Windows
Analysis Report
Document-01-16-25.pdf
Overview
General Information
Detection
Score: | 60 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- Acrobat.exe (PID: 4284 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\Acrobat .exe" "C:\ Users\user \Desktop\D ocument-01 -16-25.pdf " MD5: 24EAD1C46A47022347DC0F05F6EFBB8C) - AcroCEF.exe (PID: 6752 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ba ckgroundco lor=167772 15 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE) - AcroCEF.exe (PID: 7308 cmdline:
"C:\Progra m Files\Ad obe\Acroba t DC\Acrob at\acrocef _1\AcroCEF .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --log-seve rity=disab le --user- agent-prod uct="Reade rServices/ 23.6.20320 Chrome/10 5.0.0.0" - -lang=en-U S --user-d ata-dir="C :\Users\us er\AppData \Local\CEF \User Data " --log-fi le="C:\Pro gram Files \Adobe\Acr obat DC\Ac robat\acro cef_1\debu g.log" --m ojo-platfo rm-channel -handle=21 04 --field -trial-han dle=1736,i ,157472550 5642188991 7,54677610 3974383720 ,131072 -- disable-fe atures=Bac kForwardCa che,Calcul ateNativeW inOcclusio n,WinUseBr owserSpell Checker /p refetch:8 MD5: 9B38E8E8B6DD9622D24B53E095C5D9BE)
- chrome.exe (PID: 5548 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "https ://snip.ly /h183fa" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 280 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2212 --fi eld-trial- handle=200 4,i,126191 5402418924 6498,55290 7076724909 782,262144 /prefetch :8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
Phishing |
---|
Source: | Joe Sandbox AI: | ||
Source: | Joe Sandbox AI: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | OCR Text: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: | ||
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | HTTP Parser: |
Source: | TCP traffic: |
Source: | HTTP traffic: |
Source: | IP Address: | ||
Source: | IP Address: | ||
Source: | IP Address: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
System Summary |
---|
Source: | Static PDF information: |
Source: | Classification label: |
Source: | Initial sample: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Window detected: |
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Initial sample: |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 1 Spearphishing Link | Windows Management Instrumentation | 1 Browser Extensions | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 System Information Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | 1 Drive-by Compromise | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 2 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 1 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | ReversingLabs |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bg.microsoft.map.fastly.net | 199.232.210.172 | true | false | high | |
snip.ly | 172.67.11.119 | true | false | high | |
f005.backblazeb2.com | 149.137.136.16 | true | false | high | |
ipinfo.io | 34.117.59.81 | true | false | high | |
www.google.com | 142.250.185.132 | true | false | high | |
x1.i.lencr.org | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false | high | ||
false | high | ||
false | high | ||
false | high |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high | |||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
172.67.11.119 | snip.ly | United States | 13335 | CLOUDFLARENETUS | false | |
34.117.59.81 | ipinfo.io | United States | 139070 | GOOGLE-AS-APGoogleAsiaPacificPteLtdSG | false | |
142.250.185.132 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
149.137.136.16 | f005.backblazeb2.com | United States | 30103 | ZOOM-VIDEO-COMM-ASUS | false |
IP |
---|
192.168.2.4 |
192.168.2.6 |
192.168.2.5 |
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1591442 |
Start date and time: | 2025-01-15 00:47:29 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 41s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowspdfcookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 13 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | Document-01-16-25.pdf |
Detection: | MAL |
Classification: | mal60.phis.winPDF@39/57@11/8 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, WmiPrvSE.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 184.28.88.176, 54.224.241.105, 50.16.47.176, 34.237.241.83, 18.213.11.84, 2.16.168.107, 2.16.168.105, 172.64.41.3, 162.159.61.3, 23.209.209.135, 199.232.210.172, 2.17.190.73, 142.250.185.99, 142.250.185.174, 173.194.76.84, 142.250.184.206, 142.250.185.206, 142.250.184.234, 142.250.186.67, 142.250.184.202, 142.250.186.170, 216.58.206.42, 142.250.186.138, 142.250.186.42, 142.250.185.202, 216.58.212.170, 172.217.18.10, 142.250.185.106, 142.250.185.234, 172.217.16.202, 142.250.185.170, 142.250.181.234, 142.250.186.106, 142.250.185.138, 142.250.186.74, 216.58.206.74, 142.250.185.74, 172.217.23.106, 216.58.212.174, 216.58.206.46, 216.58.206.35, 172.217.16.206, 142.250.186.46, 142.250.185.78, 172.217.18.14, 2.23.242.162, 23.217.172.185, 4.175.87.197, 13.107.246.45
- Excluded domains from analysis (whitelisted): e4578.dscg.akamaiedge.net, chrome.cloudflare-dns.com, e8652.dscx.akamaiedge.net, slscr.update.microsoft.com, clientservices.googleapis.com, acroipm2.adobe.com, dns.msftncsi.com, clients2.google.com, ocsp.digicert.com, redirector.gvt1.com, ssl-delivery.adobe.com.edgekey.net, a122.dscd.akamai.net, update.googleapis.com, wu-b-net.trafficmanager.net, crl.root-x1.letsencrypt.org.edgekey.net, optimizationguide-pa.googleapis.com, clients1.google.com, fonts.googleapis.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, otelrules.azureedge.net, acroipm2.adobe.com.edgesuite.net, ctldl.windowsupdate.com.delivery.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, p13n.adobe.io, fe3cr.delivery.mp.microsoft.com, edgedl.me.gvt1.com, armmf.adobe.com, clients.l.google.com, geo2.adobe.com
- Not all processes where analyzed, report is missing behavior information
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
Time | Type | Description |
---|---|---|
18:48:35 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Telegram Phisher | Browse | |||
Get hash | malicious | Telegram Phisher | Browse | |||
Get hash | malicious | Telegram Phisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
172.67.11.119 | Get hash | malicious | Unknown | Browse | ||
34.117.59.81 | Get hash | malicious | CryptoWall, TrojanRansom | Browse |
| |
Get hash | malicious | Invicta Stealer, XWorm | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Neshta | Browse |
| ||
Get hash | malicious | Neshta | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
bg.microsoft.map.fastly.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Wannacry | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Wannacry | Browse |
| ||
Get hash | malicious | Wannacry | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
snip.ly | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | GRQ Scam | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | GRQ Scam | Browse |
| ||
f005.backblazeb2.com | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | CobaltStrike, Metasploit | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
CLOUDFLARENETUS | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
ZOOM-VIDEO-COMM-ASUS | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai, Moobot, Okiru | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Mirai, Okiru | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
GOOGLE-AS-APGoogleAsiaPacificPteLtdSG | Get hash | malicious | Telegram Phisher | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | DCRat, PureLog Stealer, zgRAT | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.225828926589656 |
Encrypted: | false |
SSDEEP: | 6:iO82u3+q2Pwkn2nKuAl9OmbnIFUtW2rZZmwo2rNVkwOwkn2nKuAl9OmbjLJ:77uOvYfHAahFUtBl/f35JfHAaSJ |
MD5: | C5752553460E133DFC1ECC8645FE3E51 |
SHA1: | A8492CA05D86853160E344A6B71B531F5EE6345F |
SHA-256: | 6B2AD31CE93032BA537358C98DE0067A58AFC4383767F475F28756EF3AF36ED7 |
SHA-512: | DB9E7F24B5EEB121FE9B1F18BE110221D03128CFCC5622C7918749456C47A1F3CC634B908BCF2A5B584A45224AC5BEF0C60E72DA00FD6D8190AB39820E8EE6A7 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.225828926589656 |
Encrypted: | false |
SSDEEP: | 6:iO82u3+q2Pwkn2nKuAl9OmbnIFUtW2rZZmwo2rNVkwOwkn2nKuAl9OmbjLJ:77uOvYfHAahFUtBl/f35JfHAaSJ |
MD5: | C5752553460E133DFC1ECC8645FE3E51 |
SHA1: | A8492CA05D86853160E344A6B71B531F5EE6345F |
SHA-256: | 6B2AD31CE93032BA537358C98DE0067A58AFC4383767F475F28756EF3AF36ED7 |
SHA-512: | DB9E7F24B5EEB121FE9B1F18BE110221D03128CFCC5622C7918749456C47A1F3CC634B908BCF2A5B584A45224AC5BEF0C60E72DA00FD6D8190AB39820E8EE6A7 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 336 |
Entropy (8bit): | 5.181316953285922 |
Encrypted: | false |
SSDEEP: | 6:iO82gxK+q2Pwkn2nKuAl9Ombzo2jMGIFUtW2gEJGZmwo2g/e3VkwOwkn2nKuAl97:77gg+vYfHAa8uFUtBg9/fg/KV5JfHAaU |
MD5: | B75B9D36C2F87F8B9263E4563ABC38DA |
SHA1: | C4A25591C2A05E9B2730F71BB4B619090B396D72 |
SHA-256: | C3814722D1EFFB5DDE4B245B7B6BD6B704F9AA9D28ABDB599D7CD51268619126 |
SHA-512: | 911074F5AC95BA93D0688D989C40735FB1FBD4E4EC96905DBA79F367AE0BF09E3BA3CE76ABA67B2012410C5C1A9CA4F2E659BED111F0DA3BAD3352E6E8929C2B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Local Storage\leveldb\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 336 |
Entropy (8bit): | 5.181316953285922 |
Encrypted: | false |
SSDEEP: | 6:iO82gxK+q2Pwkn2nKuAl9Ombzo2jMGIFUtW2gEJGZmwo2g/e3VkwOwkn2nKuAl97:77gg+vYfHAa8uFUtBg9/fg/KV5JfHAaU |
MD5: | B75B9D36C2F87F8B9263E4563ABC38DA |
SHA1: | C4A25591C2A05E9B2730F71BB4B619090B396D72 |
SHA-256: | C3814722D1EFFB5DDE4B245B7B6BD6B704F9AA9D28ABDB599D7CD51268619126 |
SHA-512: | 911074F5AC95BA93D0688D989C40735FB1FBD4E4EC96905DBA79F367AE0BF09E3BA3CE76ABA67B2012410C5C1A9CA4F2E659BED111F0DA3BAD3352E6E8929C2B |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\Network Persistent State (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 475 |
Entropy (8bit): | 4.951295469561047 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqLyysBdOg2Hvcaq3QYiubInP7E4T3y:Y2sRdsN3dMHe3QYhbG7nby |
MD5: | 134FD697535BE516B44A9B3AC32B6DC8 |
SHA1: | DDC3A919331F4DF0E12E3A55B8F84FC42DF2905A |
SHA-256: | 44E60C0A8799C39925F6EBBD96E78851DDCE747B6635C19601C8D07E7515FEE1 |
SHA-512: | 1D5F13451CC77C2F4E6E9B13D93039A29853FB80FC4DDA031A86DF7934CED083100D8A14211A5CFEB0C00110B4C7C0E6A5252D94F1632223C4213C90C76F872A |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Network\abb7daf6-0544-4b74-9a69-895ce6d0d6b0.tmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 475 |
Entropy (8bit): | 4.951295469561047 |
Encrypted: | false |
SSDEEP: | 12:YH/um3RA8sqLyysBdOg2Hvcaq3QYiubInP7E4T3y:Y2sRdsN3dMHe3QYhbG7nby |
MD5: | 134FD697535BE516B44A9B3AC32B6DC8 |
SHA1: | DDC3A919331F4DF0E12E3A55B8F84FC42DF2905A |
SHA-256: | 44E60C0A8799C39925F6EBBD96E78851DDCE747B6635C19601C8D07E7515FEE1 |
SHA-512: | 1D5F13451CC77C2F4E6E9B13D93039A29853FB80FC4DDA031A86DF7934CED083100D8A14211A5CFEB0C00110B4C7C0E6A5252D94F1632223C4213C90C76F872A |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\000003.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4730 |
Entropy (8bit): | 5.254156964451269 |
Encrypted: | false |
SSDEEP: | 96:etJCV4FAsszrNamjTN/2rjYMta02fDtehgO7BtTgo7ud3GZ:etJCV4FiN/jTN/2r8Mta02fEhgO73go7 |
MD5: | 3DFDE4EE76EA5BF8AB2C78E08CADE1F9 |
SHA1: | 3B3D66DBA99FAFBB69E247069487F355649B45A5 |
SHA-256: | F8494E32B8717F2F669C7DC02190941C087B63B871AFD3B4D904763C36803383 |
SHA-512: | CCBA8A0506A588568560E14CD8DD5D784D3E91DF1CD4AB42600F0F834869D1FDB10B63C0363C0E0960EC8C446DF49D64690B2216B92E81F43EBF7F1D9E0D8011 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 324 |
Entropy (8bit): | 5.224145894935436 |
Encrypted: | false |
SSDEEP: | 6:iO82il+q2Pwkn2nKuAl9OmbzNMxIFUtW2ibZmwo2irVkwOwkn2nKuAl9OmbzNMFd:77i+vYfHAa8jFUtBg/fQV5JfHAa84J |
MD5: | 51622511D892BB59596B00B4A2303080 |
SHA1: | 33372ECAC3A8FBF9B6EE4762C53C44CB4AFD6DB2 |
SHA-256: | 8F38A468FD3A9D210709ADC00872BF2D569DE41A1D8B0B9EAA1ADCAFF739C6B9 |
SHA-512: | 177B6A3EB1DDA8B85259A927ADF302697CD9B0C3F06763BF090E85C14AAB3814620B2B528D15FD7EC71950A808C21B19D5981F1BC0E749E58BA474F5BAC3F71D |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\AcroCef\DC\Acrobat\Cache\Session Storage\LOG.old (copy)
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 324 |
Entropy (8bit): | 5.224145894935436 |
Encrypted: | false |
SSDEEP: | 6:iO82il+q2Pwkn2nKuAl9OmbzNMxIFUtW2ibZmwo2irVkwOwkn2nKuAl9OmbzNMFd:77i+vYfHAa8jFUtBg/fQV5JfHAa84J |
MD5: | 51622511D892BB59596B00B4A2303080 |
SHA1: | 33372ECAC3A8FBF9B6EE4762C53C44CB4AFD6DB2 |
SHA-256: | 8F38A468FD3A9D210709ADC00872BF2D569DE41A1D8B0B9EAA1ADCAFF739C6B9 |
SHA-512: | 177B6A3EB1DDA8B85259A927ADF302697CD9B0C3F06763BF090E85C14AAB3814620B2B528D15FD7EC71950A808C21B19D5981F1BC0E749E58BA474F5BAC3F71D |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Adobe\Acrobat\DC\ConnectorIcons\icon-250114234827Z-155.bmp
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 65110 |
Entropy (8bit): | 1.947317462458769 |
Encrypted: | false |
SSDEEP: | 192:azkIk7Ck7CkAkzk6k6k6kbkSkeBkvkeDkkkfkFOkXOk6k6kgkrk4k6kGkGkGkGki:pZUMUBbmLYhU7r |
MD5: | 51803AD3AC630383FB67DA787F878794 |
SHA1: | 2033CFBDDFBADB6F319A2D6B8943DE3ABB5425CE |
SHA-256: | CC1CBDEEACC363035AA9EF8F154868135D1F5AC5BA3F4F0A4EFA9BF0BEC392E8 |
SHA-512: | 526DB4E03F4B05AFFD3A1DB6F11B1C2C3349B332F21ED3DF2F5423CF161DF0A0B76BA1C675E6DB273904187A13BD81AFDFDCAFF0FE1AE5D026B331E9E4D740AD |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 86016 |
Entropy (8bit): | 4.445435441159137 |
Encrypted: | false |
SSDEEP: | 384:yezci5t9iBA7aDQPsknQ0UNCFOa14ocOUw6zyFzqFkdZ+EUTTcdUZ5yDQhJL:rWs3OazzU89UTTgUL |
MD5: | 153BE8582D9406F41217D1AFDDFF1E3E |
SHA1: | C90CF0B0FBF4BC1E5CC8E3284FDAC858BB9E64E4 |
SHA-256: | F6FC3450E09AEE136E214141F5A4005003DDFA72111E428E5BFDE79E9F391F42 |
SHA-512: | EB56903CA87728FF2569650D30C210D2D0803436B1D0AC4F654765E3786F77C7A26B95F1875A3894206171998DC0F951FD20B01A018B2A00F06C4B8D434F3F7A |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 3.778053582122238 |
Encrypted: | false |
SSDEEP: | 48:7Mfp/E2ioyVoC0ioy9oWoy1Cwoy1pCnKOioy1noy1AYoy1Wioy1hioybioyzCBo+:7IpjuoC0F6CNXKQsCzCb9IVXEBodRBk2 |
MD5: | 7C49C67F41EE836F840B22A07ADFD220 |
SHA1: | 29A7B7B060B1ADB5A77C7D88F393F621D1197F0D |
SHA-256: | D5342B39CE435303D6AE9D932B7E42C75F5DDA37FA17CFEB3C5A22C179190CC3 |
SHA-512: | B9AE634929CA0971BCF21D25A37BEFBEC2B83101B62559255FA094DA8AAC698027F582D8341BFAB4D3B725E947BAF38B02723F3D56A0DBCA6243FAB8DF0D6875 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\2D85F72862B55C4EADD9E66E06947F3D
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1391 |
Entropy (8bit): | 7.705940075877404 |
Encrypted: | false |
SSDEEP: | 24:ooVdTH2NMU+I3E0Ulcrgdaf3sWrATrnkC4EmCUkmGMkfQo1fSZotWzD1:ooVguI3Kcx8WIzNeCUkJMmSuMX1 |
MD5: | 0CD2F9E0DA1773E9ED864DA5E370E74E |
SHA1: | CABD2A79A1076A31F21D253635CB039D4329A5E8 |
SHA-256: | 96BCEC06264976F37460779ACF28C5A7CFE8A3C0AAE11A8FFCEE05C0BDDF08C6 |
SHA-512: | 3B40F27E828323F5B91F8909883A78A21C86551761F27B38029FAAEC14AF5B7AA96FB9F9CC93EE201B5EB1D0FEF17B290747E8B839D2E49A8F36C5EBF3C7C910 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 71954 |
Entropy (8bit): | 7.996617769952133 |
Encrypted: | true |
SSDEEP: | 1536:gc257bHnClJ3v5mnAQEBP+bfnW8Ctl8G1G4eu76NWDdB34w18R5cBWcJAm68+Q:gp2ld5jPqW8LgeulxB3fgcEfDQ |
MD5: | 49AEBF8CBD62D92AC215B2923FB1B9F5 |
SHA1: | 1723BE06719828DDA65AD804298D0431F6AFF976 |
SHA-256: | B33EFCB95235B98B48508E019AFA4B7655E80CF071DEFABD8B2123FC8B29307F |
SHA-512: | BF86116B015FB56709516D686E168E7C9C68365136231CC51D0B6542AE95323A71D2C7ACEC84AAD7DCECC2E410843F6D82A0A6D51B9ACFC721A9C84FDD877B5B |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\2D85F72862B55C4EADD9E66E06947F3D
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 192 |
Entropy (8bit): | 2.7425532007658724 |
Encrypted: | false |
SSDEEP: | 3:kkFkl+O2ekXfllXlE/HT8kVNNX8RolJuRdxLlGB9lQRYwpDdt:kKnO2xIT8UNMa8RdWBwRd |
MD5: | 6FAF5C1EE86897F662CDB95ADBD91627 |
SHA1: | 3F790FAD380CBD2C0F9996EA979A593212DBA0F1 |
SHA-256: | 7DA8593DF07D38A1F4B6F3EF06F39954BC0B5938576F602AD4481FC0766F5A66 |
SHA-512: | 60CE0B7C3DEA46E3B76F54849A158E8C0D005879552700D7AE735DC7886137EA9E21201FA49DE9330CBA0D49529A3736B6E5CDB7FCDA2E9B793A41AD238C2446 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | modified |
Size (bytes): | 328 |
Entropy (8bit): | 3.245596380966818 |
Encrypted: | false |
SSDEEP: | 6:kK1jt/99UswD8HGsL+N+SkQlPlEGYRMY9z+4KlDA3RUebT3:B1kDImsLNkPlE99SNxAhUe/3 |
MD5: | 91473E2CCF8B077C5E56009FF25DA222 |
SHA1: | C25AEDDB28634CD42C44F8FDFD67A10BC54933B1 |
SHA-256: | 59FE027BCFD5CE6C1FAED8C8B01530050746BF4E61C2925A984DC587CBD7295C |
SHA-512: | B80A12690A3158C765791985DF209562A5F928A2A60612164A91BB281E3A36A7C8B4A7AB47C38488099FD777BC8F730E3DC6015AE77109DBE94915E1C75C3109 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\ACROBAT_READER_MASTER_SURFACEID
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.341919303842739 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJM3g98kUwPeUkwRe9:YvXKXTHZzlHEZc0v84GMbLUkee9 |
MD5: | 598F84060495EA755145231D97928F9B |
SHA1: | 15FEE0A6718C96A5F7B6BA4BE10779F10CB81662 |
SHA-256: | 9C297B2DA68EC6FE9416C68961A20BC1F12C8EF7E6685D0A02F2A44D3617BA81 |
SHA-512: | 5536ECF39CA4463E2FA16A2A48C0265514623C3BD079CDE3696ADAAB8598D80E3B4BD16F6590B764425F185DA19ADEC07BCC3BAF1974A9C967E8DD626B8D1750 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Home_View_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.285460467698007 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfBoTfXpnrPeUkwRe9:YvXKXTHZzlHEZc0v84GWTfXcUkee9 |
MD5: | 7B9BCC15B83100B52740DEF474058692 |
SHA1: | C961478583A682D1C6668B026BEAF5BBE685D553 |
SHA-256: | 9CFC4204C2CB6A80E15F711907CAB21406CF0D7FFC93729E4C50A44B60AD7CF7 |
SHA-512: | 5C21590364C7FE03A5DCB302DF8FC336D8EB19040BEB0DAF53C0D5BEBE6A969063790FBA900A0E0F05095D0A22C61C14D7C5113E8E51F6DD65E774674D8B2286 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_FirstMile_Right_Sec_Surface
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 294 |
Entropy (8bit): | 5.263998144382421 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfBD2G6UpnrPeUkwRe9:YvXKXTHZzlHEZc0v84GR22cUkee9 |
MD5: | BE6CD707848A5B5BE5030185F6C99931 |
SHA1: | E4D1204B0FC898164D7C825CC069A4A09DE83CD2 |
SHA-256: | 706B00F76E9F57A1E584EB7A1962CE75549817559216EC52187E5EF3963687FB |
SHA-512: | 7CF245FFE549C501C3AE8C3921D19FD175ACAB98F1382C8659280B8BB1B19E9F3D8A5E7C55724B977C9B105614CC88FE5AF4BEA862F74992B2D34D6B86A658C0 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_READER_LAUNCH_CARD
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 285 |
Entropy (8bit): | 5.328177386091427 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfPmwrPeUkwRe9:YvXKXTHZzlHEZc0v84GH56Ukee9 |
MD5: | 1C969F0546B35DEB49C41E5D0A2738EE |
SHA1: | 803C7B68A3DAB1F0E2EB1FCB5B808564949EBF21 |
SHA-256: | 461287E709903B820780B05F92A470251F4D73DAF6F5A538FA0F358A1C2C533F |
SHA-512: | 432425C3DBAC89BB8B76B371BCB1657D4AC50B495E65D1D6F3315FC2056848B0BB460B43CE89D0150C52A7FF48183CD3EF0FECB37382497066E080C108F4A7B3 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Convert_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1123 |
Entropy (8bit): | 5.683678782094151 |
Encrypted: | false |
SSDEEP: | 24:Yv6XFtEzv8pLgE9cQx8LennAvzBvkn0RCmK8czOCCSV1:Yv4GEhgy6SAFv5Ah8cv/V1 |
MD5: | 4F017C4675265B4BB3B3DB3BCFD48022 |
SHA1: | B285D6C352FF818793E0541215AE685591E0A03D |
SHA-256: | 2F21BBD44986AD8680DC894C85B1A59DECDC7D08E384CE34D4A4490159200926 |
SHA-512: | FC0A7D154D557A95E660904DE9CC74FFAFEDFA710F640592F8B86372ADDD436E1E31AB6C18C0BAEC83CA47979715843C85A6EB41D08663087682933437258161 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.271965660790737 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJf8dPeUkwRe9:YvXKXTHZzlHEZc0v84GU8Ukee9 |
MD5: | F654CF4303CAE57B6066E338C344D3A0 |
SHA1: | 1687FDDBAFDBE9D8AF7CAA969114CE11BF2F4B77 |
SHA-256: | 990BB319103954512B7946BBAF4082D1A5C7DB7BB42E7C2DBE246FE842A29C3A |
SHA-512: | 6D2269345609848CD949931EDE321594BDA5B8BEAA073680A7B5BB488995C1D27527591E990DE382A52AB6556476810BA7504B8EBEF4401EAC82C3A755640144 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Disc_LHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 292 |
Entropy (8bit): | 5.275372394914136 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfQ1rPeUkwRe9:YvXKXTHZzlHEZc0v84GY16Ukee9 |
MD5: | 2D8BD4BEBAC87392C9AC9CA36235A69A |
SHA1: | 62838FFB7694379A26903FD55800E955F2F8A886 |
SHA-256: | C52FD33B8B26C8D0177834C8C3E8CCD4A9DE1CDBB93B998C9A87F8B6D8521B7D |
SHA-512: | B1B59DE8C431DC1AAA70BE6FFC000A62CA5932C155275729B5855A39AA726FB70E2E9B49B0964F8E65B0FA538E90D2E2E2722BF1A19DADB3C576EB2B1B2EEF5E |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Edit_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.283144847015957 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfFldPeUkwRe9:YvXKXTHZzlHEZc0v84Gz8Ukee9 |
MD5: | B94CC3E3FDFF7A2D40D945DF39242E5B |
SHA1: | 9FB6CF8C4F2BA25998BAA7E58DF1286CB6080020 |
SHA-256: | 00000F13802F9B22347ABE4818CC19036DDAF910088003118021D00EBCD52B5F |
SHA-512: | E941A060DC2D7A944A5FBF0DC5158EECDDD961B5C572DA95AFB2BB2ABBBC7FFBB9BEAC8F4145EB739BD90DBFAD4ECE51E127A0AECFC3FD01B03A4845E83192B1 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Home_LHP_Trial_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 295 |
Entropy (8bit): | 5.298134237356373 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfzdPeUkwRe9:YvXKXTHZzlHEZc0v84Gb8Ukee9 |
MD5: | 87D735926A072CB949A67C98BAD2AF11 |
SHA1: | 4CE33A2761C0CFC4B7DF7A29286DD1BEC6D8511B |
SHA-256: | BEA087D5218050EDB8D146D3B27DE29B22D8EB23013695930162CE27B94DF1C7 |
SHA-512: | 65005153ECF74FFF71B29E105F5CD254E9421CD09B438003662591641855C8894E0B0EE5C0E9709589CB2F60CA87542E66351648A770C05E23D0BB55653FF30B |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_More_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 289 |
Entropy (8bit): | 5.278337231682401 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfYdPeUkwRe9:YvXKXTHZzlHEZc0v84Gg8Ukee9 |
MD5: | 38E3F4A7A8EC83EDED4945C95D5258A8 |
SHA1: | 657C3E3F2B0A22C160E82FC6510879E862A4E5A4 |
SHA-256: | D1BF4675D7A8CEB10669BAA2C581DAA5D3E458C7CAE60BF594CC072F86A64F9D |
SHA-512: | 145E5B825EEABDD67BF418AD6A3ED8C2A0E3A302B180B169AFA4E011D4EE4B10E758C7C6EB0E7BDFEABDDCC632B6F508322616B7F95E277FC61869DA93026797 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 284 |
Entropy (8bit): | 5.265109160272045 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJf+dPeUkwRe9:YvXKXTHZzlHEZc0v84G28Ukee9 |
MD5: | A160719B538793845A7180F30FE873DE |
SHA1: | EF7ABA7553565F7694F6022D69693D66488E6E9E |
SHA-256: | 2F31E462A5C222DD2EBFC734E94B062CF1B9165EE4A0A0031ABA22DECD685A2F |
SHA-512: | B85C268B8F8B99758787C56A978F174A66F8A7186D353D4B3773B01D56BA44064EBE85CA748E0610090DB8343A064315214324EC35EFE11AF090251F9B8FB8ED |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Intent_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 291 |
Entropy (8bit): | 5.262033214361884 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfbPtdPeUkwRe9:YvXKXTHZzlHEZc0v84GDV8Ukee9 |
MD5: | 83C7201474DE04EA93AC19AF79BD5CA6 |
SHA1: | 645F6F09D1A66258206D14F752513644EB968B85 |
SHA-256: | 37F15B7CE92FA3396E1C697D17AA4912AD807FC8665CC2C8FDEBAC87A7BC5107 |
SHA-512: | 60E1029E977CB779849ECD50E1EF5067235AC4F0E7E93AD82E86C9CADE011B4C5EEF3677265F073B87E0A790339F6F2F70A1B84494303A5B57D1362B3EC7895A |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_RHP_Retention
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 287 |
Entropy (8bit): | 5.266384821934527 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJf21rPeUkwRe9:YvXKXTHZzlHEZc0v84G+16Ukee9 |
MD5: | 959D536F5786A151FC63B17C2D5AA99E |
SHA1: | D67685DAD416F7E63C324F2A0763DD61FCEC0DBA |
SHA-256: | EF4F1452B7C5EF972BE7EE39826B8BD610FAE953AADA2DE0E0511CDEF40243B5 |
SHA-512: | 350ED97DC88734F5CFDB1F24AF8479A9118B0BB54CA65E3B66B06EDE9530407ECEA26166E9649AED0ADADF07A20AA448DD4CE99B48A3DD8249DC29F8F46D0C35 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Sign_LHP_Banner
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1090 |
Entropy (8bit): | 5.661240195281036 |
Encrypted: | false |
SSDEEP: | 24:Yv6XFtEzvIamXayLgE+cNDxeNaqnAvz7xHn0RCmK8czOC/BSV1:Yv4GmBgkDMUJUAh8cvMV1 |
MD5: | 2A4343523103D3E447C8EA61202B23B3 |
SHA1: | 93C7FBA9F96C0B67B7E0E82AC83F75F9CE4ED6FE |
SHA-256: | B6A93FB0D18C4FD9E4BC4493E8E971B54632535AF7DEB0B42DA1480BB203CAE3 |
SHA-512: | 53427F5CCE5FBC230FB5172BD05236CE1AE83DEE209BD28210C254AF105EE0A5DD75734336238014FC1A60E58F196FF4134C3A23F4C08D2950FB2496C902D75B |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Adobe\Acrobat\DC\SOPHIA\Acrobat\Files\DC_Reader_Upsell_Cards
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 286 |
Entropy (8bit): | 5.243763939184208 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJfshHHrPeUkwRe9:YvXKXTHZzlHEZc0v84GUUUkee9 |
MD5: | AB8878D7CF37FDE3D23E75CCDCFFB85C |
SHA1: | F02333F478D7ECB7745382C8810053EDD134ABD9 |
SHA-256: | CB687E285F312E3E15EEF68755CB395D6CB256C3400536B64DF83FB1D377C89F |
SHA-512: | DEB59BC63A251EC36FD3878346B9321EB859E5B6E528DAA05FDBB6459E6F0448E9CA258996D80071B97EBBD6EE2529E6D7DEB1B4C68DBFA2D384D26E52D21B22 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 282 |
Entropy (8bit): | 5.254399048613551 |
Encrypted: | false |
SSDEEP: | 6:YEQXJ2HXPEqHhTzlH9VoZcg1vRcR0YXXoAvJTqgFCrPeUkwRe9:YvXKXTHZzlHEZc0v84GTq16Ukee9 |
MD5: | E38B1B0E142D40ECA53E216137DFFB86 |
SHA1: | ABB751802F4ABA45FA3A10E3A03ECA028A286712 |
SHA-256: | 94BB3F12CE9EE94A0F5A2B530B9E7C50629F213B9CCB91164F83A52D5ED18B7D |
SHA-512: | D1A96CB3036B394E918C4496163E5FFB288FA7B14FB644DA2CCD17ACACFE961AE89B5D224817A165F3271B7DE66A697AFB91A82967848D4C7C0144A3DFB6628A |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4 |
Entropy (8bit): | 0.8112781244591328 |
Encrypted: | false |
SSDEEP: | 3:e:e |
MD5: | DC84B0D741E5BEAE8070013ADDCC8C28 |
SHA1: | 802F4A6A20CBF157AAF6C4E07E4301578D5936A2 |
SHA-256: | 81FF65EFC4487853BDB4625559E69AB44F19E0F5EFBD6D5B2AF5E3AB267C8E06 |
SHA-512: | 65D5F2A173A43ED2089E3934EB48EA02DD9CCE160D539A47D33A616F29554DBD7AF5D62672DA1637E0466333A78AAA023CBD95846A50AC994947DC888AB6AB71 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2814 |
Entropy (8bit): | 5.118517747247908 |
Encrypted: | false |
SSDEEP: | 24:YN36an4ayedAQg4vZyhH3zkoSjPWj0SS5nGa2mO2LSMCY7XnFPaLpNJ5HPU89D68:YNBEhIZ2A3A0d+Gb73FPGt1889j |
MD5: | 9C6C64871B8F3694BF1708E441345BA2 |
SHA1: | E87BB54D3513AAFCB4F1E61D65B5B8FC3B9B6D59 |
SHA-256: | 4F9F78083208132CC4520154864BCD1BAF5FFA267A6B4D0579DC2F46857DC85E |
SHA-512: | 1EFD18E822171FB10495C77220799406D2AC0325A8ED365454F26E2E4048500F6462FC8F5C0E3E5A2082FF872CE8A0689DF1C957FDEAC2985DFE4EA88DC8F6AE |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 12288 |
Entropy (8bit): | 1.1887632530261794 |
Encrypted: | false |
SSDEEP: | 48:TGufl2GL7msEHUUUUUUUU/SvR9H9vxFGiDIAEkGVvpD:lNVmswUUUUUUUU/+FGSItf |
MD5: | 6BBDD6825B423872D70EBECB5CEE0B3D |
SHA1: | C073A29D6FE800B2A99E9A2FA9C5413F9B74B3FF |
SHA-256: | F6644E4A7A47EE37EE2D1AD41D02670ACB2FCD53FAA875BC3BC09DAFE82546EB |
SHA-512: | 6F735E8525EB6144447A5555A62835F36B185A012AA197896F09B86DEA75CCAC9251FCCB8A824FA9BF1EE6EF5FB86994851F4BCC06FA0ED286BF7160A97A0224 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 8720 |
Entropy (8bit): | 1.6065534892028872 |
Encrypted: | false |
SSDEEP: | 48:7MBKUUUUUUUUUUDvR9H9vxFGiDIAEkGVvCqFl2GL7msh:7TUUUUUUUUUUTFGSItkKVmsh |
MD5: | 6E78C6A9CF7229B7296D0C69BDFD1BDB |
SHA1: | C34D13A6213CCD8D2993E6EF0B8470E4C5BF029A |
SHA-256: | 6AD960D3D3F6AF516FBDECE42795612CCA9506BC48E07AFB983AB29997E5BDFD |
SHA-512: | 2F522A0D881B6C83A45874910DE987AD848DC9D190A5D0D8B5349B0BA8D8B45E410C726C561973D33899B5283C94BBB1989B5C218B3865028497783E48D640FE |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 66726 |
Entropy (8bit): | 5.392739213842091 |
Encrypted: | false |
SSDEEP: | 768:RNOpblrU6TBH44ADKZEgJYqegiJ+W0g5FwfORS4f0CZOPPYyu:6a6TZ44ADEuqegiJ+WTgCZyPK |
MD5: | B4025B9F5D6DF9DB569C87A451A14F40 |
SHA1: | 62D0B4F7234903E3316AE644DD8E740D5CD9597F |
SHA-256: | 8E521E3816A0CBE65FE8CCB62D3E12C37ACC304C1B83E50D8A439FE94F52EBD6 |
SHA-512: | 4535A97C6BC07111E8B1B667F38CC0A268A93F2761029E072E19470E0BCF003F299D593277510BE66B05F00AD3E66CEEC3A346BE29975CBFA2E588E6C858131E |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 246 |
Entropy (8bit): | 3.5248044522866877 |
Encrypted: | false |
SSDEEP: | 6:Qgl946caEbiQLxuZUQu+lEbYnuoblv2K84sClEFuMH:Qw946cPbiOxDlbYnuRKIDg6 |
MD5: | 602450FA985DDED1C257180DF7163D54 |
SHA1: | 6F8F9EA294477470170E3D84B7FA6CF707375F6D |
SHA-256: | BD6AE6122AD70EB473D9E17E9EB743A48397AF5EAE6595BD4F1DB46926DA4F29 |
SHA-512: | 49E62FC6A6E09B69A31C87DBD29FF3272C208DA1E9DDD475B96470435F8F05CEE19E7F14210E5274EA7FFB323A536A38AFAF4901C6B27145A093CC675DF4803A |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 358 |
Entropy (8bit): | 5.0098668951893695 |
Encrypted: | false |
SSDEEP: | 6:IngVMrexJzJT0y9VEQIFVmb/eu2g/86S1kxROOlOfhWUOfhWZvLCSyAAO:IngVMre9T0HQIDmy9g06JX1OZtOZiLlX |
MD5: | 0CF141E82302E70FE103EE771FD3A098 |
SHA1: | A02EF5031769F99E288C9BC914AA62B83D92FA46 |
SHA-256: | AA31DC6B1F4600FA7EF1814B6AE806221A3434C43F43C51E2E3A6AC8AD25E072 |
SHA-512: | E4044E338A6D433FE61B1382B46F33AA4CA6DFC4BD2CC5182B08FD10C59FD81174368AFB506807CFB1B365200E8C86383D87954D74B4A5B52CCA5C3D67A7FCD8 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6 2025-01-14 18-48-25-486.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 16525 |
Entropy (8bit): | 5.345946398610936 |
Encrypted: | false |
SSDEEP: | 384:zHIq8qrq0qoq/qUILImCIrImI9IWdFdDdoPtPTPtP7ygyAydy0yGV///X/J/VokV:nNW |
MD5: | 8947C10F5AB6CFFFAE64BCA79B5A0BE3 |
SHA1: | 70F87EEB71BA1BE43D2ABAB7563F94C73AB5F778 |
SHA-256: | 4F3449101521DA7DF6B58A2C856592E1359BA8BD1ACD0688ECF4292BA5388485 |
SHA-512: | B76DB9EF3AE758F00CAF0C1705105C875838C7801F7265B17396466EECDA4BCD915DA4611155C5F2AD1C82A800C1BEC855E52E2203421815F915B77AA7331CA0 |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Temp\acrobat_sbx\NGL\NGLClient_AcrobatReader123.6.20320.6.log
Download File
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 15114 |
Entropy (8bit): | 5.39141321562178 |
Encrypted: | false |
SSDEEP: | 384:9KMn0uVrWtPBV2cm4gTjHhG7vk5vdC3CHCFCICDCKC0CeCGCUCpCHp9waGZMCvyp:pcFyi4N+3pLzJ8IPwYIGDcfnwtM |
MD5: | 5A201C32CAF383EAE97AAB4D4433F731 |
SHA1: | 703FDDC906745900C71129EDD6FD3097A64D529C |
SHA-256: | 11DC5190217B9E55DC5303B426E1C422385A34C402F6651969FAE5C7FB419BB7 |
SHA-512: | DF3026BF1C6D11AE9F24D6B60AE3C78265BDD8A0C8F60CFB859C4647242D9B72F6EC265F09176A6EDA6A1AC8F18FC160435A5E5BD9889FE999F1E75E6499B6DA |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 29752 |
Entropy (8bit): | 5.395525189335076 |
Encrypted: | false |
SSDEEP: | 768:anddBuBYZwcfCnwZCnR8Bu5hx18HoCnLlAY+iCBuzhLCnx1CnPrRRFS10l8gT2rp:1 |
MD5: | A30E372F0BE95572E1B535F132F02AEA |
SHA1: | 68C7D8EF1224E18C6C44C4208A3B531A13DA58F6 |
SHA-256: | 417DCC31FC5AD6D9BDF480CE257FC9BC8808372C2E8CA4D5841953347497FA82 |
SHA-512: | 9FE02D18BBADECFCF580C0736309BE71AD4BD406A9A1571FAA04670355C7D66D33C983AAA10C616F570F8CE0151772A8947C0C54F857CFAAFE15FFBF5B8C5382 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 758601 |
Entropy (8bit): | 7.98639316555857 |
Encrypted: | false |
SSDEEP: | 12288:ONh3P65+Tegs6121YSWBlkipdjuv1ybxrr/IxkB1mabFhOXZ/fEa+vTJJJJv+9Uo:O3Pjegf121YS8lkipdjMMNB1DofjgJJ0 |
MD5: | 12DDE6151F5E778520B3C8434B61AD0C |
SHA1: | 2D3EA4300ED7D77866B96F7BE2BD8FA4F03D2081 |
SHA-256: | 4EDFCFF1CCA3192ECCBA77FFB1572D1C544566CFC73749F0FAC5DD0BF0C73C76 |
SHA-512: | 3DE45A91E3D8A7EF05C37CC274ECD8BD8BCB99A1AAD7A4252AC6714B57AFC281D3BB6926CE2910F7BC366F1595B27EC89D96158D94E2ABEE7B7567ACEA861F93 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1419751 |
Entropy (8bit): | 7.976496077007677 |
Encrypted: | false |
SSDEEP: | 24576:/xA7owWLaGZDwYIGNPJodpy6mlind9j2kvhsfFXpAXDgrFBU2/R07D:JVwWLaGZDwZGk3mlind9i4ufFXpAXkru |
MD5: | 18E3D04537AF72FDBEB3760B2D10C80E |
SHA1: | B313CD0B25E41E5CF0DFB83B33AB3E3C7678D5CC |
SHA-256: | BBEF113A2057EE7EAC911DC960D36D4A62C262DAE5B1379257908228243BD6F4 |
SHA-512: | 2A5B9B0A5DC98151AD2346055DF2F7BFDE62F6069A4A6A9AB3377B644D61AE31609B9FC73BEE4A0E929F84BF30DA4C1CDE628915AC37C7542FD170D12DE41298 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 1407294 |
Entropy (8bit): | 7.97605879016224 |
Encrypted: | false |
SSDEEP: | 24576:/M7o5dpy6mlind9j2kvhsfFXpAXDgrFBU2/R077WLaGZjZwYIGNPJe:RB3mlind9i4ufFXpAXkrfUs03WLaGZje |
MD5: | 716C2C392DCD15C95BBD760EEBABFCD0 |
SHA1: | 4B4CE9C6AED6A7F809236B2DAFA9987CA886E603 |
SHA-256: | DD3E6CFC38DA1B30D5250B132388EF73536D00628267E7F9C7E21603388724D8 |
SHA-512: | E164702386F24FF72111A53DA48DC57866D10DAE50A21D4737B5687E149FF9D673729C5D2F2B8DA9EB76A2E5727A2AFCFA5DE6CC0EEEF7D6EBADE784385460AF |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 386528 |
Entropy (8bit): | 7.9736851559892425 |
Encrypted: | false |
SSDEEP: | 6144:8OSTJJJJEQ6T9UkRm1lBgI81ReWQ53+sQ36X/FLYVbxrr/IxktOQZ1mau4yBwsOo:sTJJJJv+9UZX+Tegs661ybxrr/IxkB1m |
MD5: | 5C48B0AD2FEF800949466AE872E1F1E2 |
SHA1: | 337D617AE142815EDDACB48484628C1F16692A2F |
SHA-256: | F40E3C96D4ED2F7A299027B37B2C0C03EAEEE22CF79C6B300E5F23ACB1EB31FE |
SHA-512: | 44210CE41F6365298BFBB14F6D850E59841FF555EBA00B51C6B024A12F458E91E43FDA3FA1A10AAC857D4BA7CA6992CCD891C02678DCA33FA1F409DE08859324 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 886767 |
Entropy (8bit): | 6.114107751762554 |
Encrypted: | false |
SSDEEP: | 12288:JPM9JWL9vOEpgFqhcpMnvJ2gsKO+ILx5V9EW9EfrArDrj1wVl:JPM9JWhOEmFrpMnEnKO+Ih9j9El |
MD5: | 0C8093CA93E475E1D1F3A6062CCCF365 |
SHA1: | 3B5A177E17610BF7B99CFF4956F98E23D098A7D0 |
SHA-256: | 76A6247A8BA693394D62456C28E8870071735E30EFC6BD02263DDE36678153F3 |
SHA-512: | 6F6DE4CE0B5048585934773D873A5FBCD6FD2CECD4109E028984FD6D2B670B71B2E45C7A6219BF0E148B1DD038DADE162B0A5107966E737640D44B51C5C11E7E |
Malicious: | false |
URL: | https://f005.backblazeb2.com/file/pplambo/index.html?utm_source=sniply&utm_campaign=sniply&utm_medium=sniply |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 321 |
Entropy (8bit): | 4.99323851364312 |
Encrypted: | false |
SSDEEP: | 6:kX32J19HgIJAuuuthkP//f4IoWzqs4jW1CRW35jY:kWJ1JgIOuHhA/XvoPPWV5k |
MD5: | 7225D8C283F7B303692A163301880199 |
SHA1: | 7BF7F829E108693DB3DAD66B557EAA1DBA464D94 |
SHA-256: | 19B824BE603626AAD3EB7CAAA5F56F709F22AE80965559A81977DEC9CB22A944 |
SHA-512: | 05125D14C265EED21453D2A6E8007F3BF2C2F339567718AF4F4A20C8EB1474EA73A7656B4EDF13B937B25AB3045601F49D19F8E47521C601FD17D3A218BE0D60 |
Malicious: | false |
URL: | https://ipinfo.io/json |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 321 |
Entropy (8bit): | 4.99323851364312 |
Encrypted: | false |
SSDEEP: | 6:kX32J19HgIJAuuuthkP//f4IoWzqs4jW1CRW35jY:kWJ1JgIOuHhA/XvoPPWV5k |
MD5: | 7225D8C283F7B303692A163301880199 |
SHA1: | 7BF7F829E108693DB3DAD66B557EAA1DBA464D94 |
SHA-256: | 19B824BE603626AAD3EB7CAAA5F56F709F22AE80965559A81977DEC9CB22A944 |
SHA-512: | 05125D14C265EED21453D2A6E8007F3BF2C2F339567718AF4F4A20C8EB1474EA73A7656B4EDF13B937B25AB3045601F49D19F8E47521C601FD17D3A218BE0D60 |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 263912 |
Entropy (8bit): | 7.9989774457926055 |
Encrypted: | true |
SSDEEP: | 6144:G5VufZWf5Xuch4xmEiOdLtBQ/MHE2F4VNVeI627H0NdCmERCb:+VuxWN349/mMHEDfnnxmiCb |
MD5: | B682D2A5CC647D344BC15AE0923F25BD |
SHA1: | 66565D0618C3642C9D9DFFFAFCD7C08354FE92E9 |
SHA-256: | E91B114406D343A5B1749FFD6DA8A1056D0546B486D38ECC4A4ECDB063903F0C |
SHA-512: | D9BFD58EE82342278473EA7F5D169A315D331CC8390EB7BBD520E5DAC94ECF2CEDA2C44DF2D8B33EBD5646F57C573C22E7C9C5C170E48A8828EFB8BC78F2767D |
Malicious: | false |
URL: | https://fonts.gstatic.com/s/materialsymbolsoutlined/v222/kJF1BvYX7BgnkSrUwT8OhrdQw4oELdPIeeII9v6oDMzByHX9rA6RzaxHMPdY43zj-jCxv3fzvRNU22ZXGJpEpjC_1v-p_4MrImHCIJIZrDCvHOej.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 696 |
Entropy (8bit): | 5.31027038341894 |
Encrypted: | false |
SSDEEP: | 12:Uc11FPk+5O6ZRoT6pHAH6yYw47gmfDmx8YpFk+56ZmOHc9n+5cMK00k14enEPCe4:3Fs+5OYsKo6yYw4LfaKYA+5YmOOk4TfE |
MD5: | 39A16DB346F67785A77E4FDBD5EEA3C1 |
SHA1: | 6A5860970E7C43B2ED818A915FFFCDB0EEA73A62 |
SHA-256: | 4DB2B7B738792BF0C7E6A6928E21D510B2389447A2CFEEEE70E98FB988EF795A |
SHA-512: | ADBDEE600DC189D91DDB2EF39608381591CB37E86F911584463640A33F7AFC42482B8A7FC7E80D5C18638A5ED3254AF2AB55B1C99156ACC892872D4F301E0621 |
Malicious: | false |
URL: | "https://fonts.googleapis.com/css2?family=Material+Symbols+Outlined:opsz,wght,FILL,GRAD@24,400,0,0" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 56 |
Entropy (8bit): | 4.74692495803521 |
Encrypted: | false |
SSDEEP: | 3:mS9YHnPbDKthmmk+:mS+HPbqR |
MD5: | 623A4DD46A6C0735D599710F8F875D74 |
SHA1: | 209B66E9914483C1E68A171805420A13040508A6 |
SHA-256: | F2F4A71D8CDB3293EE3EEFC8247A52E90F07F32FB87EF6DB09D311ECD34E24F6 |
SHA-512: | A0F1A861637242EB3D48F6C7EB3084279DCF03920B3F2A4F7A993BBC9BDBA4C5620F1028AB716608254D0FE58C0C674D15D50B69BE83BE90009646E47EA6BB4A |
Malicious: | false |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHglk__D6lwa1MBIFDSFfFoQSBQ2DqFs9EgUNzkFMehIQCVRdreg1vn-qEgUN_6k_TQ==?alt=proto |
Preview: |
File type: | |
Entropy (8bit): | 7.884760502797368 |
TrID: |
|
File name: | Document-01-16-25.pdf |
File size: | 53'275 bytes |
MD5: | 8ecce729a5760b28b76cb62e79303981 |
SHA1: | 6f43fdec72833659693f1e26bbd8fc2b3093ae6f |
SHA256: | c8f8f3532d48c50d9b11f98ccdc60d1f7ab44b6f72ecb089a023938da7b6bdfa |
SHA512: | 524f61f7484f3462330abca0d0069a2059b4b3b2a0888f4f7ebef73d801eaa4eb974eef6d2ca697d9c11de0c2bcb9fb1fec91b6673bb396da9a0b9140c44944e |
SSDEEP: | 768:9uRfbhC8WRKrfST7iouLwaw43U0+d21yPNmARTmL3P/RlyVTt4Os9NvUB8:9aWg4FNal3kd21yPNlTmL3P3yv4OiA8 |
TLSH: | 7D33B094DA1A48CCFC965837183E3D0FC27AB2DB44DD749258698F82E684D443A62DFB |
File Content Preview: | %PDF-1.4.%.....3 0 obj.<</S/URI/Type/Action/URI(https://snip.ly/h183fa)>>.endobj.4 0 obj.<</W 0>>.endobj.2 0 obj.<</A 3 0 R/BS 4 0 R/Rect[202 465 379 489]/Subtype/Link/Type/Annot>>.endobj.5 0 obj.<</Filter/FlateDecode/Length 10>>stream.x.+......|.endstrea |
Icon Hash: | 62cc8caeb29e8ae0 |
General | |
---|---|
Header: | %PDF-1.4 |
Total Entropy: | 7.884761 |
Total Bytes: | 53275 |
Stream Entropy: | 7.988645 |
Stream Bytes: | 44969 |
Entropy outside Streams: | 5.204934 |
Bytes outside Streams: | 8306 |
Number of EOF found: | 1 |
Bytes after EOF: |
Name | Count |
---|---|
obj | 63 |
endobj | 63 |
stream | 30 |
endstream | 30 |
xref | 1 |
trailer | 1 |
startxref | 1 |
/Page | 1 |
/Encrypt | 0 |
/ObjStm | 0 |
/URI | 2 |
/JS | 0 |
/JavaScript | 0 |
/AA | 0 |
/OpenAction | 0 |
/AcroForm | 0 |
/JBIG2Decode | 0 |
/RichMedia | 0 |
/Launch | 0 |
/EmbeddedFile | 0 |
Image Streams |
---|
ID | DHASH | MD5 | Preview |
---|---|---|---|
51 | dca66d5155599ac4 | ceb3c68b0a65e38427782232d0899215 | |
50 | ccb26971757d92cc | cb87815411998bae8d5e8925c029f951 | |
52 | 49193f536d2b5d55 | 678915a5e2a170a31605b003d789c972 | |
55 | 0000000000000000 | 3eae7cfaea782924b39e10457159bc49 | |
53 | 0048280002221000 | ca59d29eb2b7fff8c6fac3165b27ed78 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 15, 2025 00:48:25.575737000 CET | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Jan 15, 2025 00:48:36.875298023 CET | 49672 | 443 | 192.168.2.4 | 173.222.162.32 |
Jan 15, 2025 00:48:36.875355005 CET | 443 | 49672 | 173.222.162.32 | 192.168.2.4 |
Jan 15, 2025 00:48:41.626847029 CET | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
Jan 15, 2025 00:48:41.635129929 CET | 80 | 49723 | 199.232.214.172 | 192.168.2.4 |
Jan 15, 2025 00:48:41.635209084 CET | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
Jan 15, 2025 00:48:41.740298033 CET | 52309 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:41.746452093 CET | 53 | 52309 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:41.746543884 CET | 52309 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:41.753272057 CET | 53 | 52309 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:42.203330040 CET | 52309 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:42.210264921 CET | 53 | 52309 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:42.210350037 CET | 52309 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:49.940360069 CET | 52311 | 443 | 192.168.2.4 | 172.67.11.119 |
Jan 15, 2025 00:48:49.940382957 CET | 443 | 52311 | 172.67.11.119 | 192.168.2.4 |
Jan 15, 2025 00:48:49.940448999 CET | 52311 | 443 | 192.168.2.4 | 172.67.11.119 |
Jan 15, 2025 00:48:49.942202091 CET | 52311 | 443 | 192.168.2.4 | 172.67.11.119 |
Jan 15, 2025 00:48:49.942217112 CET | 443 | 52311 | 172.67.11.119 | 192.168.2.4 |
Jan 15, 2025 00:48:50.417792082 CET | 443 | 52311 | 172.67.11.119 | 192.168.2.4 |
Jan 15, 2025 00:48:50.418536901 CET | 52311 | 443 | 192.168.2.4 | 172.67.11.119 |
Jan 15, 2025 00:48:50.418557882 CET | 443 | 52311 | 172.67.11.119 | 192.168.2.4 |
Jan 15, 2025 00:48:50.419450998 CET | 443 | 52311 | 172.67.11.119 | 192.168.2.4 |
Jan 15, 2025 00:48:50.419621944 CET | 52311 | 443 | 192.168.2.4 | 172.67.11.119 |
Jan 15, 2025 00:48:50.422341108 CET | 52311 | 443 | 192.168.2.4 | 172.67.11.119 |
Jan 15, 2025 00:48:50.422399044 CET | 443 | 52311 | 172.67.11.119 | 192.168.2.4 |
Jan 15, 2025 00:48:50.423161983 CET | 52311 | 443 | 192.168.2.4 | 172.67.11.119 |
Jan 15, 2025 00:48:50.423171043 CET | 443 | 52311 | 172.67.11.119 | 192.168.2.4 |
Jan 15, 2025 00:48:50.464338064 CET | 52311 | 443 | 192.168.2.4 | 172.67.11.119 |
Jan 15, 2025 00:48:51.151864052 CET | 443 | 52311 | 172.67.11.119 | 192.168.2.4 |
Jan 15, 2025 00:48:51.151940107 CET | 443 | 52311 | 172.67.11.119 | 192.168.2.4 |
Jan 15, 2025 00:48:51.152038097 CET | 52311 | 443 | 192.168.2.4 | 172.67.11.119 |
Jan 15, 2025 00:48:51.162132978 CET | 52311 | 443 | 192.168.2.4 | 172.67.11.119 |
Jan 15, 2025 00:48:51.162156105 CET | 443 | 52311 | 172.67.11.119 | 192.168.2.4 |
Jan 15, 2025 00:48:51.177800894 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.177843094 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.177917957 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.178102016 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.178116083 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.651962996 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.652362108 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.652390957 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.654300928 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.654426098 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.655572891 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.655697107 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.655745029 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.698834896 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.698856115 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.744657993 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.804074049 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.804085970 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.804096937 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.804126024 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.804203033 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.804219961 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.804234982 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.809217930 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.809225082 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.809289932 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.809298992 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.809338093 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.849360943 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.891159058 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.891169071 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.891196012 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.891273975 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.891292095 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.892298937 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.892306089 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.892365932 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.892374992 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.893228054 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.893234968 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.893403053 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.893413067 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.894165993 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.894215107 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.894222021 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.894227982 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.894522905 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.946809053 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.977588892 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.977605104 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.977637053 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.977679968 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.977725029 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.978091955 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.978101969 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.978142977 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.978369951 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.978377104 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.978840113 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.978880882 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.978890896 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.978893995 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.978925943 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.978935957 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.978956938 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.979013920 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.979835987 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.980108976 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.980114937 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.980201960 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.980828047 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.980868101 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.980901003 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.980914116 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.980946064 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.980986118 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.982326031 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:51.982475042 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:51.982482910 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.025878906 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.064536095 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.064650059 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.064659119 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.064680099 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.064742088 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.064749002 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.064789057 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.064843893 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.064851046 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.064938068 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.065001011 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.065007925 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.065113068 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.065215111 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.065223932 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.065233946 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.065301895 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.065309048 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.065644979 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.065705061 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.065711021 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.065871954 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.065947056 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.065953970 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.069240093 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.069361925 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.069370031 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.069479942 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.069667101 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.069674969 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.069686890 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.069912910 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.069968939 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.069976091 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.069989920 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.070131063 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.070266008 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.070272923 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.070395947 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.070466995 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.070472956 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.118283987 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.151106119 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.151225090 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.151231050 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.151262999 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.151299953 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.151331902 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.151338100 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.151421070 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.151495934 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.151495934 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.151504040 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.151556969 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.151679039 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.151732922 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.151732922 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.151741028 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.151853085 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.151911974 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.151920080 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.152004957 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.152129889 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.152196884 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.152196884 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.152204990 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.152240038 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.152316093 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.152323008 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.152407885 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.152476072 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.152483940 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.152506113 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.152602911 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.152610064 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.152642965 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.152755022 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.152762890 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.152797937 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.152811050 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.152873993 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.152880907 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.152908087 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.153019905 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.153027058 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.153137922 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.153212070 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.153218985 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.194761038 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.194940090 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.194947958 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.237891912 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238015890 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.238024950 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238111019 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238145113 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238157034 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238185883 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238190889 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.238190889 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.238197088 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238230944 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.238230944 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.238264084 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238323927 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.238400936 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238487959 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238497019 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.238502979 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238569975 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.238569975 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.238600969 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238639116 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238692045 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.238692045 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.238698959 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238867044 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.238890886 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238903999 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.238965988 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.239020109 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.239020109 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.239026070 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.239116907 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.239145041 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.239341021 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.239346027 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.239398956 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.239437103 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.239483118 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.239483118 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.239490032 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.239654064 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.239692926 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.239712954 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.239712954 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.239718914 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.239758015 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.239758015 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.239844084 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.239900112 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.239900112 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.239907026 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.281498909 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.281708956 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.281735897 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.324820995 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.324955940 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.324985981 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.325042963 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.325162888 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.325174093 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.325187922 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.325299978 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.325306892 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.325314999 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.325434923 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.325445890 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.325453043 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.325608969 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.325614929 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.325654984 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.325663090 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.329782963 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.329912901 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.329935074 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.329996109 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.330058098 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.330065012 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.330073118 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.330112934 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.330197096 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.330265999 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.330271006 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.330303907 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.330343008 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.330348015 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.330358028 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.330384016 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.330434084 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.330591917 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.330598116 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.330811024 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.330854893 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.330867052 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.330873013 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.330912113 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.331120014 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.331172943 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.331195116 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.331202030 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.331235886 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.368330002 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.368402004 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.368422985 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.381442070 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.411673069 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.411737919 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.411760092 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.411925077 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.411979914 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.411988974 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.412242889 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.412328959 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.412336111 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.412425041 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.412487984 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.412494898 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.412609100 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.412672997 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.412681103 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.416630983 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.416716099 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.416726112 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.416835070 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.416901112 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.416908026 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.417046070 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.417108059 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.417114973 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.417248011 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.417309046 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.417315960 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.417515993 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.417654991 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.417660952 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.417745113 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.417932034 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.417933941 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.417948008 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.418064117 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.418068886 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.418128014 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.418138981 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.418144941 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.418204069 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.418204069 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.418330908 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.418454885 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.418462038 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.418533087 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.418732882 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.418741941 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.455095053 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.455167055 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.455185890 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.498677015 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.498848915 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.498852968 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.498876095 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.498913050 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.498920918 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.498955011 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.499039888 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.499102116 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.499106884 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.499262094 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.499332905 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.499340057 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.499444008 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.499494076 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.499501944 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.503540993 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.503602982 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.503614902 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.503813028 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.503864050 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.503870964 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.504151106 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.504204988 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.504211903 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.504487038 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.504542112 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.504549026 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.504702091 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.504755974 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.504761934 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.504897118 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.504945040 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.504951000 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.505114079 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.505156994 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.505162954 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.505278111 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.505346060 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.505351067 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.505448103 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.505491972 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.505497932 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.505706072 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.505748034 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.505754948 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.542138100 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.542197943 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.542223930 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.542244911 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.542260885 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.542279005 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:52.542327881 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.542577028 CET | 52316 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:52.542594910 CET | 443 | 52316 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:53.188958883 CET | 52319 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:53.189004898 CET | 443 | 52319 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:53.189107895 CET | 52319 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:53.189682961 CET | 52319 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:53.189696074 CET | 443 | 52319 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:53.334583998 CET | 52322 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:53.334609032 CET | 443 | 52322 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:53.334660053 CET | 52322 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:53.335011005 CET | 52322 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:53.335025072 CET | 443 | 52322 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:53.764903069 CET | 443 | 52319 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:53.765150070 CET | 52319 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:53.765161037 CET | 443 | 52319 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:53.765559912 CET | 443 | 52319 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:53.765885115 CET | 52319 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:53.765978098 CET | 443 | 52319 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:53.766102076 CET | 52319 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:53.804712057 CET | 443 | 52322 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:53.805351973 CET | 52322 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:53.805377960 CET | 443 | 52322 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:53.806487083 CET | 443 | 52322 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:53.806590080 CET | 52322 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:53.807339907 CET | 443 | 52319 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:53.807852030 CET | 52322 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:53.807926893 CET | 443 | 52322 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:53.808134079 CET | 52322 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:53.808149099 CET | 443 | 52322 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:53.862129927 CET | 52322 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:53.877698898 CET | 443 | 52319 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:53.877791882 CET | 443 | 52319 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:53.877872944 CET | 52319 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:53.906835079 CET | 52319 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:53.906879902 CET | 443 | 52319 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:53.950711012 CET | 443 | 52322 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:53.950855017 CET | 443 | 52322 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:53.950951099 CET | 52322 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:54.233778000 CET | 52323 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:54.233838081 CET | 443 | 52323 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:54.233935118 CET | 52323 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:54.234596014 CET | 52324 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:48:54.234641075 CET | 443 | 52324 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:48:54.234705925 CET | 52324 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:48:54.234859943 CET | 52323 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:54.234894991 CET | 443 | 52323 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:54.235682964 CET | 52324 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:48:54.235717058 CET | 443 | 52324 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:48:54.236604929 CET | 52322 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:54.236624002 CET | 443 | 52322 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:54.331379890 CET | 52325 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:54.331415892 CET | 443 | 52325 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:54.331481934 CET | 52325 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:54.331716061 CET | 52325 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:54.331731081 CET | 443 | 52325 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:54.724904060 CET | 443 | 52323 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:54.735928059 CET | 52323 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:54.735991955 CET | 443 | 52323 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:54.736381054 CET | 443 | 52323 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:54.736830950 CET | 52323 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:54.736910105 CET | 443 | 52323 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:54.737054110 CET | 52323 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:54.779341936 CET | 443 | 52323 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:54.794696093 CET | 443 | 52325 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:54.794955015 CET | 52325 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:54.794970989 CET | 443 | 52325 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:54.796000004 CET | 443 | 52325 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:54.796056032 CET | 52325 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:54.796535969 CET | 52325 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:54.796602011 CET | 443 | 52325 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:54.796686888 CET | 52325 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:54.796693087 CET | 443 | 52325 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:54.835983992 CET | 52325 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:54.843589067 CET | 443 | 52323 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:54.843652964 CET | 443 | 52323 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:54.843718052 CET | 52323 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:54.845145941 CET | 52323 | 443 | 192.168.2.4 | 149.137.136.16 |
Jan 15, 2025 00:48:54.845192909 CET | 443 | 52323 | 149.137.136.16 | 192.168.2.4 |
Jan 15, 2025 00:48:54.887264967 CET | 443 | 52324 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:48:54.887743950 CET | 52324 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:48:54.887769938 CET | 443 | 52324 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:48:54.888839006 CET | 443 | 52324 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:48:54.888901949 CET | 52324 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:48:54.890192986 CET | 52324 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:48:54.890260935 CET | 443 | 52324 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:48:54.927153111 CET | 443 | 52325 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:54.927242994 CET | 443 | 52325 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:54.927290916 CET | 52325 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:54.928052902 CET | 52325 | 443 | 192.168.2.4 | 34.117.59.81 |
Jan 15, 2025 00:48:54.928069115 CET | 443 | 52325 | 34.117.59.81 | 192.168.2.4 |
Jan 15, 2025 00:48:54.935684919 CET | 52324 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:48:54.935714960 CET | 443 | 52324 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:48:54.982604027 CET | 52324 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:49:04.814436913 CET | 443 | 52324 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:49:04.814505100 CET | 443 | 52324 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:49:04.814559937 CET | 52324 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:49:05.206901073 CET | 52324 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:49:05.206976891 CET | 443 | 52324 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:49:30.633275032 CET | 49724 | 80 | 192.168.2.4 | 199.232.214.172 |
Jan 15, 2025 00:49:30.638382912 CET | 80 | 49724 | 199.232.214.172 | 192.168.2.4 |
Jan 15, 2025 00:49:30.638469934 CET | 49724 | 80 | 192.168.2.4 | 199.232.214.172 |
Jan 15, 2025 00:49:54.165390968 CET | 52561 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:49:54.165491104 CET | 443 | 52561 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:49:54.165750027 CET | 52561 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:49:54.166024923 CET | 52561 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:49:54.166063070 CET | 443 | 52561 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:49:54.798240900 CET | 443 | 52561 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:49:54.808501005 CET | 52561 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:49:54.808568954 CET | 443 | 52561 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:49:54.809051037 CET | 443 | 52561 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:49:54.809535980 CET | 52561 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:49:54.809757948 CET | 443 | 52561 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:49:54.851612091 CET | 52561 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:50:04.710867882 CET | 443 | 52561 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:50:04.710943937 CET | 443 | 52561 | 142.250.185.132 | 192.168.2.4 |
Jan 15, 2025 00:50:04.711091995 CET | 52561 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:50:06.092813969 CET | 52561 | 443 | 192.168.2.4 | 142.250.185.132 |
Jan 15, 2025 00:50:06.092859983 CET | 443 | 52561 | 142.250.185.132 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 15, 2025 00:48:36.214257956 CET | 60253 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:41.739818096 CET | 53 | 55241 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:42.160953999 CET | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Jan 15, 2025 00:48:49.859652996 CET | 62722 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:49.859868050 CET | 60804 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:49.872245073 CET | 53 | 55703 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:49.912141085 CET | 53 | 62722 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:49.942284107 CET | 53 | 62962 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:50.069660902 CET | 53 | 60804 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:50.954420090 CET | 53 | 55417 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:51.167327881 CET | 51633 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:51.167476892 CET | 65419 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:51.175949097 CET | 53 | 51633 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:51.177284002 CET | 53 | 65419 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:52.167996883 CET | 53 | 51672 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:53.120503902 CET | 61582 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:53.120682955 CET | 53221 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:53.305500031 CET | 53 | 53221 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:53.305694103 CET | 53 | 49959 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:53.306030035 CET | 53 | 61582 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:54.186619997 CET | 50947 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:54.186789989 CET | 57028 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:54.193382025 CET | 53 | 50947 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:54.193562031 CET | 53 | 57028 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:54.323235989 CET | 57698 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:54.323482990 CET | 63770 | 53 | 192.168.2.4 | 1.1.1.1 |
Jan 15, 2025 00:48:54.330363989 CET | 53 | 57698 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:48:54.330962896 CET | 53 | 63770 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:49:02.250238895 CET | 53 | 51537 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:49:08.003882885 CET | 53 | 64749 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:49:27.096251965 CET | 53 | 55135 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:49:49.322293997 CET | 53 | 60999 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:49:49.454929113 CET | 53 | 65215 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:50:20.301215887 CET | 53 | 59655 | 1.1.1.1 | 192.168.2.4 |
Jan 15, 2025 00:51:05.313267946 CET | 53 | 62411 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Jan 15, 2025 00:48:50.069746971 CET | 192.168.2.4 | 1.1.1.1 | c237 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jan 15, 2025 00:48:36.214257956 CET | 192.168.2.4 | 1.1.1.1 | 0x397b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 15, 2025 00:48:49.859652996 CET | 192.168.2.4 | 1.1.1.1 | 0x185b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 15, 2025 00:48:49.859868050 CET | 192.168.2.4 | 1.1.1.1 | 0xb9a5 | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 15, 2025 00:48:51.167327881 CET | 192.168.2.4 | 1.1.1.1 | 0xa868 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 15, 2025 00:48:51.167476892 CET | 192.168.2.4 | 1.1.1.1 | 0xaed6 | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 15, 2025 00:48:53.120503902 CET | 192.168.2.4 | 1.1.1.1 | 0x42e2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 15, 2025 00:48:53.120682955 CET | 192.168.2.4 | 1.1.1.1 | 0xbb20 | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 15, 2025 00:48:54.186619997 CET | 192.168.2.4 | 1.1.1.1 | 0xab24 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 15, 2025 00:48:54.186789989 CET | 192.168.2.4 | 1.1.1.1 | 0x3fe9 | Standard query (0) | 65 | IN (0x0001) | false | |
Jan 15, 2025 00:48:54.323235989 CET | 192.168.2.4 | 1.1.1.1 | 0x4145 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 15, 2025 00:48:54.323482990 CET | 192.168.2.4 | 1.1.1.1 | 0x1f17 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jan 15, 2025 00:48:36.223509073 CET | 1.1.1.1 | 192.168.2.4 | 0x397b | No error (0) | crl.root-x1.letsencrypt.org.edgekey.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Jan 15, 2025 00:48:36.941063881 CET | 1.1.1.1 | 192.168.2.4 | 0xbe75 | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
Jan 15, 2025 00:48:36.941063881 CET | 1.1.1.1 | 192.168.2.4 | 0xbe75 | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Jan 15, 2025 00:48:49.912141085 CET | 1.1.1.1 | 192.168.2.4 | 0x185b | No error (0) | 172.67.11.119 | A (IP address) | IN (0x0001) | false | ||
Jan 15, 2025 00:48:49.912141085 CET | 1.1.1.1 | 192.168.2.4 | 0x185b | No error (0) | 104.22.7.164 | A (IP address) | IN (0x0001) | false | ||
Jan 15, 2025 00:48:49.912141085 CET | 1.1.1.1 | 192.168.2.4 | 0x185b | No error (0) | 104.22.6.164 | A (IP address) | IN (0x0001) | false | ||
Jan 15, 2025 00:48:50.069660902 CET | 1.1.1.1 | 192.168.2.4 | 0xb9a5 | No error (0) | 65 | IN (0x0001) | false | |||
Jan 15, 2025 00:48:51.175949097 CET | 1.1.1.1 | 192.168.2.4 | 0xa868 | No error (0) | 149.137.136.16 | A (IP address) | IN (0x0001) | false | ||
Jan 15, 2025 00:48:53.306030035 CET | 1.1.1.1 | 192.168.2.4 | 0x42e2 | No error (0) | 34.117.59.81 | A (IP address) | IN (0x0001) | false | ||
Jan 15, 2025 00:48:54.193382025 CET | 1.1.1.1 | 192.168.2.4 | 0xab24 | No error (0) | 142.250.185.132 | A (IP address) | IN (0x0001) | false | ||
Jan 15, 2025 00:48:54.193562031 CET | 1.1.1.1 | 192.168.2.4 | 0x3fe9 | No error (0) | 65 | IN (0x0001) | false | |||
Jan 15, 2025 00:48:54.330363989 CET | 1.1.1.1 | 192.168.2.4 | 0x4145 | No error (0) | 34.117.59.81 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 52311 | 172.67.11.119 | 443 | 280 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-01-14 23:48:50 UTC | 656 | OUT | |
2025-01-14 23:48:51 UTC | 536 | IN | |
2025-01-14 23:48:51 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 52316 | 149.137.136.16 | 443 | 280 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-01-14 23:48:51 UTC | 742 | OUT | |
2025-01-14 23:48:51 UTC | 658 | IN | |
2025-01-14 23:48:51 UTC | 7594 | IN | |
2025-01-14 23:48:51 UTC | 8192 | IN | |
2025-01-14 23:48:51 UTC | 8192 | IN | |
2025-01-14 23:48:51 UTC | 8192 | IN | |
2025-01-14 23:48:51 UTC | 8192 | IN | |
2025-01-14 23:48:51 UTC | 8192 | IN | |
2025-01-14 23:48:51 UTC | 8192 | IN | |
2025-01-14 23:48:51 UTC | 8192 | IN | |
2025-01-14 23:48:51 UTC | 8192 | IN | |
2025-01-14 23:48:51 UTC | 8192 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.4 | 52319 | 149.137.136.16 | 443 | 280 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-01-14 23:48:53 UTC | 813 | OUT | |
2025-01-14 23:48:53 UTC | 245 | IN | |
2025-01-14 23:48:53 UTC | 94 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.4 | 52322 | 34.117.59.81 | 443 | 280 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-01-14 23:48:53 UTC | 551 | OUT | |
2025-01-14 23:48:53 UTC | 345 | IN | |
2025-01-14 23:48:53 UTC | 321 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.4 | 52323 | 149.137.136.16 | 443 | 280 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-01-14 23:48:54 UTC | 675 | OUT | |
2025-01-14 23:48:54 UTC | 245 | IN | |
2025-01-14 23:48:54 UTC | 43 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.4 | 52325 | 34.117.59.81 | 443 | 280 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-01-14 23:48:54 UTC | 337 | OUT | |
2025-01-14 23:48:54 UTC | 345 | IN | |
2025-01-14 23:48:54 UTC | 321 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 18:48:22 |
Start date: | 14/01/2025 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\Acrobat.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff6bc1b0000 |
File size: | 5'641'176 bytes |
MD5 hash: | 24EAD1C46A47022347DC0F05F6EFBB8C |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 1 |
Start time: | 18:48:22 |
Start date: | 14/01/2025 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff74bb60000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 3 |
Start time: | 18:48:23 |
Start date: | 14/01/2025 |
Path: | C:\Program Files\Adobe\Acrobat DC\Acrobat\acrocef_1\AcroCEF.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff74bb60000 |
File size: | 3'581'912 bytes |
MD5 hash: | 9B38E8E8B6DD9622D24B53E095C5D9BE |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Target ID: | 9 |
Start time: | 18:48:47 |
Start date: | 14/01/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |
Target ID: | 10 |
Start time: | 18:48:48 |
Start date: | 14/01/2025 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76e190000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |