Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
I686.elf

Overview

General Information

Sample name:I686.elf
Analysis ID:1588953
MD5:341269e2f627694b67c9d7abd07ed430
SHA1:024ed60e6062fa2381bdc66ede172e0568c96b64
SHA256:9c1f30e6fa0046e86606378ca020d487f0d50f1c25c04cff57a209debd760465
Tags:elfuser-abuse_ch
Infos:

Detection

Score:72
Range:0 - 100
Whitelisted:false

Signatures

Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Machine Learning detection for sample
Opens /proc/net/* files useful for finding connected devices and routers
Detected TCP or UDP traffic on non-standard ports
ELF contains segments with high entropy indicating compressed/encrypted content
Sample contains only a LOAD segment without any section mappings
Tries to connect to HTTP servers, but all servers are down (expired dropper behavior)
Yara signature match

Classification

General Information

Joe Sandbox version:42.0.0 Malachite
Analysis ID:1588953
Start date and time:2025-01-11 07:35:13 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 5m 0s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:I686.elf
Detection:MAL
Classification:mal72.spre.linELF@0/0@0/0

Runtime Messages

Command:/tmp/I686.elf
PID:6222
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
Cia Qbot Has Infected This Device ;)
Standard Error:

Process Tree

  • system is lnxubuntu20
  • I686.elf (PID: 6222, Parent: 6138, MD5: 341269e2f627694b67c9d7abd07ed430) Arguments: /tmp/I686.elf
    • I686.elf New Fork (PID: 6223, Parent: 6222)
    • I686.elf New Fork (PID: 6224, Parent: 6222)
      • I686.elf New Fork (PID: 6225, Parent: 6224)
  • cleanup

Yara Signatures

Initial Sample

SourceRuleDescriptionAuthorStrings
I686.elfLinux_Trojan_Mirai_e43a8744unknownunknown
  • 0x6d07:$a: 23 01 00 00 0E 00 00 00 18 03 00 7F E9 38 32 C9 4D 04 9A 3C

Memory Dumps

SourceRuleDescriptionAuthorStrings
6224.1.0000000008048000.0000000008057000.r-x.sdmpLinux_Trojan_Gafgyt_83715433unknownunknown
  • 0x12f7:$a: 8B 45 08 88 10 FF 45 08 8B 45 08 0F B6 00 84 C0 75 DB C9 C3 55
6224.1.0000000008048000.0000000008057000.r-x.sdmpLinux_Trojan_Gafgyt_6122acdfunknownunknown
  • 0x538:$a: E8 B0 00 FC 8B 7D E8 F2 AE 89 C8 F7 D0 48 48 89 45 F8 EB 03 FF
6224.1.0000000008048000.0000000008057000.r-x.sdmpLinux_Trojan_Gafgyt_f51c5ac3unknownunknown
  • 0x11ce:$a: 74 2A 8B 45 0C 0F B6 00 84 C0 74 17 8B 45 0C 40 89 44 24 04 8B
6224.1.0000000008048000.0000000008057000.r-x.sdmpLinux_Trojan_Gafgyt_27de1106unknownunknown
  • 0x120e:$a: 0C 0F B6 00 84 C0 74 18 8B 45 0C 40 8B 55 08 42 89 44 24 04 89
6224.1.0000000008048000.0000000008057000.r-x.sdmpLinux_Trojan_Gafgyt_1b2e2a3aunknownunknown
  • 0x92a:$a: 83 7D 18 00 74 25 8B 45 1C 83 E0 02 85 C0 74 1B C7 44 24 04 2D 00
Click to see the 13 entries

Suricata Signatures

TimestampSIDSeverityClasstypeSource IPSource PortDestination IPDestination PortProtocol
2025-01-11T07:35:58.266183+010028394911Malware Command and Control Activity Detected192.168.2.2340702216.9.227.1439198TCP
2025-01-11T07:36:00.172056+010028394911Malware Command and Control Activity Detected192.168.2.2340704216.9.227.1439198TCP
2025-01-11T07:36:01.972443+010028394911Malware Command and Control Activity Detected192.168.2.2340706216.9.227.1439198TCP
2025-01-11T07:36:03.722007+010028394911Malware Command and Control Activity Detected192.168.2.2340708216.9.227.1439198TCP
2025-01-11T07:36:05.503473+010028394911Malware Command and Control Activity Detected192.168.2.2340710216.9.227.1439198TCP
2025-01-11T07:36:07.416220+010028394911Malware Command and Control Activity Detected192.168.2.2340712216.9.227.1439198TCP
2025-01-11T07:36:09.149936+010028394911Malware Command and Control Activity Detected192.168.2.2340714216.9.227.1439198TCP
2025-01-11T07:36:10.884682+010028394911Malware Command and Control Activity Detected192.168.2.2340716216.9.227.1439198TCP
2025-01-11T07:36:12.640387+010028394911Malware Command and Control Activity Detected192.168.2.2340718216.9.227.1439198TCP
2025-01-11T07:36:14.427987+010028394911Malware Command and Control Activity Detected192.168.2.2340720216.9.227.1439198TCP
2025-01-11T07:36:16.188447+010028394911Malware Command and Control Activity Detected192.168.2.2340722216.9.227.1439198TCP
2025-01-11T07:36:17.956253+010028394911Malware Command and Control Activity Detected192.168.2.2340724216.9.227.1439198TCP
2025-01-11T07:36:19.698721+010028394911Malware Command and Control Activity Detected192.168.2.2340726216.9.227.1439198TCP
2025-01-11T07:36:21.453014+010028394911Malware Command and Control Activity Detected192.168.2.2340728216.9.227.1439198TCP
2025-01-11T07:36:23.181255+010028394911Malware Command and Control Activity Detected192.168.2.2340730216.9.227.1439198TCP
2025-01-11T07:36:24.962064+010028394911Malware Command and Control Activity Detected192.168.2.2340732216.9.227.1439198TCP
2025-01-11T07:36:26.699344+010028394911Malware Command and Control Activity Detected192.168.2.2340734216.9.227.1439198TCP
2025-01-11T07:36:28.472456+010028394911Malware Command and Control Activity Detected192.168.2.2340736216.9.227.1439198TCP
2025-01-11T07:36:30.254732+010028394911Malware Command and Control Activity Detected192.168.2.2340738216.9.227.1439198TCP
2025-01-11T07:36:31.993724+010028394911Malware Command and Control Activity Detected192.168.2.2340740216.9.227.1439198TCP
2025-01-11T07:36:33.775770+010028394911Malware Command and Control Activity Detected192.168.2.2340742216.9.227.1439198TCP
2025-01-11T07:36:35.551608+010028394911Malware Command and Control Activity Detected192.168.2.2340744216.9.227.1439198TCP
2025-01-11T07:36:37.295295+010028394911Malware Command and Control Activity Detected192.168.2.2340746216.9.227.1439198TCP
2025-01-11T07:36:39.064387+010028394911Malware Command and Control Activity Detected192.168.2.2340748216.9.227.1439198TCP
2025-01-11T07:36:40.850606+010028394911Malware Command and Control Activity Detected192.168.2.2340750216.9.227.1439198TCP
2025-01-11T07:36:42.590925+010028394911Malware Command and Control Activity Detected192.168.2.2340752216.9.227.1439198TCP
2025-01-11T07:36:44.361397+010028394911Malware Command and Control Activity Detected192.168.2.2340754216.9.227.1439198TCP
2025-01-11T07:36:46.106463+010028394911Malware Command and Control Activity Detected192.168.2.2340756216.9.227.1439198TCP
2025-01-11T07:36:47.873508+010028394911Malware Command and Control Activity Detected192.168.2.2340758216.9.227.1439198TCP
2025-01-11T07:36:49.622199+010028394911Malware Command and Control Activity Detected192.168.2.2340760216.9.227.1439198TCP
2025-01-11T07:36:51.411776+010028394911Malware Command and Control Activity Detected192.168.2.2340762216.9.227.1439198TCP
2025-01-11T07:36:53.170368+010028394911Malware Command and Control Activity Detected192.168.2.2340764216.9.227.1439198TCP
2025-01-11T07:36:54.922440+010028394911Malware Command and Control Activity Detected192.168.2.2340766216.9.227.1439198TCP
2025-01-11T07:36:56.712672+010028394911Malware Command and Control Activity Detected192.168.2.2340768216.9.227.1439198TCP
2025-01-11T07:36:58.490385+010028394911Malware Command and Control Activity Detected192.168.2.2340770216.9.227.1439198TCP
2025-01-11T07:37:00.272950+010028394911Malware Command and Control Activity Detected192.168.2.2340772216.9.227.1439198TCP
2025-01-11T07:37:02.034843+010028394911Malware Command and Control Activity Detected192.168.2.2340774216.9.227.1439198TCP
2025-01-11T07:37:03.818176+010028394911Malware Command and Control Activity Detected192.168.2.2340776216.9.227.1439198TCP
2025-01-11T07:37:05.581457+010028394911Malware Command and Control Activity Detected192.168.2.2340778216.9.227.1439198TCP
2025-01-11T07:37:07.367653+010028394911Malware Command and Control Activity Detected192.168.2.2340780216.9.227.1439198TCP
2025-01-11T07:37:09.129564+010028394911Malware Command and Control Activity Detected192.168.2.2340782216.9.227.1439198TCP
2025-01-11T07:37:10.893734+010028394911Malware Command and Control Activity Detected192.168.2.2340784216.9.227.1439198TCP
2025-01-11T07:37:12.681162+010028394911Malware Command and Control Activity Detected192.168.2.2340786216.9.227.1439198TCP
2025-01-11T07:37:14.417077+010028394911Malware Command and Control Activity Detected192.168.2.2340788216.9.227.1439198TCP
2025-01-11T07:37:16.172608+010028394911Malware Command and Control Activity Detected192.168.2.2340790216.9.227.1439198TCP
2025-01-11T07:37:17.900302+010028394911Malware Command and Control Activity Detected192.168.2.2340792216.9.227.1439198TCP
2025-01-11T07:37:19.640492+010028394911Malware Command and Control Activity Detected192.168.2.2340794216.9.227.1439198TCP
2025-01-11T07:37:21.370434+010028394911Malware Command and Control Activity Detected192.168.2.2340796216.9.227.1439198TCP
2025-01-11T07:37:23.126099+010028394911Malware Command and Control Activity Detected192.168.2.2340798216.9.227.1439198TCP
2025-01-11T07:37:24.879667+010028394911Malware Command and Control Activity Detected192.168.2.2340800216.9.227.1439198TCP
2025-01-11T07:37:26.627184+010028394911Malware Command and Control Activity Detected192.168.2.2340802216.9.227.1439198TCP
2025-01-11T07:37:28.373413+010028394911Malware Command and Control Activity Detected192.168.2.2340804216.9.227.1439198TCP
2025-01-11T07:37:30.126714+010028394911Malware Command and Control Activity Detected192.168.2.2340806216.9.227.1439198TCP
2025-01-11T07:37:31.893745+010028394911Malware Command and Control Activity Detected192.168.2.2340808216.9.227.1439198TCP
2025-01-11T07:37:33.639864+010028394911Malware Command and Control Activity Detected192.168.2.2340810216.9.227.1439198TCP
2025-01-11T07:37:35.392857+010028394911Malware Command and Control Activity Detected192.168.2.2340812216.9.227.1439198TCP
2025-01-11T07:37:37.135228+010028394911Malware Command and Control Activity Detected192.168.2.2340814216.9.227.1439198TCP
2025-01-11T07:37:38.915025+010028394911Malware Command and Control Activity Detected192.168.2.2340816216.9.227.1439198TCP
2025-01-11T07:37:40.676098+010028394911Malware Command and Control Activity Detected192.168.2.2340818216.9.227.1439198TCP
2025-01-11T07:37:42.476563+010028394911Malware Command and Control Activity Detected192.168.2.2340820216.9.227.1439198TCP
2025-01-11T07:37:44.257655+010028394911Malware Command and Control Activity Detected192.168.2.2340822216.9.227.1439198TCP
2025-01-11T07:37:46.001346+010028394911Malware Command and Control Activity Detected192.168.2.2340824216.9.227.1439198TCP
2025-01-11T07:38:24.162003+010028394911Malware Command and Control Activity Detected192.168.2.2340826216.9.227.1439198TCP
2025-01-11T07:38:25.886409+010028394911Malware Command and Control Activity Detected192.168.2.2340828216.9.227.1439198TCP
2025-01-11T07:38:27.647013+010028394911Malware Command and Control Activity Detected192.168.2.2340830216.9.227.1439198TCP
2025-01-11T07:38:29.427146+010028394911Malware Command and Control Activity Detected192.168.2.2340832216.9.227.1439198TCP
2025-01-11T07:38:31.213227+010028394911Malware Command and Control Activity Detected192.168.2.2340834216.9.227.1439198TCP
2025-01-11T07:38:32.974248+010028394911Malware Command and Control Activity Detected192.168.2.2340836216.9.227.1439198TCP
2025-01-11T07:38:34.759066+010028394911Malware Command and Control Activity Detected192.168.2.2340838216.9.227.1439198TCP
2025-01-11T07:38:36.540867+010028394911Malware Command and Control Activity Detected192.168.2.2340840216.9.227.1439198TCP

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for submitted file
Source: I686.elfVirustotal: Detection: 26%Perma Link
Source: I686.elfReversingLabs: Detection: 23%
Machine Learning detection for sample
Source: I686.elfJoe Sandbox ML: detected

Spreading

barindex
Opens /proc/net/* files useful for finding connected devices and routers
Source: /tmp/I686.elf (PID: 6222)Opens: /proc/net/routeJump to behavior

Networking

barindex
Suricata IDS alerts for network traffic
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40706 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40752 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40708 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40716 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40742 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40728 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40738 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40704 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40826 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40740 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40818 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40736 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40762 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40732 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40820 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40722 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40724 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40734 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40710 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40754 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40718 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40806 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40810 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40760 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40726 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40788 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40834 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40748 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40778 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40764 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40774 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40746 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40712 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40784 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40792 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40790 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40730 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40766 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40768 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40800 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40772 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40840 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40758 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40702 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40780 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40822 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40794 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40796 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40838 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40804 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40828 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40836 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40750 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40770 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40830 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40802 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40756 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40824 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40744 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40798 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40714 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40816 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40776 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40832 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40720 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40786 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40782 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40814 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40808 -> 216.9.227.143:9198
Source: Network trafficSuricata IDS: 2839491 - Severity 1 - ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M2 : 192.168.2.23:40812 -> 216.9.227.143:9198
Source: global trafficTCP traffic: 192.168.2.23:40702 -> 216.9.227.143:9198
Source: global trafficTCP traffic: 192.168.2.23:42836 -> 91.189.91.43:443
Source: global trafficTCP traffic: 192.168.2.23:42516 -> 109.202.202.202:80
Source: global trafficTCP traffic: 192.168.2.23:43928 -> 91.189.91.42:443
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.43
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 109.202.202.202
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 91.189.91.42
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownTCP traffic detected without corresponding DNS query: 216.9.227.143
Source: unknownNetwork traffic detected: HTTP traffic on port 43928 -> 443
Source: unknownNetwork traffic detected: HTTP traffic on port 42836 -> 443

System Summary

barindex
Malicious sample detected (through community Yara rule)
Source: I686.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_e43a8744 Author: unknown
Source: 6224.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_83715433 Author: unknown
Source: 6224.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_6122acdf Author: unknown
Source: 6224.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_f51c5ac3 Author: unknown
Source: 6224.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_27de1106 Author: unknown
Source: 6224.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_1b2e2a3a Author: unknown
Source: 6224.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_9127f7be Author: unknown
Source: 6222.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_83715433 Author: unknown
Source: 6222.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_6122acdf Author: unknown
Source: 6222.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_f51c5ac3 Author: unknown
Source: 6222.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_27de1106 Author: unknown
Source: 6222.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_1b2e2a3a Author: unknown
Source: 6222.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_9127f7be Author: unknown
Source: 6223.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_83715433 Author: unknown
Source: 6223.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_6122acdf Author: unknown
Source: 6223.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_f51c5ac3 Author: unknown
Source: 6223.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_27de1106 Author: unknown
Source: 6223.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_1b2e2a3a Author: unknown
Source: 6223.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_9127f7be Author: unknown
Source: LOAD without section mappingsProgram segment: 0x8048000
Source: I686.elf, type: SAMPLEMatched rule: Linux_Trojan_Mirai_e43a8744 reference_sample = f363d9bd2132d969cd41e79f29c53ef403da64ca8afc4643084cc50076ddfb47, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Mirai, fingerprint = e7ead3d1a51f0d7435a6964293a45cb8fadd739afb23dc48c1d81fbc593b23ef, id = e43a8744-1c52-4f95-bd16-be6722bc4d1a, last_modified = 2021-09-16
Source: 6224.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_83715433 reference_sample = 3648a407224634d76e82eceec84250a7506720a7f43a6ccf5873f478408fedba, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 25ac15f4b903d9e28653dad0db399ebd20d4e9baabf5078fbc33d3cd838dd7e9, id = 83715433-3dff-4238-8cdb-c51279565e05, last_modified = 2021-09-16
Source: 6224.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_6122acdf os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 283275705c729be23d7dc75056388ecae00390bd25ee7b66b0cfc9b85feee212, id = 6122acdf-1eef-45ea-83ea-699d21c2dc20, last_modified = 2021-09-16
Source: 6224.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_f51c5ac3 reference_sample = 899c072730590003b98278bdda21c15ecaa2f49ad51e417ed59e88caf054a72d, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 34f254afdf94b1eb29bae4eb8e3864ea49e918a5dbe6e4c9d06a4292c104a792, id = f51c5ac3-ade9-4d01-b578-3473a2b116db, last_modified = 2021-09-16
Source: 6224.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_27de1106 reference_sample = 899c072730590003b98278bdda21c15ecaa2f49ad51e417ed59e88caf054a72d, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9a747f0fc7ccc55f24f2654344484f643103da709270a45de4c1174d8e4101cc, id = 27de1106-497d-40a0-8fc4-929f7a927628, last_modified = 2021-09-16
Source: 6224.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_1b2e2a3a reference_sample = 899c072730590003b98278bdda21c15ecaa2f49ad51e417ed59e88caf054a72d, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6f24b67d0a6a4fc4e1cfea5a5414b82af1332a3e6074eb2178aee6b27702b407, id = 1b2e2a3a-1302-41c7-be99-43edb5563294, last_modified = 2021-09-16
Source: 6224.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_9127f7be reference_sample = 899c072730590003b98278bdda21c15ecaa2f49ad51e417ed59e88caf054a72d, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 72c742cb8b11ddf030e10f67e13c0392748dcd970394ec77ace3d2baa705a375, id = 9127f7be-6e82-46a1-9f11-0b3570b0cd76, last_modified = 2021-09-16
Source: 6222.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_83715433 reference_sample = 3648a407224634d76e82eceec84250a7506720a7f43a6ccf5873f478408fedba, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 25ac15f4b903d9e28653dad0db399ebd20d4e9baabf5078fbc33d3cd838dd7e9, id = 83715433-3dff-4238-8cdb-c51279565e05, last_modified = 2021-09-16
Source: 6222.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_6122acdf os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 283275705c729be23d7dc75056388ecae00390bd25ee7b66b0cfc9b85feee212, id = 6122acdf-1eef-45ea-83ea-699d21c2dc20, last_modified = 2021-09-16
Source: 6222.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_f51c5ac3 reference_sample = 899c072730590003b98278bdda21c15ecaa2f49ad51e417ed59e88caf054a72d, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 34f254afdf94b1eb29bae4eb8e3864ea49e918a5dbe6e4c9d06a4292c104a792, id = f51c5ac3-ade9-4d01-b578-3473a2b116db, last_modified = 2021-09-16
Source: 6222.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_27de1106 reference_sample = 899c072730590003b98278bdda21c15ecaa2f49ad51e417ed59e88caf054a72d, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9a747f0fc7ccc55f24f2654344484f643103da709270a45de4c1174d8e4101cc, id = 27de1106-497d-40a0-8fc4-929f7a927628, last_modified = 2021-09-16
Source: 6222.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_1b2e2a3a reference_sample = 899c072730590003b98278bdda21c15ecaa2f49ad51e417ed59e88caf054a72d, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6f24b67d0a6a4fc4e1cfea5a5414b82af1332a3e6074eb2178aee6b27702b407, id = 1b2e2a3a-1302-41c7-be99-43edb5563294, last_modified = 2021-09-16
Source: 6222.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_9127f7be reference_sample = 899c072730590003b98278bdda21c15ecaa2f49ad51e417ed59e88caf054a72d, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 72c742cb8b11ddf030e10f67e13c0392748dcd970394ec77ace3d2baa705a375, id = 9127f7be-6e82-46a1-9f11-0b3570b0cd76, last_modified = 2021-09-16
Source: 6223.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_83715433 reference_sample = 3648a407224634d76e82eceec84250a7506720a7f43a6ccf5873f478408fedba, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 25ac15f4b903d9e28653dad0db399ebd20d4e9baabf5078fbc33d3cd838dd7e9, id = 83715433-3dff-4238-8cdb-c51279565e05, last_modified = 2021-09-16
Source: 6223.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_6122acdf os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 283275705c729be23d7dc75056388ecae00390bd25ee7b66b0cfc9b85feee212, id = 6122acdf-1eef-45ea-83ea-699d21c2dc20, last_modified = 2021-09-16
Source: 6223.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_f51c5ac3 reference_sample = 899c072730590003b98278bdda21c15ecaa2f49ad51e417ed59e88caf054a72d, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 34f254afdf94b1eb29bae4eb8e3864ea49e918a5dbe6e4c9d06a4292c104a792, id = f51c5ac3-ade9-4d01-b578-3473a2b116db, last_modified = 2021-09-16
Source: 6223.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_27de1106 reference_sample = 899c072730590003b98278bdda21c15ecaa2f49ad51e417ed59e88caf054a72d, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 9a747f0fc7ccc55f24f2654344484f643103da709270a45de4c1174d8e4101cc, id = 27de1106-497d-40a0-8fc4-929f7a927628, last_modified = 2021-09-16
Source: 6223.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_1b2e2a3a reference_sample = 899c072730590003b98278bdda21c15ecaa2f49ad51e417ed59e88caf054a72d, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 6f24b67d0a6a4fc4e1cfea5a5414b82af1332a3e6074eb2178aee6b27702b407, id = 1b2e2a3a-1302-41c7-be99-43edb5563294, last_modified = 2021-09-16
Source: 6223.1.0000000008048000.0000000008057000.r-x.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_9127f7be reference_sample = 899c072730590003b98278bdda21c15ecaa2f49ad51e417ed59e88caf054a72d, os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = 72c742cb8b11ddf030e10f67e13c0392748dcd970394ec77ace3d2baa705a375, id = 9127f7be-6e82-46a1-9f11-0b3570b0cd76, last_modified = 2021-09-16
Source: classification engineClassification label: mal72.spre.linELF@0/0@0/0
Source: I686.elfSubmission file: segment LOAD with 7.9542 entropy (max. 8.0)

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath InterceptionPath Interception1
Obfuscated Files or Information		OS Credential Dumping1
Remote System Discovery		Remote ServicesData from Local System1
Encrypted Channel		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS MemoryApplication Window DiscoveryRemote Desktop ProtocolData from Removable Media1
Non-Standard Port		Exfiltration Over BluetoothNetwork Denial of Service
Email AddressesDNS ServerDomain AccountsAtLogon Script (Windows)Logon Script (Windows)Obfuscated Files or InformationSecurity Account ManagerQuery RegistrySMB/Windows Admin SharesData from Network Shared Drive1
Application Layer Protocol		Automated ExfiltrationData Encrypted for Impact

Malware Configuration

No configs have been found

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Number of created Files
  • Is malicious
  • Internet

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
I686.elf27%VirustotalBrowse
I686.elf24%ReversingLabs
I686.elf100%Joe Sandbox ML

Dropped Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

No contacted domains info

World Map of Contacted IPs

  • No. of IPs < 25%
  • 25% < No. of IPs < 50%
  • 50% < No. of IPs < 75%
  • 75% < No. of IPs

Public IPs

IPDomainCountryFlagASNASN NameMalicious
109.202.202.202
unknownSwitzerland
13030INIT7CHfalse
216.9.227.143
unknownReserved
7018ATT-INTERNET4UStrue
91.189.91.43
unknownUnited Kingdom
41231CANONICAL-ASGBfalse
91.189.91.42
unknownUnited Kingdom
41231CANONICAL-ASGBfalse

Joe Sandbox View / Context

IPs

MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
109.202.202.202kpLwzBouH4.elfGet hashmaliciousUnknownBrowse
  • ch.archive.ubuntu.com/ubuntu/pool/main/f/firefox/firefox_92.0%2bbuild3-0ubuntu0.20.04.1_amd64.deb
216.9.227.143X86_64.elfGet hashmaliciousUnknownBrowse
    SPARC.elfGet hashmaliciousUnknownBrowse
      X86_64.elfGet hashmaliciousUnknownBrowse
        I686.elfGet hashmaliciousUnknownBrowse
          M68K.elfGet hashmaliciousUnknownBrowse
            I586.elfGet hashmaliciousUnknownBrowse
              SH4.elfGet hashmaliciousUnknownBrowse
                SPARC.elfGet hashmaliciousUnknownBrowse
                  SH4.elfGet hashmaliciousMiraiBrowse
                    POWERPC.elfGet hashmaliciousMiraiBrowse
                      91.189.91.43ARMV5L.elfGet hashmaliciousUnknownBrowse
                        ss.elfGet hashmaliciousMirai, GafgytBrowse
                          SPARC.elfGet hashmaliciousUnknownBrowse
                            .i.elfGet hashmaliciousUnknownBrowse
                              ARMV4L.elfGet hashmaliciousUnknownBrowse
                                MIPSEL.elfGet hashmaliciousUnknownBrowse
                                  3.elfGet hashmaliciousUnknownBrowse
                                    2.elfGet hashmaliciousUnknownBrowse
                                      arm6.elfGet hashmaliciousUnknownBrowse
                                        mpsl.elfGet hashmaliciousUnknownBrowse

                                          Domains

                                          No context

                                          ASNs

                                          MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
                                          CANONICAL-ASGBARMV5L.elfGet hashmaliciousUnknownBrowse
                                          • 91.189.91.42
                                          ss.elfGet hashmaliciousMirai, GafgytBrowse
                                          • 91.189.91.42
                                          SPARC.elfGet hashmaliciousUnknownBrowse
                                          • 91.189.91.42
                                          .i.elfGet hashmaliciousUnknownBrowse
                                          • 91.189.91.42
                                          ARMV4L.elfGet hashmaliciousUnknownBrowse
                                          • 91.189.91.42
                                          MIPSEL.elfGet hashmaliciousUnknownBrowse
                                          • 91.189.91.42
                                          3.elfGet hashmaliciousUnknownBrowse
                                          • 91.189.91.42
                                          2.elfGet hashmaliciousUnknownBrowse
                                          • 91.189.91.42
                                          arm6.elfGet hashmaliciousUnknownBrowse
                                          • 91.189.91.42
                                          mpsl.elfGet hashmaliciousUnknownBrowse
                                          • 91.189.91.42
                                          INIT7CHARMV5L.elfGet hashmaliciousUnknownBrowse
                                          • 109.202.202.202
                                          ss.elfGet hashmaliciousMirai, GafgytBrowse
                                          • 109.202.202.202
                                          SPARC.elfGet hashmaliciousUnknownBrowse
                                          • 109.202.202.202
                                          .i.elfGet hashmaliciousUnknownBrowse
                                          • 109.202.202.202
                                          ARMV4L.elfGet hashmaliciousUnknownBrowse
                                          • 109.202.202.202
                                          MIPSEL.elfGet hashmaliciousUnknownBrowse
                                          • 109.202.202.202
                                          3.elfGet hashmaliciousUnknownBrowse
                                          • 109.202.202.202
                                          2.elfGet hashmaliciousUnknownBrowse
                                          • 109.202.202.202
                                          arm6.elfGet hashmaliciousUnknownBrowse
                                          • 109.202.202.202
                                          mpsl.elfGet hashmaliciousUnknownBrowse
                                          • 109.202.202.202
                                          ATT-INTERNET4USX86_64.elfGet hashmaliciousUnknownBrowse
                                          • 216.9.227.143
                                          SPARC.elfGet hashmaliciousUnknownBrowse
                                          • 216.9.227.143
                                          6.elfGet hashmaliciousUnknownBrowse
                                          • 75.26.124.8
                                          4.elfGet hashmaliciousUnknownBrowse
                                          • 99.148.97.71
                                          3.elfGet hashmaliciousUnknownBrowse
                                          • 107.255.69.83
                                          4.elfGet hashmaliciousUnknownBrowse
                                          • 172.185.86.37
                                          6.elfGet hashmaliciousUnknownBrowse
                                          • 76.224.102.15
                                          frosty.arm.elfGet hashmaliciousMiraiBrowse
                                          • 74.185.28.64
                                          frosty.spc.elfGet hashmaliciousMiraiBrowse
                                          • 172.125.131.84
                                          frosty.x86.elfGet hashmaliciousMiraiBrowse
                                          • 170.187.70.64

                                          JA3 Fingerprints

                                          No context

                                          Dropped Files

                                          No context

                                          Created / dropped Files

                                          No created / dropped files found

                                          Static File Info

                                          General

                                          File type:ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, no section header
                                          Entropy (8bit):7.952060061404937
                                          TrID:
                                          • ELF Executable and Linkable format (Linux) (4029/14) 50.16%
                                          • ELF Executable and Linkable format (generic) (4004/1) 49.84%
                                          File name:I686.elf
                                          File size:33'164 bytes
                                          MD5:341269e2f627694b67c9d7abd07ed430
                                          SHA1:024ed60e6062fa2381bdc66ede172e0568c96b64
                                          SHA256:9c1f30e6fa0046e86606378ca020d487f0d50f1c25c04cff57a209debd760465
                                          SHA512:085e39a53b1aaefc7f7d474fa5e2b3e9d210fcec35b48fae8e739fdee0440b653a6818636270f1a36ddbd32d89b5230fb7ee085ecb135bf8f92af2d5e0de228c
                                          SSDEEP:768:HyzmCa1b14OqUAldbIvqMVV0dw72ZM+S4KZs2RD0hXBwDU6nbcuyD7UryqM:SqJb140wsSMVad02M3R08U6nouy8mqM
                                          TLSH:A1E2E134C4F8AFD1C09D50FC351E6D0A52706B2696CA5332E7D8A47F8B26E9B795C213
                                          File Content Preview:.ELF....................@...4...........4. ...(.....................4...4...........................................Q.td.............................4.IYTS.....................Q..........?..k.I/.j....\.h.blz.x..&.A!!.1h\.?W'..o.....V.4Lk0..|G.K....tmL.M..

                                          Static ELF Info

                                          ELF header

                                          Class:ELF32
                                          Data:2's complement, little endian
                                          Version:1 (current)
                                          Machine:Intel 80386
                                          Version Number:0x1
                                          Type:EXEC (Executable file)
                                          OS/ABI:UNIX - Linux
                                          ABI Version:0
                                          Entry Point Address:0x804ee40
                                          Flags:0x0
                                          ELF Header Size:52
                                          Program Header Offset:52
                                          Program Header Size:32
                                          Number of Program Headers:3
                                          Section Header Offset:0
                                          Section Header Size:40
                                          Number of Section Headers:0
                                          Header String Table Index:0

                                          Program Segments

                                          TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
                                          LOAD0x00x80480000x80480000x80340x80347.95420x5R E0x1000
                                          LOAD0x00x80510000x80510000x00xcb040.00000x6RW 0x1000
                                          GNU_STACK0x00x00x00x00x00.00000x6RW 0x4

                                          Network Behavior

                                          Suricata IDS Alerts

                                          TimestampSIDSignatureSeveritySource IPSource PortDest IPDest PortProtocol
                                          2025-01-11T07:35:58.266183+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340702216.9.227.1439198TCP
                                          2025-01-11T07:36:00.172056+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340704216.9.227.1439198TCP
                                          2025-01-11T07:36:01.972443+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340706216.9.227.1439198TCP
                                          2025-01-11T07:36:03.722007+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340708216.9.227.1439198TCP
                                          2025-01-11T07:36:05.503473+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340710216.9.227.1439198TCP
                                          2025-01-11T07:36:07.416220+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340712216.9.227.1439198TCP
                                          2025-01-11T07:36:09.149936+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340714216.9.227.1439198TCP
                                          2025-01-11T07:36:10.884682+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340716216.9.227.1439198TCP
                                          2025-01-11T07:36:12.640387+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340718216.9.227.1439198TCP
                                          2025-01-11T07:36:14.427987+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340720216.9.227.1439198TCP
                                          2025-01-11T07:36:16.188447+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340722216.9.227.1439198TCP
                                          2025-01-11T07:36:17.956253+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340724216.9.227.1439198TCP
                                          2025-01-11T07:36:19.698721+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340726216.9.227.1439198TCP
                                          2025-01-11T07:36:21.453014+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340728216.9.227.1439198TCP
                                          2025-01-11T07:36:23.181255+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340730216.9.227.1439198TCP
                                          2025-01-11T07:36:24.962064+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340732216.9.227.1439198TCP
                                          2025-01-11T07:36:26.699344+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340734216.9.227.1439198TCP
                                          2025-01-11T07:36:28.472456+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340736216.9.227.1439198TCP
                                          2025-01-11T07:36:30.254732+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340738216.9.227.1439198TCP
                                          2025-01-11T07:36:31.993724+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340740216.9.227.1439198TCP
                                          2025-01-11T07:36:33.775770+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340742216.9.227.1439198TCP
                                          2025-01-11T07:36:35.551608+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340744216.9.227.1439198TCP
                                          2025-01-11T07:36:37.295295+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340746216.9.227.1439198TCP
                                          2025-01-11T07:36:39.064387+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340748216.9.227.1439198TCP
                                          2025-01-11T07:36:40.850606+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340750216.9.227.1439198TCP
                                          2025-01-11T07:36:42.590925+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340752216.9.227.1439198TCP
                                          2025-01-11T07:36:44.361397+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340754216.9.227.1439198TCP
                                          2025-01-11T07:36:46.106463+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340756216.9.227.1439198TCP
                                          2025-01-11T07:36:47.873508+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340758216.9.227.1439198TCP
                                          2025-01-11T07:36:49.622199+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340760216.9.227.1439198TCP
                                          2025-01-11T07:36:51.411776+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340762216.9.227.1439198TCP
                                          2025-01-11T07:36:53.170368+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340764216.9.227.1439198TCP
                                          2025-01-11T07:36:54.922440+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340766216.9.227.1439198TCP
                                          2025-01-11T07:36:56.712672+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340768216.9.227.1439198TCP
                                          2025-01-11T07:36:58.490385+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340770216.9.227.1439198TCP
                                          2025-01-11T07:37:00.272950+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340772216.9.227.1439198TCP
                                          2025-01-11T07:37:02.034843+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340774216.9.227.1439198TCP
                                          2025-01-11T07:37:03.818176+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340776216.9.227.1439198TCP
                                          2025-01-11T07:37:05.581457+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340778216.9.227.1439198TCP
                                          2025-01-11T07:37:07.367653+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340780216.9.227.1439198TCP
                                          2025-01-11T07:37:09.129564+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340782216.9.227.1439198TCP
                                          2025-01-11T07:37:10.893734+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340784216.9.227.1439198TCP
                                          2025-01-11T07:37:12.681162+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340786216.9.227.1439198TCP
                                          2025-01-11T07:37:14.417077+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340788216.9.227.1439198TCP
                                          2025-01-11T07:37:16.172608+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340790216.9.227.1439198TCP
                                          2025-01-11T07:37:17.900302+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340792216.9.227.1439198TCP
                                          2025-01-11T07:37:19.640492+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340794216.9.227.1439198TCP
                                          2025-01-11T07:37:21.370434+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340796216.9.227.1439198TCP
                                          2025-01-11T07:37:23.126099+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340798216.9.227.1439198TCP
                                          2025-01-11T07:37:24.879667+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340800216.9.227.1439198TCP
                                          2025-01-11T07:37:26.627184+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340802216.9.227.1439198TCP
                                          2025-01-11T07:37:28.373413+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340804216.9.227.1439198TCP
                                          2025-01-11T07:37:30.126714+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340806216.9.227.1439198TCP
                                          2025-01-11T07:37:31.893745+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340808216.9.227.1439198TCP
                                          2025-01-11T07:37:33.639864+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340810216.9.227.1439198TCP
                                          2025-01-11T07:37:35.392857+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340812216.9.227.1439198TCP
                                          2025-01-11T07:37:37.135228+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340814216.9.227.1439198TCP
                                          2025-01-11T07:37:38.915025+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340816216.9.227.1439198TCP
                                          2025-01-11T07:37:40.676098+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340818216.9.227.1439198TCP
                                          2025-01-11T07:37:42.476563+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340820216.9.227.1439198TCP
                                          2025-01-11T07:37:44.257655+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340822216.9.227.1439198TCP
                                          2025-01-11T07:37:46.001346+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340824216.9.227.1439198TCP
                                          2025-01-11T07:38:24.162003+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340826216.9.227.1439198TCP
                                          2025-01-11T07:38:25.886409+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340828216.9.227.1439198TCP
                                          2025-01-11T07:38:27.647013+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340830216.9.227.1439198TCP
                                          2025-01-11T07:38:29.427146+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340832216.9.227.1439198TCP
                                          2025-01-11T07:38:31.213227+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340834216.9.227.1439198TCP
                                          2025-01-11T07:38:32.974248+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340836216.9.227.1439198TCP
                                          2025-01-11T07:38:34.759066+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340838216.9.227.1439198TCP
                                          2025-01-11T07:38:36.540867+01002839491ETPRO MALWARE ELF/BASHLITE Variant CnC Checkin M21192.168.2.2340840216.9.227.1439198TCP

                                          Network Port Distribution

                                          TCP Packets

                                          TimestampSource PortDest PortSource IPDest IP
                                          Jan 11, 2025 07:35:57.798818111 CET407029198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:35:58.265947104 CET919840702216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:35:58.266103983 CET407029198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:35:58.266182899 CET407029198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:35:58.274247885 CET919840702216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:00.166084051 CET919840702216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:00.166280031 CET407029198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:00.166678905 CET407049198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:00.171869993 CET919840702216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:00.171905041 CET919840704216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:00.172055960 CET407049198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:00.172055960 CET407049198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:00.176884890 CET919840704216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:01.034734011 CET42836443192.168.2.2391.189.91.43
                                          Jan 11, 2025 07:36:01.967153072 CET919840704216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:01.967365026 CET407049198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:01.967395067 CET407069198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:01.972323895 CET919840704216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:01.972357035 CET919840706216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:01.972443104 CET407069198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:01.972443104 CET407069198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:01.977300882 CET919840706216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:02.826608896 CET4251680192.168.2.23109.202.202.202
                                          Jan 11, 2025 07:36:03.713011980 CET919840706216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:03.713432074 CET407089198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:03.713438988 CET407069198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:03.721714020 CET919840706216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:03.721884012 CET919840708216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:03.721951962 CET407089198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:03.722007036 CET407089198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:03.728442907 CET919840708216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:05.498085022 CET919840708216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:05.498402119 CET407089198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:05.498402119 CET407109198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:05.503305912 CET919840708216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:05.503371954 CET919840710216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:05.503443003 CET407109198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:05.503473043 CET407109198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:05.508332968 CET919840710216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:07.410744905 CET919840710216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:07.410985947 CET407109198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:07.411041975 CET407129198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:07.416117907 CET919840710216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:07.416138887 CET919840712216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:07.416208982 CET407129198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:07.416219950 CET407129198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:07.420994997 CET919840712216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:09.144495010 CET919840712216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:09.145006895 CET407129198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:09.145026922 CET407149198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:09.149821043 CET919840712216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:09.149835110 CET919840714216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:09.149898052 CET407149198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:09.149935961 CET407149198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:09.154647112 CET919840714216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:10.879359007 CET919840714216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:10.879678965 CET407149198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:10.879699945 CET407169198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:10.884556055 CET919840714216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:10.884567022 CET919840716216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:10.884681940 CET407169198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:10.884681940 CET407169198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:10.889455080 CET919840716216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:12.634757996 CET919840716216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:12.635288954 CET407169198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:12.635288954 CET407189198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:12.640254974 CET919840716216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:12.640268087 CET919840718216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:12.640352011 CET407189198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:12.640387058 CET407189198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:12.645212889 CET919840718216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:14.422764063 CET919840718216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:14.422941923 CET407189198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:14.422969103 CET407209198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:14.427870035 CET919840718216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:14.427903891 CET919840720216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:14.427963972 CET407209198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:14.427987099 CET407209198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:14.432888985 CET919840720216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:15.880733967 CET43928443192.168.2.2391.189.91.42
                                          Jan 11, 2025 07:36:16.183336020 CET919840720216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:16.183461905 CET407209198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:16.183505058 CET407229198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:16.188374996 CET919840720216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:16.188388109 CET919840722216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:16.188435078 CET407229198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:16.188446999 CET407229198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:16.193200111 CET919840722216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:17.951035976 CET919840722216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:17.951217890 CET407229198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:17.951252937 CET407249198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:17.956048012 CET919840722216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:17.956152916 CET919840724216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:17.956203938 CET407249198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:17.956253052 CET407249198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:17.960994959 CET919840724216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:19.692385912 CET919840724216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:19.692540884 CET407249198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:19.692565918 CET407269198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:19.698600054 CET919840724216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:19.698649883 CET919840726216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:19.698707104 CET407269198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:19.698720932 CET407269198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:19.704672098 CET919840726216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:21.447500944 CET919840726216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:21.447901964 CET407269198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:21.448080063 CET407289198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:21.452717066 CET919840726216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:21.452897072 CET919840728216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:21.452984095 CET407289198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:21.453013897 CET407289198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:21.457832098 CET919840728216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:23.175864935 CET919840728216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:23.176253080 CET407289198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:23.176253080 CET407309198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:23.181123972 CET919840728216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:23.181142092 CET919840730216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:23.181255102 CET407309198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:23.181255102 CET407309198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:23.186079025 CET919840730216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:24.955804110 CET919840730216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:24.956121922 CET407329198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:24.956521988 CET407309198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:24.961971045 CET919840732216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:24.962033033 CET407329198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:24.962064028 CET407329198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:24.962136030 CET919840730216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:24.967724085 CET919840732216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:26.694048882 CET919840732216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:26.694240093 CET407329198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:26.694314957 CET407349198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:26.699203014 CET919840732216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:26.699237108 CET919840734216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:26.699297905 CET407349198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:26.699343920 CET407349198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:26.704159021 CET919840734216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:28.167011976 CET42836443192.168.2.2391.189.91.43
                                          Jan 11, 2025 07:36:28.466993093 CET919840734216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:28.467206955 CET407349198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:28.467232943 CET407369198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:28.472281933 CET919840734216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:28.472317934 CET919840736216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:28.472426891 CET407369198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:28.472455978 CET407369198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:28.477317095 CET919840736216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:30.249147892 CET919840736216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:30.249479055 CET407369198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:30.249577045 CET407389198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:30.254538059 CET919840736216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:30.254592896 CET919840738216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:30.254695892 CET407389198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:30.254731894 CET407389198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:30.259573936 CET919840738216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:31.988650084 CET919840738216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:31.988812923 CET407389198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:31.988826990 CET407409198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:31.993642092 CET919840738216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:31.993658066 CET919840740216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:31.993724108 CET407409198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:31.993724108 CET407409198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:31.998502016 CET919840740216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:32.262450933 CET4251680192.168.2.23109.202.202.202
                                          Jan 11, 2025 07:36:33.770699978 CET919840740216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:33.770889044 CET407409198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:33.770921946 CET407429198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:33.775644064 CET919840740216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:33.775695086 CET919840742216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:33.775753975 CET407429198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:33.775769949 CET407429198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:33.780548096 CET919840742216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:35.545159101 CET919840742216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:35.545705080 CET407449198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:35.545702934 CET407429198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:35.551400900 CET919840742216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:35.551414013 CET919840744216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:35.551608086 CET407449198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:35.551608086 CET407449198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:35.557516098 CET919840744216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:37.289910078 CET919840744216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:37.290204048 CET407449198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:37.290204048 CET407469198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:37.295134068 CET919840744216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:37.295169115 CET919840746216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:37.295257092 CET407469198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:37.295295000 CET407469198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:37.300127029 CET919840746216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:39.058971882 CET919840746216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:39.059230089 CET407469198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:39.059278011 CET407489198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:39.064207077 CET919840746216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:39.064240932 CET919840748216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:39.064387083 CET407489198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:39.064387083 CET407489198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:39.069336891 CET919840748216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:40.845098019 CET919840748216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:40.845505953 CET407489198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:40.845591068 CET407509198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:40.850408077 CET919840748216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:40.850464106 CET919840750216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:40.850567102 CET407509198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:40.850605965 CET407509198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:40.855463982 CET919840750216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:42.585417986 CET919840750216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:42.585725069 CET407509198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:42.585760117 CET407529198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:42.590646982 CET919840750216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:42.590660095 CET919840752216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:42.590751886 CET407529198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:42.590924978 CET407529198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:42.595690966 CET919840752216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:44.356302977 CET919840752216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:44.356378078 CET407529198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:44.356412888 CET407549198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:44.361249924 CET919840752216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:44.361270905 CET919840754216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:44.361335039 CET407549198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:44.361397028 CET407549198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:44.366147995 CET919840754216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:46.100980043 CET919840754216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:46.101329088 CET407549198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:46.101389885 CET407569198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:46.106239080 CET919840754216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:46.106333971 CET919840756216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:46.106405020 CET407569198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:46.106462955 CET407569198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:46.111226082 CET919840756216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:47.868241072 CET919840756216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:47.868480921 CET407569198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:47.868566990 CET407589198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:47.873353004 CET919840756216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:47.873368979 CET919840758216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:47.873439074 CET407589198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:47.873507977 CET407589198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:47.878272057 CET919840758216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:49.616924047 CET919840758216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:49.617173910 CET407589198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:49.617305994 CET407609198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:49.622011900 CET919840758216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:49.622029066 CET919840760216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:49.622138977 CET407609198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:49.622199059 CET407609198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:49.629251003 CET919840760216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:51.406685114 CET919840760216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:51.406812906 CET407609198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:51.406841040 CET407629198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:51.411663055 CET919840760216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:51.411674976 CET919840762216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:51.411734104 CET407629198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:51.411776066 CET407629198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:51.416533947 CET919840762216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:53.164340973 CET919840762216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:53.164592028 CET407629198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:53.164629936 CET407649198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:53.170253992 CET919840762216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:53.170300961 CET919840764216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:53.170367956 CET407649198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:53.170367956 CET407649198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:53.175721884 CET919840764216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:54.917176962 CET919840764216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:54.917402029 CET407649198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:54.917464018 CET407669198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:54.922312975 CET919840764216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:54.922327042 CET919840766216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:54.922405958 CET407669198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:54.922440052 CET407669198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:54.927190065 CET919840766216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:56.707202911 CET919840766216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:56.707598925 CET407669198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:56.707739115 CET407689198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:56.712419033 CET919840766216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:56.712536097 CET919840768216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:56.712608099 CET407689198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:56.712671995 CET407689198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:56.717441082 CET919840768216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:56.835092068 CET43928443192.168.2.2391.189.91.42
                                          Jan 11, 2025 07:36:58.485131979 CET919840768216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:58.485382080 CET407689198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:58.485414982 CET407709198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:58.490259886 CET919840768216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:58.490273952 CET919840770216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:36:58.490338087 CET407709198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:58.490385056 CET407709198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:36:58.495153904 CET919840770216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:00.267779112 CET919840770216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:00.267960072 CET407709198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:00.267982006 CET407729198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:00.272753954 CET919840770216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:00.272883892 CET919840772216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:00.272949934 CET407729198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:00.272949934 CET407729198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:00.277801037 CET919840772216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:02.029562950 CET919840772216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:02.029794931 CET407729198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:02.029830933 CET407749198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:02.034657955 CET919840772216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:02.034694910 CET919840774216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:02.034842968 CET407749198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:02.034842968 CET407749198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:02.039669991 CET919840774216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:03.812717915 CET919840774216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:03.812990904 CET407749198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:03.813010931 CET407769198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:03.818008900 CET919840774216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:03.818027973 CET919840776216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:03.818176031 CET407769198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:03.818176031 CET407769198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:03.823019028 CET919840776216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:05.576215029 CET919840776216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:05.576487064 CET407769198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:05.576575041 CET407789198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:05.581310987 CET919840776216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:05.581355095 CET919840778216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:05.581415892 CET407789198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:05.581456900 CET407789198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:05.586272955 CET919840778216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:07.362227917 CET919840778216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:07.362545967 CET407789198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:07.362581968 CET407809198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:07.367507935 CET919840778216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:07.367542982 CET919840780216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:07.367614985 CET407809198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:07.367652893 CET407809198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:07.372450113 CET919840780216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:09.123385906 CET919840780216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:09.123692989 CET407809198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:09.123904943 CET407829198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:09.129175901 CET919840780216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:09.129451036 CET919840782216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:09.129564047 CET407829198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:09.129564047 CET407829198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:09.134406090 CET919840782216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:10.888310909 CET919840782216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:10.888607979 CET407829198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:10.888669014 CET407849198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:10.893527985 CET919840782216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:10.893614054 CET919840784216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:10.893704891 CET407849198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:10.893733978 CET407849198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:10.898636103 CET919840784216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:12.675909996 CET919840784216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:12.676129103 CET407849198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:12.676218987 CET407869198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:12.681014061 CET919840784216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:12.681030989 CET919840786216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:12.681112051 CET407869198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:12.681162119 CET407869198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:12.685952902 CET919840786216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:14.411643982 CET919840786216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:14.411871910 CET407869198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:14.411895990 CET407889198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:14.416927099 CET919840786216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:14.416963100 CET919840788216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:14.417032003 CET407889198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:14.417077065 CET407889198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:14.421941996 CET919840788216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:16.167165041 CET919840788216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:16.167412996 CET407889198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:16.167473078 CET407909198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:16.172360897 CET919840788216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:16.172458887 CET919840790216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:16.172559977 CET407909198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:16.172607899 CET407909198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:16.177467108 CET919840790216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:17.894948959 CET919840790216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:17.895142078 CET407909198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:17.895225048 CET407929198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:17.899971008 CET919840790216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:17.900216103 CET919840792216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:17.900301933 CET407929198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:17.900301933 CET407929198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:17.905286074 CET919840792216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:19.635046005 CET919840792216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:19.635365009 CET407929198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:19.635365009 CET407949198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:19.640378952 CET919840792216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:19.640413046 CET919840794216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:19.640491962 CET407949198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:19.640491962 CET407949198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:19.645375967 CET919840794216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:21.364979029 CET919840794216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:21.365370035 CET407969198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:21.365475893 CET407949198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:21.370285988 CET919840796216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:21.370372057 CET407969198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:21.370434046 CET407969198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:21.370438099 CET919840794216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:21.375282049 CET919840796216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:23.120929956 CET919840796216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:23.121201992 CET407969198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:23.121239901 CET407989198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:23.126000881 CET919840796216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:23.126024008 CET919840798216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:23.126070023 CET407989198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:23.126099110 CET407989198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:23.130866051 CET919840798216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:24.874104023 CET919840798216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:24.874517918 CET407989198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:24.874548912 CET408009198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:24.879462004 CET919840798216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:24.879478931 CET919840800216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:24.879611969 CET408009198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:24.879667044 CET408009198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:24.884489059 CET919840800216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:26.621778011 CET919840800216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:26.622031927 CET408009198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:26.622101068 CET408029198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:26.626998901 CET919840800216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:26.627018929 CET919840802216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:26.627110958 CET408029198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:26.627183914 CET408029198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:26.631937981 CET919840802216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:28.368165970 CET919840802216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:28.368365049 CET408029198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:28.368387938 CET408049198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:28.373330116 CET919840804216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:28.373342037 CET919840802216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:28.373398066 CET408049198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:28.373413086 CET408049198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:28.378218889 CET919840804216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:30.121632099 CET919840804216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:30.121794939 CET408049198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:30.121840954 CET408069198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:30.126600027 CET919840804216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:30.126612902 CET919840806216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:30.126672029 CET408069198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:30.126713991 CET408069198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:30.131510973 CET919840806216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:31.888279915 CET919840806216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:31.888621092 CET408069198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:31.888690948 CET408089198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:31.893414974 CET919840806216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:31.893580914 CET919840808216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:31.893697977 CET408089198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:31.893744946 CET408089198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:31.898572922 CET919840808216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:33.633793116 CET919840808216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:33.634068966 CET408089198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:33.634120941 CET408109198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:33.638976097 CET919840808216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:33.638988972 CET919840810216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:33.639863014 CET408109198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:33.639863968 CET408109198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:33.644900084 CET919840810216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:35.387309074 CET919840810216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:35.387681007 CET408109198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:35.387746096 CET408129198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:35.392721891 CET919840810216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:35.392744064 CET919840812216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:35.392839909 CET408129198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:35.392857075 CET408129198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:35.397660971 CET919840812216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:37.129894972 CET919840812216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:37.130209923 CET408129198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:37.130273104 CET408149198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:37.135070086 CET919840812216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:37.135113955 CET919840814216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:37.135227919 CET408149198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:37.135227919 CET408149198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:37.140088081 CET919840814216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:38.909724951 CET919840814216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:38.909992933 CET408149198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:38.910069942 CET408169198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:38.914792061 CET919840814216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:38.914871931 CET919840816216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:38.914968014 CET408169198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:38.915024996 CET408169198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:38.919769049 CET919840816216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:40.670773983 CET919840816216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:40.670978069 CET408169198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:40.671010017 CET408189198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:40.675904036 CET919840816216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:40.675967932 CET919840818216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:40.676098108 CET408189198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:40.676098108 CET408189198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:40.680946112 CET919840818216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:42.471129894 CET919840818216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:42.471474886 CET408189198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:42.471575975 CET408209198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:42.476417065 CET919840818216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:42.476440907 CET919840820216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:42.476562977 CET408209198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:42.476562977 CET408209198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:42.481395006 CET919840820216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:44.251250982 CET919840820216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:44.251678944 CET408209198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:44.251750946 CET408229198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:44.257436037 CET919840820216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:44.257543087 CET919840822216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:44.257616043 CET408229198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:44.257654905 CET408229198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:44.263362885 CET919840822216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:45.996161938 CET919840822216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:45.996334076 CET408229198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:45.996395111 CET408249198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:46.001200914 CET919840822216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:46.001214981 CET919840824216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:46.001286983 CET408249198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:46.001346111 CET408249198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:46.006153107 CET919840824216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:47.368108988 CET919840824216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:47.368277073 CET408249198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:37:47.536009073 CET919840824216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:37:47.536128998 CET408249198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:24.156461000 CET919840824216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:24.156858921 CET408249198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:24.156955004 CET408269198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:24.161837101 CET919840824216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:24.161851883 CET919840826216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:24.161950111 CET408269198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:24.162003040 CET408269198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:24.166860104 CET919840826216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:25.880700111 CET919840826216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:25.881076097 CET408269198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:25.881263018 CET408289198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:25.886174917 CET919840826216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:25.886279106 CET919840828216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:25.886409044 CET408289198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:25.886409044 CET408289198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:25.891285896 CET919840828216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:27.641876936 CET919840828216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:27.642045021 CET408289198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:27.642072916 CET408309198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:27.646919012 CET919840828216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:27.646930933 CET919840830216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:27.646976948 CET408309198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:27.647012949 CET408309198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:27.651772022 CET919840830216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:29.422028065 CET919840830216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:29.422210932 CET408309198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:29.422228098 CET408329198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:29.427042007 CET919840830216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:29.427054882 CET919840832216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:29.427117109 CET408329198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:29.427145958 CET408329198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:29.431920052 CET919840832216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:31.207879066 CET919840832216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:31.208060026 CET408329198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:31.208118916 CET408349198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:31.213116884 CET919840832216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:31.213154078 CET919840834216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:31.213207960 CET408349198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:31.213227034 CET408349198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:31.218086958 CET919840834216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:32.968978882 CET919840834216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:32.969147921 CET408349198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:32.969185114 CET408369198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:32.974128962 CET919840834216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:32.974153996 CET919840836216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:32.974215984 CET408369198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:32.974247932 CET408369198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:32.979104042 CET919840836216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:34.753901005 CET919840836216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:34.754067898 CET408369198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:34.754092932 CET408389198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:34.758959055 CET919840836216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:34.758982897 CET919840838216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:34.759051085 CET408389198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:34.759066105 CET408389198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:34.763938904 CET919840838216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:36.535528898 CET919840838216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:36.535820961 CET408389198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:36.535885096 CET408409198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:36.540672064 CET919840838216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:36.540745020 CET919840840216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:36.540822029 CET408409198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:36.540867090 CET408409198192.168.2.23216.9.227.143
                                          Jan 11, 2025 07:38:36.545638084 CET919840840216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:46.106683016 CET919840840216.9.227.143192.168.2.23
                                          Jan 11, 2025 07:38:46.106851101 CET408409198192.168.2.23216.9.227.143

                                          System Behavior

                                          General

                                          Start time (UTC):06:35:56
                                          Start date (UTC):11/01/2025
                                          Path:/tmp/I686.elf
                                          Arguments:/tmp/I686.elf
                                          File size:33164 bytes
                                          MD5 hash:341269e2f627694b67c9d7abd07ed430

                                          Chronological Activities


                                          General

                                          Start time (UTC):06:35:56
                                          Start date (UTC):11/01/2025
                                          Path:/tmp/I686.elf
                                          Arguments:-
                                          File size:33164 bytes
                                          MD5 hash:341269e2f627694b67c9d7abd07ed430

                                          Chronological Activities


                                          General

                                          Start time (UTC):06:35:56
                                          Start date (UTC):11/01/2025
                                          Path:/tmp/I686.elf
                                          Arguments:-
                                          File size:33164 bytes
                                          MD5 hash:341269e2f627694b67c9d7abd07ed430

                                          Chronological Activities


                                          General

                                          Start time (UTC):06:35:56
                                          Start date (UTC):11/01/2025
                                          Path:/tmp/I686.elf
                                          Arguments:-
                                          File size:33164 bytes
                                          MD5 hash:341269e2f627694b67c9d7abd07ed430