Linux
Analysis Report
dbg.x86.elf
Overview
General Information
Sample name: | dbg.x86.elf |
Analysis ID: | 1594241 |
MD5: | 9f2c1c92152f3013559fee6e6ecfb565 |
SHA1: | c206b616b5cd97a9384ee6915aa6109b8a248683 |
SHA256: | b30831201a3c2fe4f0562bef572dae187194a7be81c5eff47c07a6102325fe33 |
Tags: | elfuser-abuse_ch |
Infos: |
Detection
Score: | 60 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Machine Learning detection for sample
Detected TCP or UDP traffic on non-standard ports
ELF contains segments with high entropy indicating compressed/encrypted content
Sample contains only a LOAD segment without any section mappings
Suricata IDS alerts with low severity for network traffic
Yara signature match
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1594241 |
Start date and time: | 2025-01-18 17:07:11 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 6m 57s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | dbg.x86.elf |
Detection: | MAL |
Classification: | mal60.linELF@0/0@3/0 |
Command: | /tmp/dbg.x86.elf |
PID: | 5489 |
Exit Code: | |
Exit Code Info: | |
Killed: | True |
Standard Output: | suka |
Standard Error: |
- system is lnxubuntu20
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
Linux_Trojan_Mirai_b14f4c5d | unknown | unknown |
| |
Linux_Trojan_Mirai_5f7b67b8 | unknown | unknown |
| |
Linux_Trojan_Mirai_449937aa | unknown | unknown |
| |
Linux_Trojan_Mirai_88de437f | unknown | unknown |
| |
Linux_Trojan_Mirai_389ee3e9 | unknown | unknown |
| |
Click to see the 2 entries |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-01-18T17:08:03.266588+0100 | 2500034 | 2 | Misc Attack | 83.222.191.90 | 13566 | 192.168.2.14 | 56490 | TCP |
- • AV Detection
- • Networking
- • System Summary
- • Hooking and other Techniques for Hiding and Protection
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Source: | Joe Sandbox ML: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | Suricata IDS: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Program segment: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Classification label: |
Source: | Submission file: | ||
Source: | Submission file: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | 1 Obfuscated Files or Information | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
⊘No configs have been found
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
19% | Virustotal | Browse | ||
21% | ReversingLabs | Linux.Packed.Mirai | ||
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
daisy.ubuntu.com | 162.213.35.25 | true | false | high | |
secure-network-rebirthltd.ru | 83.222.191.90 | true | false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
83.222.106.175 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.201.168 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.81.201 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.223.149 | unknown | Russian Federation | 25159 | SONICDUO-ASRU | false | |
83.222.231.188 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.228.248 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.60.149 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.225.236 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.86.72 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.228.128 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.246.4 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.169.102 | unknown | Bulgaria | 12615 | GCN-ASGCNAD-SofiaBulgariaBG | false | |
83.222.100.147 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.238.142 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.67.120 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.131.104 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.216.209 | unknown | Russian Federation | 25159 | SONICDUO-ASRU | false | |
83.222.221.120 | unknown | Russian Federation | 25159 | SONICDUO-ASRU | false | |
83.222.157.71 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.76.86 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.137.162 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.221.86 | unknown | Russian Federation | 25159 | SONICDUO-ASRU | false | |
83.222.133.88 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.226.225 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.161.193 | unknown | Bulgaria | 12615 | GCN-ASGCNAD-SofiaBulgariaBG | false | |
83.222.207.192 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.139.60 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.238.106 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.231.180 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.189.100 | unknown | Bulgaria | 43561 | NET1-ASBG | false | |
83.222.9.41 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.232.215 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.157.76 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.21.142 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.177.247 | unknown | Bulgaria | 12615 | GCN-ASGCNAD-SofiaBulgariaBG | false | |
83.222.142.245 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.158.115 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.222.240 | unknown | Russian Federation | 25159 | SONICDUO-ASRU | false | |
83.222.217.218 | unknown | Russian Federation | 25159 | SONICDUO-ASRU | false | |
83.222.201.183 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.15.91 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.238.151 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.103.216 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.186.121 | unknown | Bulgaria | 43561 | NET1-ASBG | false | |
83.222.214.82 | unknown | Russian Federation | 25159 | SONICDUO-ASRU | false | |
83.222.241.65 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.187.125 | unknown | Bulgaria | 43561 | NET1-ASBG | false | |
83.222.77.121 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.138.44 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.105.140 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.134.84 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.88.131 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.250.187 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.215.238 | unknown | Russian Federation | 25159 | SONICDUO-ASRU | false | |
83.222.191.90 | secure-network-rebirthltd.ru | Bulgaria | 43561 | NET1-ASBG | false | |
83.222.242.242 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.54.96 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.216.6 | unknown | Russian Federation | 25159 | SONICDUO-ASRU | false | |
83.222.35.69 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.34.59 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.245.150 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.31.127 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.248.85 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.16.235 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.178.96 | unknown | Bulgaria | 12615 | GCN-ASGCNAD-SofiaBulgariaBG | false | |
83.222.3.114 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.5.107 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
83.222.67.120 | Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
secure-network-rebirthltd.ru | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
daisy.ubuntu.com | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
MNOGOBYTE-ASMoscowRussiaRU | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
SYNTERRA-ASRU | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
SONICDUO-ASRU | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 7.962272139947051 |
TrID: |
|
File name: | dbg.x86.elf |
File size: | 37'484 bytes |
MD5: | 9f2c1c92152f3013559fee6e6ecfb565 |
SHA1: | c206b616b5cd97a9384ee6915aa6109b8a248683 |
SHA256: | b30831201a3c2fe4f0562bef572dae187194a7be81c5eff47c07a6102325fe33 |
SHA512: | 8858d35ec9ed1ac36d244b8ea08fa3700be857cce9aa80709ed16162f43353cd2cbcd10aae48e5fc33c67cc7818d88280b55c87cf443557988819a138ae19642 |
SSDEEP: | 768:3WVYzxXEK9/fmBPTJoMHivqMRlv51G2n68N0qHjH4QMsBxFnbcuyD7UoURe:3WVIEK9/+BCMCvdv5tnFN0cj/v/Fnou6 |
TLSH: | DBF2E15DABCD5F61E97FB3B704FEA7000D217356C59D4A96F6C8051D36207883A21AC7 |
File Content Preview: | .ELF....................0...4...........4. ...(.........................l.................... ... ..i...i...........Q.td.............................j=.sfgaD........X...X......V..........?..k.I/.j....\.d*nlz.eB"[bx.|"|M.`...S....T[.N.........8 ...'.b.B?.. |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 0 |
Section Header Size: | 40 |
Number of Section Headers: | 0 |
Header String Table Index: | 0 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x8048000 | 0x8048000 | 0x1000 | 0x19f6c | 7.8959 | 0x6 | RW | 0x1000 | ||
LOAD | 0x0 | 0x8062000 | 0x8062000 | 0x9169 | 0x9169 | 7.9646 | 0x5 | R E | 0x1000 | ||
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x4 |
Download Network PCAP: filtered – full
Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-01-18T17:08:03.266588+0100 | 2500034 | ET COMPROMISED Known Compromised or Hostile Host Traffic group 18 | 2 | 83.222.191.90 | 13566 | 192.168.2.14 | 56490 | TCP |
- Total Packets: 144
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 18, 2025 17:08:03.234124899 CET | 36682 | 13566 | 192.168.2.14 | 83.222.54.96 |
Jan 18, 2025 17:08:03.234124899 CET | 34796 | 13566 | 192.168.2.14 | 83.222.76.86 |
Jan 18, 2025 17:08:03.234149933 CET | 35546 | 13566 | 192.168.2.14 | 83.222.134.84 |
Jan 18, 2025 17:08:03.234163046 CET | 35022 | 13566 | 192.168.2.14 | 83.222.238.151 |
Jan 18, 2025 17:08:03.234175920 CET | 33898 | 13566 | 192.168.2.14 | 83.222.100.147 |
Jan 18, 2025 17:08:03.234181881 CET | 49760 | 13566 | 192.168.2.14 | 83.222.232.215 |
Jan 18, 2025 17:08:03.234181881 CET | 40996 | 13566 | 192.168.2.14 | 83.222.225.236 |
Jan 18, 2025 17:08:03.234191895 CET | 54754 | 13566 | 192.168.2.14 | 83.222.222.240 |
Jan 18, 2025 17:08:03.234193087 CET | 46450 | 13566 | 192.168.2.14 | 83.222.9.41 |
Jan 18, 2025 17:08:03.234200001 CET | 32884 | 13566 | 192.168.2.14 | 83.222.238.142 |
Jan 18, 2025 17:08:03.234205008 CET | 35040 | 13566 | 192.168.2.14 | 83.222.201.183 |
Jan 18, 2025 17:08:03.234225988 CET | 36548 | 13566 | 192.168.2.14 | 83.222.138.44 |
Jan 18, 2025 17:08:03.234225988 CET | 48518 | 13566 | 192.168.2.14 | 83.222.67.120 |
Jan 18, 2025 17:08:03.234232903 CET | 56804 | 13566 | 192.168.2.14 | 83.222.131.104 |
Jan 18, 2025 17:08:03.234235048 CET | 46900 | 13566 | 192.168.2.14 | 83.222.186.121 |
Jan 18, 2025 17:08:03.234237909 CET | 40038 | 13566 | 192.168.2.14 | 83.222.216.6 |
Jan 18, 2025 17:08:03.234252930 CET | 56642 | 13566 | 192.168.2.14 | 83.222.221.86 |
Jan 18, 2025 17:08:03.234252930 CET | 51076 | 13566 | 192.168.2.14 | 83.222.21.142 |
Jan 18, 2025 17:08:03.234265089 CET | 52556 | 13566 | 192.168.2.14 | 83.222.77.121 |
Jan 18, 2025 17:08:03.234270096 CET | 45126 | 13566 | 192.168.2.14 | 83.222.177.247 |
Jan 18, 2025 17:08:03.234266996 CET | 35350 | 13566 | 192.168.2.14 | 83.222.217.218 |
Jan 18, 2025 17:08:03.234267950 CET | 60212 | 13566 | 192.168.2.14 | 83.222.207.192 |
Jan 18, 2025 17:08:03.234277010 CET | 33984 | 13566 | 192.168.2.14 | 83.222.16.235 |
Jan 18, 2025 17:08:03.234307051 CET | 41268 | 13566 | 192.168.2.14 | 83.222.34.59 |
Jan 18, 2025 17:08:03.234307051 CET | 57394 | 13566 | 192.168.2.14 | 83.222.226.225 |
Jan 18, 2025 17:08:03.234307051 CET | 51594 | 13566 | 192.168.2.14 | 83.222.250.187 |
Jan 18, 2025 17:08:03.234319925 CET | 45476 | 13566 | 192.168.2.14 | 83.222.187.125 |
Jan 18, 2025 17:08:03.234330893 CET | 57576 | 13566 | 192.168.2.14 | 83.222.169.102 |
Jan 18, 2025 17:08:03.234338999 CET | 40846 | 13566 | 192.168.2.14 | 83.222.189.100 |
Jan 18, 2025 17:08:03.234342098 CET | 39014 | 13566 | 192.168.2.14 | 83.222.223.149 |
Jan 18, 2025 17:08:03.234349012 CET | 35958 | 13566 | 192.168.2.14 | 83.222.106.175 |
Jan 18, 2025 17:08:03.234360933 CET | 54384 | 13566 | 192.168.2.14 | 83.222.242.242 |
Jan 18, 2025 17:08:03.234360933 CET | 48600 | 13566 | 192.168.2.14 | 83.222.216.209 |
Jan 18, 2025 17:08:03.234364033 CET | 53612 | 13566 | 192.168.2.14 | 83.222.86.72 |
Jan 18, 2025 17:08:03.234361887 CET | 37870 | 13566 | 192.168.2.14 | 83.222.35.69 |
Jan 18, 2025 17:08:03.234369993 CET | 52718 | 13566 | 192.168.2.14 | 83.222.5.107 |
Jan 18, 2025 17:08:03.234378099 CET | 40628 | 13566 | 192.168.2.14 | 83.222.214.82 |
Jan 18, 2025 17:08:03.234392881 CET | 49378 | 13566 | 192.168.2.14 | 83.222.228.248 |
Jan 18, 2025 17:08:03.234395027 CET | 49592 | 13566 | 192.168.2.14 | 83.222.142.245 |
Jan 18, 2025 17:08:03.234406948 CET | 43142 | 13566 | 192.168.2.14 | 83.222.228.128 |
Jan 18, 2025 17:08:03.234416962 CET | 54996 | 13566 | 192.168.2.14 | 83.222.231.188 |
Jan 18, 2025 17:08:03.234431982 CET | 48750 | 13566 | 192.168.2.14 | 83.222.81.201 |
Jan 18, 2025 17:08:03.234435081 CET | 43890 | 13566 | 192.168.2.14 | 83.222.157.76 |
Jan 18, 2025 17:08:03.234446049 CET | 50862 | 13566 | 192.168.2.14 | 83.222.133.88 |
Jan 18, 2025 17:08:03.234455109 CET | 45592 | 13566 | 192.168.2.14 | 83.222.201.168 |
Jan 18, 2025 17:08:03.234472990 CET | 39380 | 13566 | 192.168.2.14 | 83.222.158.115 |
Jan 18, 2025 17:08:03.234472990 CET | 45780 | 13566 | 192.168.2.14 | 83.222.215.238 |
Jan 18, 2025 17:08:03.234476089 CET | 47080 | 13566 | 192.168.2.14 | 83.222.15.91 |
Jan 18, 2025 17:08:03.234484911 CET | 58338 | 13566 | 192.168.2.14 | 83.222.241.65 |
Jan 18, 2025 17:08:03.234488010 CET | 50492 | 13566 | 192.168.2.14 | 83.222.157.71 |
Jan 18, 2025 17:08:03.234508038 CET | 39766 | 13566 | 192.168.2.14 | 83.222.137.162 |
Jan 18, 2025 17:08:03.234508991 CET | 44098 | 13566 | 192.168.2.14 | 83.222.178.96 |
Jan 18, 2025 17:08:03.234518051 CET | 46304 | 13566 | 192.168.2.14 | 83.222.245.150 |
Jan 18, 2025 17:08:03.234522104 CET | 38810 | 13566 | 192.168.2.14 | 83.222.88.131 |
Jan 18, 2025 17:08:03.234538078 CET | 44834 | 13566 | 192.168.2.14 | 83.222.139.60 |
Jan 18, 2025 17:08:03.234541893 CET | 52936 | 13566 | 192.168.2.14 | 83.222.3.114 |
Jan 18, 2025 17:08:03.234556913 CET | 53332 | 13566 | 192.168.2.14 | 83.222.248.85 |
Jan 18, 2025 17:08:03.234572887 CET | 33238 | 13566 | 192.168.2.14 | 83.222.60.149 |
Jan 18, 2025 17:08:03.234572887 CET | 49370 | 13566 | 192.168.2.14 | 83.222.161.193 |
Jan 18, 2025 17:08:03.234579086 CET | 49420 | 13566 | 192.168.2.14 | 83.222.105.140 |
Jan 18, 2025 17:08:03.234582901 CET | 50666 | 13566 | 192.168.2.14 | 83.222.238.106 |
Jan 18, 2025 17:08:03.234596014 CET | 59838 | 13566 | 192.168.2.14 | 83.222.231.180 |
Jan 18, 2025 17:08:03.234597921 CET | 44884 | 13566 | 192.168.2.14 | 83.222.221.120 |
Jan 18, 2025 17:08:03.234611034 CET | 56626 | 13566 | 192.168.2.14 | 83.222.103.216 |
Jan 18, 2025 17:08:03.234613895 CET | 60728 | 13566 | 192.168.2.14 | 83.222.246.4 |
Jan 18, 2025 17:08:03.234625101 CET | 57038 | 13566 | 192.168.2.14 | 83.222.31.127 |
Jan 18, 2025 17:08:03.250891924 CET | 13566 | 36682 | 83.222.54.96 | 192.168.2.14 |
Jan 18, 2025 17:08:03.250948906 CET | 13566 | 34796 | 83.222.76.86 | 192.168.2.14 |
Jan 18, 2025 17:08:03.250971079 CET | 36682 | 13566 | 192.168.2.14 | 83.222.54.96 |
Jan 18, 2025 17:08:03.250983000 CET | 34796 | 13566 | 192.168.2.14 | 83.222.76.86 |
Jan 18, 2025 17:08:03.250998020 CET | 13566 | 35022 | 83.222.238.151 | 192.168.2.14 |
Jan 18, 2025 17:08:03.251029968 CET | 13566 | 35546 | 83.222.134.84 | 192.168.2.14 |
Jan 18, 2025 17:08:03.251040936 CET | 35022 | 13566 | 192.168.2.14 | 83.222.238.151 |
Jan 18, 2025 17:08:03.251061916 CET | 13566 | 49760 | 83.222.232.215 | 192.168.2.14 |
Jan 18, 2025 17:08:03.251070023 CET | 35546 | 13566 | 192.168.2.14 | 83.222.134.84 |
Jan 18, 2025 17:08:03.251091003 CET | 13566 | 40996 | 83.222.225.236 | 192.168.2.14 |
Jan 18, 2025 17:08:03.251106977 CET | 49760 | 13566 | 192.168.2.14 | 83.222.232.215 |
Jan 18, 2025 17:08:03.251121998 CET | 40996 | 13566 | 192.168.2.14 | 83.222.225.236 |
Jan 18, 2025 17:08:03.251130104 CET | 13566 | 35040 | 83.222.201.183 | 192.168.2.14 |
Jan 18, 2025 17:08:03.251161098 CET | 13566 | 54754 | 83.222.222.240 | 192.168.2.14 |
Jan 18, 2025 17:08:03.251172066 CET | 35040 | 13566 | 192.168.2.14 | 83.222.201.183 |
Jan 18, 2025 17:08:03.251189947 CET | 13566 | 46450 | 83.222.9.41 | 192.168.2.14 |
Jan 18, 2025 17:08:03.251199007 CET | 54754 | 13566 | 192.168.2.14 | 83.222.222.240 |
Jan 18, 2025 17:08:03.251225948 CET | 46450 | 13566 | 192.168.2.14 | 83.222.9.41 |
Jan 18, 2025 17:08:03.251231909 CET | 13566 | 32884 | 83.222.238.142 | 192.168.2.14 |
Jan 18, 2025 17:08:03.251275063 CET | 32884 | 13566 | 192.168.2.14 | 83.222.238.142 |
Jan 18, 2025 17:08:03.255705118 CET | 13566 | 56804 | 83.222.131.104 | 192.168.2.14 |
Jan 18, 2025 17:08:03.255737066 CET | 13566 | 46900 | 83.222.186.121 | 192.168.2.14 |
Jan 18, 2025 17:08:03.255748987 CET | 56804 | 13566 | 192.168.2.14 | 83.222.131.104 |
Jan 18, 2025 17:08:03.255767107 CET | 13566 | 40038 | 83.222.216.6 | 192.168.2.14 |
Jan 18, 2025 17:08:03.255773067 CET | 46900 | 13566 | 192.168.2.14 | 83.222.186.121 |
Jan 18, 2025 17:08:03.255798101 CET | 13566 | 36548 | 83.222.138.44 | 192.168.2.14 |
Jan 18, 2025 17:08:03.255803108 CET | 40038 | 13566 | 192.168.2.14 | 83.222.216.6 |
Jan 18, 2025 17:08:03.255827904 CET | 13566 | 48518 | 83.222.67.120 | 192.168.2.14 |
Jan 18, 2025 17:08:03.255836964 CET | 36548 | 13566 | 192.168.2.14 | 83.222.138.44 |
Jan 18, 2025 17:08:03.255857944 CET | 13566 | 33898 | 83.222.100.147 | 192.168.2.14 |
Jan 18, 2025 17:08:03.255866051 CET | 48518 | 13566 | 192.168.2.14 | 83.222.67.120 |
Jan 18, 2025 17:08:03.255887032 CET | 13566 | 56642 | 83.222.221.86 | 192.168.2.14 |
Jan 18, 2025 17:08:03.255904913 CET | 33898 | 13566 | 192.168.2.14 | 83.222.100.147 |
Jan 18, 2025 17:08:03.255917072 CET | 13566 | 51076 | 83.222.21.142 | 192.168.2.14 |
Jan 18, 2025 17:08:03.255920887 CET | 56642 | 13566 | 192.168.2.14 | 83.222.221.86 |
Jan 18, 2025 17:08:03.255954027 CET | 51076 | 13566 | 192.168.2.14 | 83.222.21.142 |
Jan 18, 2025 17:08:03.255970001 CET | 13566 | 52556 | 83.222.77.121 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256000042 CET | 13566 | 33984 | 83.222.16.235 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256005049 CET | 52556 | 13566 | 192.168.2.14 | 83.222.77.121 |
Jan 18, 2025 17:08:03.256028891 CET | 13566 | 35350 | 83.222.217.218 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256031990 CET | 33984 | 13566 | 192.168.2.14 | 83.222.16.235 |
Jan 18, 2025 17:08:03.256058931 CET | 13566 | 60212 | 83.222.207.192 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256088018 CET | 13566 | 41268 | 83.222.34.59 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256088018 CET | 35350 | 13566 | 192.168.2.14 | 83.222.217.218 |
Jan 18, 2025 17:08:03.256110907 CET | 60212 | 13566 | 192.168.2.14 | 83.222.207.192 |
Jan 18, 2025 17:08:03.256115913 CET | 13566 | 45476 | 83.222.187.125 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256131887 CET | 41268 | 13566 | 192.168.2.14 | 83.222.34.59 |
Jan 18, 2025 17:08:03.256145000 CET | 13566 | 57394 | 83.222.226.225 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256153107 CET | 45476 | 13566 | 192.168.2.14 | 83.222.187.125 |
Jan 18, 2025 17:08:03.256172895 CET | 13566 | 51594 | 83.222.250.187 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256181955 CET | 57394 | 13566 | 192.168.2.14 | 83.222.226.225 |
Jan 18, 2025 17:08:03.256201982 CET | 13566 | 57576 | 83.222.169.102 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256211042 CET | 51594 | 13566 | 192.168.2.14 | 83.222.250.187 |
Jan 18, 2025 17:08:03.256231070 CET | 13566 | 45126 | 83.222.177.247 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256238937 CET | 57576 | 13566 | 192.168.2.14 | 83.222.169.102 |
Jan 18, 2025 17:08:03.256259918 CET | 13566 | 39014 | 83.222.223.149 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256278038 CET | 45126 | 13566 | 192.168.2.14 | 83.222.177.247 |
Jan 18, 2025 17:08:03.256289005 CET | 13566 | 40846 | 83.222.189.100 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256294012 CET | 39014 | 13566 | 192.168.2.14 | 83.222.223.149 |
Jan 18, 2025 17:08:03.256318092 CET | 13566 | 35958 | 83.222.106.175 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256334066 CET | 40846 | 13566 | 192.168.2.14 | 83.222.189.100 |
Jan 18, 2025 17:08:03.256349087 CET | 35958 | 13566 | 192.168.2.14 | 83.222.106.175 |
Jan 18, 2025 17:08:03.256359100 CET | 13566 | 53612 | 83.222.86.72 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256400108 CET | 53612 | 13566 | 192.168.2.14 | 83.222.86.72 |
Jan 18, 2025 17:08:03.256412983 CET | 13566 | 52718 | 83.222.5.107 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256444931 CET | 52718 | 13566 | 192.168.2.14 | 83.222.5.107 |
Jan 18, 2025 17:08:03.256449938 CET | 13566 | 40628 | 83.222.214.82 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256460905 CET | 13566 | 54384 | 83.222.242.242 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256470919 CET | 13566 | 48600 | 83.222.216.209 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256479979 CET | 13566 | 37870 | 83.222.35.69 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256484985 CET | 40628 | 13566 | 192.168.2.14 | 83.222.214.82 |
Jan 18, 2025 17:08:03.256489038 CET | 13566 | 49592 | 83.222.142.245 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256511927 CET | 54384 | 13566 | 192.168.2.14 | 83.222.242.242 |
Jan 18, 2025 17:08:03.256511927 CET | 48600 | 13566 | 192.168.2.14 | 83.222.216.209 |
Jan 18, 2025 17:08:03.256511927 CET | 37870 | 13566 | 192.168.2.14 | 83.222.35.69 |
Jan 18, 2025 17:08:03.256519079 CET | 13566 | 49378 | 83.222.228.248 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256532907 CET | 49592 | 13566 | 192.168.2.14 | 83.222.142.245 |
Jan 18, 2025 17:08:03.256547928 CET | 13566 | 43142 | 83.222.228.128 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256567955 CET | 49378 | 13566 | 192.168.2.14 | 83.222.228.248 |
Jan 18, 2025 17:08:03.256587029 CET | 43142 | 13566 | 192.168.2.14 | 83.222.228.128 |
Jan 18, 2025 17:08:03.256587982 CET | 13566 | 54996 | 83.222.231.188 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256618023 CET | 13566 | 48750 | 83.222.81.201 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256628036 CET | 54996 | 13566 | 192.168.2.14 | 83.222.231.188 |
Jan 18, 2025 17:08:03.256645918 CET | 13566 | 43890 | 83.222.157.76 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256653070 CET | 48750 | 13566 | 192.168.2.14 | 83.222.81.201 |
Jan 18, 2025 17:08:03.256675005 CET | 13566 | 50862 | 83.222.133.88 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256680012 CET | 43890 | 13566 | 192.168.2.14 | 83.222.157.76 |
Jan 18, 2025 17:08:03.256705999 CET | 13566 | 45592 | 83.222.201.168 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256711960 CET | 50862 | 13566 | 192.168.2.14 | 83.222.133.88 |
Jan 18, 2025 17:08:03.256716967 CET | 13566 | 39380 | 83.222.158.115 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256726980 CET | 13566 | 47080 | 83.222.15.91 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256736994 CET | 45592 | 13566 | 192.168.2.14 | 83.222.201.168 |
Jan 18, 2025 17:08:03.256750107 CET | 39380 | 13566 | 192.168.2.14 | 83.222.158.115 |
Jan 18, 2025 17:08:03.256755114 CET | 13566 | 45780 | 83.222.215.238 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256767988 CET | 47080 | 13566 | 192.168.2.14 | 83.222.15.91 |
Jan 18, 2025 17:08:03.256784916 CET | 13566 | 58338 | 83.222.241.65 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256792068 CET | 45780 | 13566 | 192.168.2.14 | 83.222.215.238 |
Jan 18, 2025 17:08:03.256814003 CET | 13566 | 50492 | 83.222.157.71 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256824970 CET | 58338 | 13566 | 192.168.2.14 | 83.222.241.65 |
Jan 18, 2025 17:08:03.256850004 CET | 50492 | 13566 | 192.168.2.14 | 83.222.157.71 |
Jan 18, 2025 17:08:03.256860018 CET | 13566 | 44098 | 83.222.178.96 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256894112 CET | 44098 | 13566 | 192.168.2.14 | 83.222.178.96 |
Jan 18, 2025 17:08:03.256922960 CET | 13566 | 39766 | 83.222.137.162 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256953955 CET | 13566 | 46304 | 83.222.245.150 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256958961 CET | 39766 | 13566 | 192.168.2.14 | 83.222.137.162 |
Jan 18, 2025 17:08:03.256963015 CET | 13566 | 38810 | 83.222.88.131 | 192.168.2.14 |
Jan 18, 2025 17:08:03.256984949 CET | 46304 | 13566 | 192.168.2.14 | 83.222.245.150 |
Jan 18, 2025 17:08:03.256993055 CET | 13566 | 52936 | 83.222.3.114 | 192.168.2.14 |
Jan 18, 2025 17:08:03.257000923 CET | 38810 | 13566 | 192.168.2.14 | 83.222.88.131 |
Jan 18, 2025 17:08:03.257021904 CET | 13566 | 44834 | 83.222.139.60 | 192.168.2.14 |
Jan 18, 2025 17:08:03.257028103 CET | 52936 | 13566 | 192.168.2.14 | 83.222.3.114 |
Jan 18, 2025 17:08:03.257050991 CET | 13566 | 53332 | 83.222.248.85 | 192.168.2.14 |
Jan 18, 2025 17:08:03.257070065 CET | 44834 | 13566 | 192.168.2.14 | 83.222.139.60 |
Jan 18, 2025 17:08:03.257088900 CET | 53332 | 13566 | 192.168.2.14 | 83.222.248.85 |
Jan 18, 2025 17:08:03.257092953 CET | 13566 | 49420 | 83.222.105.140 | 192.168.2.14 |
Jan 18, 2025 17:08:03.257122040 CET | 13566 | 50666 | 83.222.238.106 | 192.168.2.14 |
Jan 18, 2025 17:08:03.257149935 CET | 13566 | 33238 | 83.222.60.149 | 192.168.2.14 |
Jan 18, 2025 17:08:03.257150888 CET | 49420 | 13566 | 192.168.2.14 | 83.222.105.140 |
Jan 18, 2025 17:08:03.257159948 CET | 50666 | 13566 | 192.168.2.14 | 83.222.238.106 |
Jan 18, 2025 17:08:03.257179022 CET | 13566 | 49370 | 83.222.161.193 | 192.168.2.14 |
Jan 18, 2025 17:08:03.257196903 CET | 33238 | 13566 | 192.168.2.14 | 83.222.60.149 |
Jan 18, 2025 17:08:03.257219076 CET | 13566 | 59838 | 83.222.231.180 | 192.168.2.14 |
Jan 18, 2025 17:08:03.257220984 CET | 49370 | 13566 | 192.168.2.14 | 83.222.161.193 |
Jan 18, 2025 17:08:03.257246971 CET | 13566 | 44884 | 83.222.221.120 | 192.168.2.14 |
Jan 18, 2025 17:08:03.257261992 CET | 59838 | 13566 | 192.168.2.14 | 83.222.231.180 |
Jan 18, 2025 17:08:03.257275105 CET | 13566 | 56626 | 83.222.103.216 | 192.168.2.14 |
Jan 18, 2025 17:08:03.257285118 CET | 44884 | 13566 | 192.168.2.14 | 83.222.221.120 |
Jan 18, 2025 17:08:03.257309914 CET | 56626 | 13566 | 192.168.2.14 | 83.222.103.216 |
Jan 18, 2025 17:08:03.257312059 CET | 13566 | 57038 | 83.222.31.127 | 192.168.2.14 |
Jan 18, 2025 17:08:03.257319927 CET | 13566 | 60728 | 83.222.246.4 | 192.168.2.14 |
Jan 18, 2025 17:08:03.257348061 CET | 57038 | 13566 | 192.168.2.14 | 83.222.31.127 |
Jan 18, 2025 17:08:03.257354021 CET | 60728 | 13566 | 192.168.2.14 | 83.222.246.4 |
Jan 18, 2025 17:08:03.261723995 CET | 56490 | 13566 | 192.168.2.14 | 83.222.191.90 |
Jan 18, 2025 17:08:03.266587973 CET | 13566 | 56490 | 83.222.191.90 | 192.168.2.14 |
Jan 18, 2025 17:08:03.266650915 CET | 56490 | 13566 | 192.168.2.14 | 83.222.191.90 |
Jan 18, 2025 17:08:03.266710043 CET | 56490 | 13566 | 192.168.2.14 | 83.222.191.90 |
Jan 18, 2025 17:08:03.271599054 CET | 13566 | 56490 | 83.222.191.90 | 192.168.2.14 |
Jan 18, 2025 17:08:03.271646976 CET | 56490 | 13566 | 192.168.2.14 | 83.222.191.90 |
Jan 18, 2025 17:08:03.276509047 CET | 13566 | 56490 | 83.222.191.90 | 192.168.2.14 |
Jan 18, 2025 17:08:13.272944927 CET | 56490 | 13566 | 192.168.2.14 | 83.222.191.90 |
Jan 18, 2025 17:08:13.277968884 CET | 13566 | 56490 | 83.222.191.90 | 192.168.2.14 |
Jan 18, 2025 17:08:13.475294113 CET | 13566 | 56490 | 83.222.191.90 | 192.168.2.14 |
Jan 18, 2025 17:08:13.475485086 CET | 56490 | 13566 | 192.168.2.14 | 83.222.191.90 |
Jan 18, 2025 17:08:13.842721939 CET | 13566 | 56490 | 83.222.191.90 | 192.168.2.14 |
Jan 18, 2025 17:08:13.842946053 CET | 56490 | 13566 | 192.168.2.14 | 83.222.191.90 |
Jan 18, 2025 17:08:48.231350899 CET | 56490 | 13566 | 192.168.2.14 | 83.222.191.90 |
Jan 18, 2025 17:08:48.236921072 CET | 13566 | 56490 | 83.222.191.90 | 192.168.2.14 |
Jan 18, 2025 17:08:48.237071991 CET | 56490 | 13566 | 192.168.2.14 | 83.222.191.90 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 18, 2025 17:08:03.234644890 CET | 56378 | 53 | 192.168.2.14 | 8.8.8.8 |
Jan 18, 2025 17:08:03.261552095 CET | 53 | 56378 | 8.8.8.8 | 192.168.2.14 |
Jan 18, 2025 17:10:47.297169924 CET | 51250 | 53 | 192.168.2.14 | 1.1.1.1 |
Jan 18, 2025 17:10:47.297271967 CET | 40899 | 53 | 192.168.2.14 | 1.1.1.1 |
Jan 18, 2025 17:10:47.304843903 CET | 53 | 40899 | 1.1.1.1 | 192.168.2.14 |
Jan 18, 2025 17:10:47.304877996 CET | 53 | 51250 | 1.1.1.1 | 192.168.2.14 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jan 18, 2025 17:08:03.234644890 CET | 192.168.2.14 | 8.8.8.8 | 0xb3fe | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 18, 2025 17:10:47.297169924 CET | 192.168.2.14 | 1.1.1.1 | 0x3f68 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Jan 18, 2025 17:10:47.297271967 CET | 192.168.2.14 | 1.1.1.1 | 0xde48 | Standard query (0) | 28 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jan 18, 2025 17:08:03.261552095 CET | 8.8.8.8 | 192.168.2.14 | 0xb3fe | No error (0) | 83.222.191.90 | A (IP address) | IN (0x0001) | false | ||
Jan 18, 2025 17:10:47.304877996 CET | 1.1.1.1 | 192.168.2.14 | 0x3f68 | No error (0) | 162.213.35.25 | A (IP address) | IN (0x0001) | false | ||
Jan 18, 2025 17:10:47.304877996 CET | 1.1.1.1 | 192.168.2.14 | 0x3f68 | No error (0) | 162.213.35.24 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 16:08:02 |
Start date (UTC): | 18/01/2025 |
Path: | /tmp/dbg.x86.elf |
Arguments: | /tmp/dbg.x86.elf |
File size: | 37484 bytes |
MD5 hash: | 9f2c1c92152f3013559fee6e6ecfb565 |