset:0
                  Section Header Size:40
                  Number of Section Headers:0
                  Header String Table Index:0

                  Program Segments

                  TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                  LOAD0x00x1000000x1000000xabfd0xabfd7.94460x5R E0x10000
                  LOAD0xaffc0x43affc0x43affc0x00x00.00000x6RW 0x10000

                  Network Behavior

                  Network Port Distribution

                  TCP Packets

                  TimestampSource PortDest PortSource IPDest IP
                  Jan 3, 2025 18:37:19.954603910 CET408143778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:19.961011887 CET377840814141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:19.961066008 CET408143778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:19.990181923 CET408143778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:19.994993925 CET377840814141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:19.995033979 CET408143778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:19.999782085 CET377840814141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:20.983827114 CET377840814141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:20.984435081 CET408143778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:20.984435081 CET408143778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:20.985080957 CET408163778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:20.989876986 CET377840816141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:20.989969969 CET408163778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:20.990977049 CET408163778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:20.995728016 CET377840816141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:20.995820045 CET408163778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:21.000642061 CET377840816141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:22.029359102 CET377840816141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:22.029484987 CET408163778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:22.029542923 CET408163778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:22.030019999 CET408183778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:22.034815073 CET377840818141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:22.034859896 CET408183778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:22.035487890 CET408183778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:22.040256977 CET377840818141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:22.040363073 CET408183778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:22.045144081 CET377840818141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:23.080526114 CET377840818141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:23.080725908 CET408183778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:23.080903053 CET408183778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:23.081717968 CET408203778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:23.086493015 CET377840820141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:23.086545944 CET408203778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:23.087491035 CET408203778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:23.092242956 CET377840820141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:23.092315912 CET408203778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:23.097024918 CET377840820141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:24.729581118 CET377840820141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:24.729676008 CET408203778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:24.729720116 CET408203778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:24.730197906 CET408223778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:24.735017061 CET377840822141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:24.735074997 CET408223778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:24.735790968 CET408223778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:24.741343975 CET377840822141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:24.741417885 CET408223778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:24.746251106 CET377840822141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:25.620167971 CET408243778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:25.625163078 CET377840824141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:25.625216961 CET408243778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:25.645134926 CET408243778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:25.649939060 CET377840824141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:25.649982929 CET408243778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:25.654778004 CET377840824141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:25.870583057 CET377840822141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:25.870646954 CET408223778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:25.870811939 CET408223778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:25.871247053 CET408263778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:25.876058102 CET377840826141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:25.876113892 CET408263778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:25.876773119 CET408263778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:25.881524086 CET377840826141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:25.881565094 CET408263778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:25.886399984 CET377840826141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:26.638494968 CET377840824141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:26.638710022 CET408243778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:26.639045000 CET408243778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:26.639703989 CET408283778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:26.644571066 CET377840828141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:26.644640923 CET408283778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:26.645261049 CET408283778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:26.650027990 CET377840828141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:26.650072098 CET408283778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:26.654860973 CET377840828141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:26.892833948 CET377840826141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:26.892903090 CET408263778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:26.892945051 CET408263778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:26.893359900 CET408303778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:26.898140907 CET377840830141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:26.898192883 CET408303778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:26.898982048 CET408303778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:26.903749943 CET377840830141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:26.903790951 CET408303778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:26.908564091 CET377840830141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:27.686078072 CET377840828141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:27.686265945 CET408283778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:27.686356068 CET408283778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:27.686916113 CET408323778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:27.691766024 CET377840832141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:27.691833973 CET408323778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:27.692370892 CET408323778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:27.697175026 CET377840832141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:27.697228909 CET408323778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:27.702042103 CET377840832141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:27.946609020 CET377840830141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:27.946753025 CET408303778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:27.946753025 CET408303778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:27.947197914 CET408343778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:27.951977968 CET377840834141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:27.952030897 CET408343778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:27.952689886 CET408343778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:27.957542896 CET377840834141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:27.957583904 CET408343778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:27.962328911 CET377840834141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:28.943769932 CET377840834141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:28.943994999 CET408343778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:28.944056988 CET408343778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:28.944717884 CET408363778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:28.949563026 CET377840836141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:28.949629068 CET408363778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:28.950275898 CET408363778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:28.957819939 CET377840836141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:28.957879066 CET408363778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:28.963392019 CET377840836141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:29.339210987 CET377840832141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:29.339421034 CET408323778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:29.339581013 CET408323778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:29.340205908 CET408383778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:29.345010042 CET377840838141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:29.345057011 CET408383778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:29.345578909 CET408383778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:29.350331068 CET377840838141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:29.350374937 CET408383778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:29.355201960 CET377840838141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:29.988419056 CET377840836141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:29.988709927 CET408363778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:29.988709927 CET408363778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:29.989531040 CET408403778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:29.994415045 CET377840840141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:29.994472980 CET408403778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:29.995151997 CET408403778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:29.999902964 CET377840840141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:29.999948025 CET408403778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:30.004780054 CET377840840141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:30.368257999 CET377840838141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:30.368340015 CET408383778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:30.368421078 CET408383778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:30.368769884 CET408423778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:30.373519897 CET377840842141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:30.373575926 CET408423778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:30.374242067 CET408423778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:30.379057884 CET377840842141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:30.379105091 CET408423778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:30.383851051 CET377840842141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:34.026618004 CET377840840141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:34.026983023 CET408403778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:34.027055979 CET408403778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:34.027988911 CET408443778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:34.032810926 CET377840844141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:34.032866955 CET408443778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:34.033859015 CET408443778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:34.038585901 CET377840844141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:34.038645983 CET408443778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:34.043586969 CET377840844141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:34.399513960 CET377840842141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:34.399770021 CET408423778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:34.399970055 CET408423778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:34.400780916 CET408463778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:34.405711889 CET377840846141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:34.405762911 CET408463778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:34.406491041 CET408463778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:34.411282063 CET377840846141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:34.411356926 CET408463778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:34.416142941 CET377840846141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:35.073246956 CET377840844141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:35.073492050 CET408443778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:35.073492050 CET408443778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:35.074147940 CET408483778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:35.079962015 CET377840848141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:35.080044985 CET408483778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:35.080996037 CET408483778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:35.086287022 CET377840848141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:35.086344004 CET408483778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:35.092175007 CET377840848141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:35.447861910 CET377840846141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:35.447988987 CET408463778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:35.448051929 CET408463778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:35.448615074 CET408503778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:35.453417063 CET377840850141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:35.453531027 CET408503778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:35.454044104 CET408503778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:35.458832026 CET377840850141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:35.458897114 CET408503778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:35.463707924 CET377840850141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:36.109184980 CET377840848141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:36.109549999 CET408483778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:36.109766960 CET408483778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:36.110512018 CET408523778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:36.115334988 CET377840852141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:36.115392923 CET408523778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:36.116079092 CET408523778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:36.120901108 CET377840852141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:36.120951891 CET408523778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:36.125701904 CET377840852141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:36.580709934 CET377840850141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:36.580873966 CET408503778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:36.580969095 CET408503778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:36.581469059 CET408543778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:36.586234093 CET377840854141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:36.586311102 CET408543778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:36.587325096 CET408543778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:36.592042923 CET377840854141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:36.592088938 CET408543778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:36.596996069 CET377840854141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:37.156528950 CET377840852141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:37.156758070 CET408523778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:37.156959057 CET408523778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:37.157610893 CET408563778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:37.162564039 CET377840856141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:37.162620068 CET408563778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:37.163367987 CET408563778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:37.168122053 CET377840856141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:37.168168068 CET408563778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:37.172996044 CET377840856141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:40.624620914 CET377840854141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:40.624778032 CET408543778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:40.624829054 CET408543778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:40.625323057 CET408583778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:40.630438089 CET377840858141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:40.630516052 CET408583778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:40.631068945 CET408583778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:40.635860920 CET377840858141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:40.635906935 CET408583778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:40.640727043 CET377840858141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:41.185484886 CET377840856141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:41.185652971 CET408563778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:41.185703993 CET408563778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:41.186316967 CET408603778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:41.191167116 CET377840860141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:41.191226006 CET408603778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:41.191968918 CET408603778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:41.196686029 CET377840860141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:41.196728945 CET408603778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:41.201504946 CET377840860141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:42.370302916 CET377840858141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:42.370580912 CET408583778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:42.370628119 CET408583778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:42.371260881 CET408623778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:42.376017094 CET377840862141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:42.376075029 CET408623778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:42.376770973 CET408623778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:42.382354021 CET377840862141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:42.382406950 CET408623778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:42.387969017 CET377840862141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:44.011776924 CET377840862141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:44.012130022 CET408623778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:44.012130022 CET408623778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:44.012666941 CET408643778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:44.017487049 CET377840864141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:44.017539978 CET408643778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:44.018143892 CET408643778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:44.022995949 CET377840864141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:44.023055077 CET408643778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:44.027878046 CET377840864141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:45.361027002 CET377840860141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:45.361193895 CET408603778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:45.361255884 CET408603778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:45.362049103 CET408663778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:45.366816044 CET377840866141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:45.366902113 CET408663778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:45.367938042 CET408663778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:45.372713089 CET377840866141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:45.372776031 CET408663778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:45.377649069 CET377840866141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:46.404133081 CET377840866141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:46.404385090 CET408663778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:46.404548883 CET408663778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:46.405320883 CET408683778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:46.410116911 CET377840868141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:46.410176039 CET408683778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:46.410933018 CET408683778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:46.415708065 CET377840868141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:46.415776968 CET408683778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:46.420516968 CET377840868141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:47.479171991 CET377840868141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:47.479419947 CET408683778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:47.479487896 CET408683778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:47.480360031 CET408703778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:47.485132933 CET377840870141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:47.485200882 CET408703778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:47.486093998 CET408703778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:47.490850925 CET377840870141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:47.490916967 CET408703778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:47.495723963 CET377840870141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:51.602483034 CET377840870141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:51.602758884 CET408703778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:51.602864981 CET408703778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:51.603926897 CET408723778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:51.608711004 CET377840872141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:51.608793020 CET408723778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:51.609997034 CET408723778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:51.614748955 CET377840872141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:51.614816904 CET408723778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:51.619560957 CET377840872141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:54.028301001 CET408643778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:54.033221006 CET377840864141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:55.246386051 CET377840864141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:55.246567965 CET408643778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:55.650425911 CET377840872141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:55.650741100 CET408723778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:55.650837898 CET408723778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:55.651726007 CET408743778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:55.656527996 CET377840874141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:55.656615019 CET408743778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:55.657819986 CET408743778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:55.662568092 CET377840874141.11.33.73192.168.2.15
                  Jan 3, 2025 18:37:55.662656069 CET408743778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:37:55.667403936 CET377840874141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:03.265908957 CET377840874141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:03.266197920 CET408743778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:03.266243935 CET408743778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:03.266985893 CET408763778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:03.271835089 CET377840876141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:03.271915913 CET408763778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:03.273092031 CET408763778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:03.277872086 CET377840876141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:03.277944088 CET408763778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:03.282757998 CET377840876141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:04.318015099 CET377840876141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:04.318123102 CET408763778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:04.318171024 CET408763778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:04.318902969 CET408783778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:04.323714972 CET377840878141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:04.323766947 CET408783778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:04.324795961 CET408783778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:04.329551935 CET377840878141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:04.329597950 CET408783778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:04.334397078 CET377840878141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:05.954822063 CET377840878141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:05.954958916 CET408783778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:05.954998016 CET408783778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:05.955887079 CET408803778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:05.960756063 CET377840880141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:05.960834980 CET408803778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:05.962038994 CET408803778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:05.966773033 CET377840880141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:05.966845989 CET408803778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:05.971574068 CET377840880141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:06.982799053 CET377840880141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:06.983094931 CET408803778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:06.983191013 CET408803778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:06.984069109 CET408823778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:06.988828897 CET377840882141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:06.988939047 CET408823778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:06.990096092 CET408823778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:06.994823933 CET377840882141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:06.994889975 CET408823778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:06.999674082 CET377840882141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:08.019076109 CET377840882141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:08.019295931 CET408823778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:08.019350052 CET408823778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:08.020049095 CET408843778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:08.024914026 CET377840884141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:08.024998903 CET408843778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:08.025861025 CET408843778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:08.030622959 CET377840884141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:08.030702114 CET408843778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:08.035466909 CET377840884141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:18.033921003 CET408843778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:18.038764000 CET377840884141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:18.907555103 CET377840884141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:18.907794952 CET408843778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:18.907794952 CET408843778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:18.908679962 CET408863778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:18.915210009 CET377840886141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:18.915293932 CET408863778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:18.916471958 CET408863778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:18.922835112 CET377840886141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:18.922919989 CET408863778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:18.929295063 CET377840886141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:19.950427055 CET377840886141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:19.950722933 CET408863778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:19.950814962 CET408863778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:19.951561928 CET408883778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:19.956408978 CET377840888141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:19.956495047 CET408883778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:19.957623959 CET408883778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:19.963021040 CET377840888141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:19.963085890 CET408883778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:19.969367027 CET377840888141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:20.991561890 CET377840888141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:20.991674900 CET408883778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:20.991898060 CET408883778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:20.992554903 CET408903778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:20.997342110 CET377840890141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:20.997399092 CET408903778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:20.998343945 CET408903778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:21.003310919 CET377840890141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:21.003381968 CET408903778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:21.008188963 CET377840890141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:27.875526905 CET377840890141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:27.875703096 CET408903778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:27.875849009 CET408903778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:27.876627922 CET408923778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:27.881519079 CET377840892141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:27.881618023 CET408923778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:27.882720947 CET408923778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:27.887517929 CET377840892141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:27.887603998 CET408923778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:27.892419100 CET377840892141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:29.602727890 CET377840892141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:29.602900028 CET408923778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:29.602943897 CET408923778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:29.603729010 CET408943778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:29.608509064 CET377840894141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:29.608566999 CET408943778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:29.609559059 CET408943778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:29.614337921 CET377840894141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:29.614388943 CET408943778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:29.619220018 CET377840894141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:30.671235085 CET377840894141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:30.671416044 CET408943778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:30.671449900 CET408943778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:30.672197104 CET408963778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:30.676966906 CET377840896141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:30.677050114 CET408963778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:30.677947998 CET408963778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:30.682792902 CET377840896141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:30.682861090 CET408963778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:30.687603951 CET377840896141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:31.738429070 CET377840896141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:31.738610983 CET408963778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:31.738797903 CET408963778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:31.739605904 CET408983778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:31.744348049 CET377840898141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:31.744450092 CET408983778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:31.745357990 CET408983778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:31.750098944 CET377840898141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:31.750161886 CET408983778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:31.754909039 CET377840898141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:32.795840025 CET377840898141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:32.796164989 CET408983778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:32.796225071 CET408983778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:32.797096968 CET409003778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:32.801903963 CET377840900141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:32.802009106 CET409003778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:32.803177118 CET409003778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:32.807964087 CET377840900141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:32.808058023 CET409003778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:32.812814951 CET377840900141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:34.449870110 CET377840900141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:34.450273037 CET409003778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:34.450273037 CET409003778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:34.451082945 CET409023778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:34.455893040 CET377840902141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:34.455941916 CET409023778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:34.456911087 CET409023778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:34.461683989 CET377840902141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:34.461771011 CET409023778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:34.466557026 CET377840902141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:39.689507961 CET377840902141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:39.689667940 CET409023778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:39.689716101 CET409023778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:39.690470934 CET409043778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:39.695241928 CET377840904141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:39.695293903 CET409043778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:39.695977926 CET409043778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:39.700754881 CET377840904141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:39.700802088 CET409043778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:39.705578089 CET377840904141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:40.736949921 CET377840904141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:40.737164974 CET409043778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:40.737283945 CET409043778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:40.737987995 CET409063778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:40.742834091 CET377840906141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:40.742908001 CET409063778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:40.743844986 CET409063778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:40.748588085 CET377840906141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:40.748646975 CET409063778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:40.753472090 CET377840906141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:44.905395031 CET377840906141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:44.905515909 CET409063778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:44.905560970 CET409063778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:44.906070948 CET409083778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:44.912410021 CET377840908141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:44.912523985 CET409083778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:44.913186073 CET409083778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:44.918704987 CET377840908141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:44.918776035 CET409083778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:44.924237013 CET377840908141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:46.535501957 CET377840908141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:46.535701036 CET409083778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:46.535808086 CET409083778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:46.536624908 CET409103778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:46.541620016 CET377840910141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:46.541682005 CET409103778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:46.542632103 CET409103778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:46.547736883 CET377840910141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:46.547792912 CET409103778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:46.552548885 CET377840910141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:47.570061922 CET377840910141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:47.570343018 CET409103778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:47.570394039 CET409103778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:47.571142912 CET409123778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:47.575915098 CET377840912141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:47.576004028 CET409123778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:47.576994896 CET409123778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:47.581738949 CET377840912141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:47.581798077 CET409123778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:47.586533070 CET377840912141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:48.611881018 CET377840912141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:48.612010002 CET409123778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:48.612106085 CET409123778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:48.612521887 CET409143778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:48.617304087 CET377840914141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:48.617371082 CET409143778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:48.617983103 CET409143778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:48.622744083 CET377840914141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:48.622797966 CET409143778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:48.627537966 CET377840914141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:49.633702040 CET377840914141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:49.633867979 CET409143778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:49.633963108 CET409143778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:49.634387970 CET409163778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:49.639183998 CET377840916141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:49.639256954 CET409163778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:49.639960051 CET409163778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:49.644680023 CET377840916141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:49.644738913 CET409163778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:49.649513006 CET377840916141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:50.691694975 CET377840916141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:50.691898108 CET409163778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:50.692111015 CET409163778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:50.692831039 CET409183778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:50.697639942 CET377840918141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:50.697699070 CET409183778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:50.698684931 CET409183778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:50.703449011 CET377840918141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:50.703493118 CET409183778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:50.708251953 CET377840918141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:52.340960979 CET377840918141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:52.341169119 CET409183778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:52.341232061 CET409183778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:52.342005014 CET409203778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:52.346777916 CET377840920141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:52.346852064 CET409203778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:52.347873926 CET409203778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:52.352686882 CET377840920141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:52.352746010 CET409203778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:52.357551098 CET377840920141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:53.380206108 CET377840920141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:53.380436897 CET409203778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:53.380476952 CET409203778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:53.381030083 CET409223778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:53.385786057 CET377840922141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:53.385854959 CET409223778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:53.386835098 CET409223778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:53.391578913 CET377840922141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:53.391658068 CET409223778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:53.396415949 CET377840922141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:54.375078917 CET377840922141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:54.375399113 CET409223778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:54.375484943 CET409223778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:54.376286030 CET409243778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:54.381083012 CET377840924141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:54.381196976 CET409243778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:54.382126093 CET409243778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:54.386909962 CET377840924141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:54.386972904 CET409243778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:54.391756058 CET377840924141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:55.303183079 CET408643778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:55.308059931 CET377840864141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:55.397996902 CET377840924141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:55.398236990 CET409243778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:55.398298979 CET409243778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:55.398737907 CET409263778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:55.403501034 CET377840926141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:55.403583050 CET409263778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:55.404177904 CET409263778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:55.408955097 CET377840926141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:55.409020901 CET409263778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:55.413866043 CET377840926141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:56.294168949 CET377840864141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:56.294403076 CET408643778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:56.452562094 CET377840926141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:56.452801943 CET409263778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:56.452984095 CET409263778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:56.453552008 CET409283778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:56.459461927 CET377840928141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:56.459578037 CET409283778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:56.460479021 CET409283778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:56.465229034 CET377840928141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:56.465302944 CET409283778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:56.470150948 CET377840928141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:57.499485016 CET377840928141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:57.499779940 CET409283778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:57.499969006 CET409283778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:57.500770092 CET409303778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:57.505531073 CET377840930141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:57.505636930 CET409303778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:57.506304979 CET409303778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:57.511106014 CET377840930141.11.33.73192.168.2.15
                  Jan 3, 2025 18:38:57.511172056 CET409303778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:38:57.515938044 CET377840930141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:00.039908886 CET377840930141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:00.040224075 CET409303778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:00.040318012 CET409303778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:00.041035891 CET409323778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:00.048532009 CET377840932141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:00.048623085 CET409323778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:00.049591064 CET409323778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:00.057040930 CET377840932141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:00.057118893 CET409323778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:00.064574957 CET377840932141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:01.706295967 CET377840932141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:01.706558943 CET409323778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:01.706615925 CET409323778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:01.707360029 CET409343778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:01.712199926 CET377840934141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:01.712296963 CET409343778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:01.713227987 CET409343778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:01.718060017 CET377840934141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:01.718116045 CET409343778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:01.722870111 CET377840934141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:05.741321087 CET377840934141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:05.741539001 CET409343778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:05.741573095 CET409343778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:05.742099047 CET409363778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:05.746934891 CET377840936141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:05.747046947 CET409363778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:05.747972965 CET409363778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:05.752818108 CET377840936141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:05.752882957 CET409363778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:05.757704020 CET377840936141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:06.739406109 CET377840936141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:06.739557981 CET409363778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:06.739846945 CET409363778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:06.740511894 CET409383778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:06.745333910 CET377840938141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:06.745400906 CET409383778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:06.746027946 CET409383778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:06.750860929 CET377840938141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:06.750910997 CET409383778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:06.755695105 CET377840938141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:16.764398098 CET377840938141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:16.764574051 CET409383778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:16.764631987 CET409383778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:16.765328884 CET409403778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:16.770153999 CET377840940141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:16.770235062 CET409403778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:16.771044970 CET409403778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:16.775825024 CET377840940141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:16.775903940 CET409403778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:16.780675888 CET377840940141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:17.780797958 CET377840940141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:17.780952930 CET409403778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:17.780987024 CET409403778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:17.781483889 CET409423778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:17.786231041 CET377840942141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:17.786281109 CET409423778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:17.786895990 CET409423778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:17.791646004 CET377840942141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:17.791706085 CET409423778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:17.796437025 CET377840942141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:19.474009991 CET377840942141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:19.474152088 CET409423778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:19.474208117 CET409423778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:19.474716902 CET409443778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:19.479506016 CET377840944141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:19.479629993 CET409443778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:19.480267048 CET409443778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:19.485013008 CET377840944141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:19.485105038 CET409443778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:19.489841938 CET377840944141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:20.492906094 CET377840944141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:20.493055105 CET409443778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:20.493103027 CET409443778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:20.493797064 CET409463778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:20.498615980 CET377840946141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:20.498677969 CET409463778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:20.499403954 CET409463778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:20.504175901 CET377840946141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:20.504228115 CET409463778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:20.508960962 CET377840946141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:22.157092094 CET377840946141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:22.157305956 CET409463778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:22.157382965 CET409463778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:22.158226967 CET409483778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:22.163084030 CET377840948141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:22.163177967 CET409483778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:22.164251089 CET409483778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:22.168987036 CET377840948141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:22.169060946 CET409483778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:22.173795938 CET377840948141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:23.195576906 CET377840948141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:23.195897102 CET409483778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:23.195897102 CET409483778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:23.196386099 CET409503778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:23.202790976 CET377840950141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:23.202855110 CET409503778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:23.203553915 CET409503778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:23.208290100 CET377840950141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:23.208348036 CET409503778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:23.213072062 CET377840950141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:24.195060968 CET377840950141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:24.195185900 CET409503778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:24.195297003 CET409503778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:24.195641994 CET409523778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:24.200432062 CET377840952141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:24.200547934 CET409523778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:24.201108932 CET409523778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:24.205861092 CET377840952141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:24.205926895 CET409523778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:24.210750103 CET377840952141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:25.226394892 CET377840952141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:25.226658106 CET409523778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:25.226691008 CET409523778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:25.227139950 CET409543778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:25.233093023 CET377840954141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:25.233177900 CET409543778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:25.233738899 CET409543778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:25.239619017 CET377840954141.11.33.73192.168.2.15
                  Jan 3, 2025 18:39:25.239681005 CET409543778192.168.2.15141.11.33.73
                  Jan 3, 2025 18:39:25.245606899 CET377840954141.11.33.73192.168.2.15

                  System Behavior

                  General

                  Start time (UTC):17:37:18
                  Start date (UTC):03/01/2025
                  Path:/tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf
                  Arguments:/tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf
                  File size:5773336 bytes
                  MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                  Chronological Activities


                  General

                  Start time (UTC):17:37:18
                  Start date (UTC):03/01/2025
                  Path:/tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf
                  Arguments:-
                  File size:5773336 bytes
                  MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                  Chronological Activities


                  General

                  Start time (UTC):17:37:18
                  Start date (UTC):03/01/2025
                  Path:/tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf
                  Arguments:-
                  File size:5773336 bytes
                  MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                  Chronological Activities


                  General

                  Start time (UTC):17:37:18
                  Start date (UTC):03/01/2025
                  Path:/tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf
                  Arguments:-
                  File size:5773336 bytes
                  MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                  Chronological Activities


                  General

                  Start time (UTC):17:37:24
                  Start date (UTC):03/01/2025
                  Path:/tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf
                  Arguments:-
                  File size:5773336 bytes
                  MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                  Chronological Activities


                  General

                  Start time (UTC):17:37:24
                  Start date (UTC):03/01/2025
                  Path:/tmp/ub8ehJSePAfc9FYqZIT6.mpsl.elf
                  Arguments:-
                  File size:5773336 bytes
                  MD5 hash:0d6f61f82cf2f781c6eb0661071d42d9

                  Chronological Activities