Linux
Analysis Report
loki.mips.elf
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Antivirus / Scanner detection for submitted sample
Detected TCP or UDP traffic on non-standard ports
Sample has stripped symbol table
Sample listens on a socket
Suricata IDS alerts with low severity for network traffic
Uses the "uname" system call to query kernel version information (possible evasion)
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1594498 |
Start date and time: | 2025-01-19 03:27:07 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 43s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | loki.mips.elf |
Detection: | MAL |
Classification: | mal48.linELF@0/0@1/0 |
Command: | /tmp/loki.mips.elf |
PID: | 5428 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | suka |
Standard Error: |
- system is lnxubuntu20
- loki.mips.elf New Fork (PID: 5430, Parent: 5428)
- loki.mips.elf New Fork (PID: 5432, Parent: 5428)
- cleanup
⊘No yara matches
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-01-19T03:27:56.842732+0100 | 2500034 | 2 | Misc Attack | 83.222.191.90 | 13566 | 192.168.2.13 | 42792 | TCP |
- • AV Detection
- • Networking
- • System Summary
- • Malware Analysis System Evasion
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Avira: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | Suricata IDS: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | .symtab present: |
Source: | Classification label: |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | Direct Volume Access | OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
⊘No configs have been found
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira | EXP/ELF.Agent.J.8 |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
secure-network-rebirthltd.ru | 83.222.191.90 | true | false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
83.222.235.163 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.76.26 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.69.149 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.37.67 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.188.112 | unknown | Bulgaria | 43561 | NET1-ASBG | false | |
83.222.233.114 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.59.97 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.130.251 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.50.139 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.3.166 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.245.45 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.241.187 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.199.36 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.101.184 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.217.203 | unknown | Russian Federation | 25159 | SONICDUO-ASRU | false | |
83.222.71.208 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.84.129 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.39.91 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.159.228 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.231.218 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.127.104 | unknown | Russian Federation | 47328 | TRI-ASTrueRecordsIncES | false | |
83.222.58.34 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.120.101 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.73.194 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.3.218 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.120.185 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.173.16 | unknown | Bulgaria | 12615 | GCN-ASGCNAD-SofiaBulgariaBG | false | |
83.222.15.230 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.210.104 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.168.120 | unknown | Bulgaria | 12615 | GCN-ASGCNAD-SofiaBulgariaBG | false | |
83.222.55.181 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.35.242 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.244.224 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.56.39 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.234.175 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.8.202 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.220.160 | unknown | Russian Federation | 25159 | SONICDUO-ASRU | false | |
83.222.113.7 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.86.49 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.12.148 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.123.21 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.62.245 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.204.109 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.234.48 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.104.198 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.166.184 | unknown | Bulgaria | 12615 | GCN-ASGCNAD-SofiaBulgariaBG | false | |
83.222.191.90 | secure-network-rebirthltd.ru | Bulgaria | 43561 | NET1-ASBG | false | |
83.222.125.138 | unknown | Russian Federation | 47328 | TRI-ASTrueRecordsIncES | false | |
83.222.175.167 | unknown | Bulgaria | 12615 | GCN-ASGCNAD-SofiaBulgariaBG | false | |
83.222.237.6 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.195.162 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.39.135 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.148.64 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.78.44 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.143.176 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.111.95 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.251.103 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.97.61 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.140.196 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.100.130 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.237.134 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.61.99 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.66.189 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.172.220 | unknown | Bulgaria | 49040 | KIG-UNISAT-TVBG | false | |
83.222.113.134 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.45.23 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.9.65 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
83.222.101.184 | Get hash | malicious | Unknown | Browse | ||
83.222.233.114 | Get hash | malicious | Unknown | Browse | ||
83.222.58.34 | Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
secure-network-rebirthltd.ru | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
COGECO-PEER1CA | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
LOL-ASluLU | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 5.322019413035321 |
TrID: |
|
File name: | loki.mips.elf |
File size: | 63'680 bytes |
MD5: | e5b4015901ad95480d84cfcf6e1118b4 |
SHA1: | 6ec988149c1a7ee6fb6d303927cff0b181ec7833 |
SHA256: | ef974196020dc0ca0bb7a1a1baa93b6dab7df806199a34ceb7bfa7dc962a19ab |
SHA512: | a34ef1401692dc71a5cb240c94e26979665b8aa466c821a8b712b460c71a7d40acf3f4baf9a7be3e88cb5bc16c89e5fe4f61f4e94fbbc8e9a54a838288800cc6 |
SSDEEP: | 1536:9rx29+jjkt0ZjHz2l7jQ7jIYj/LvaALBbLSv:7297t0Zj6KaALBHSv |
TLSH: | 7953B71A2E12CFEDF76D873587B78E219758339227E1D682E15CDA001E6034E645FFA8 |
File Content Preview: | .ELF.....................@.`...4.........4. ...(.............@...@.....p...p.................D...D.....,............dt.Q............................<...'.q....!'.......................<...'.q....!... ....'9... ......................<...'.q....!........'9. |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 63120 |
Section Header Size: | 40 |
Number of Section Headers: | 14 |
Header String Table Index: | 13 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x400094 | 0x94 | 0x8c | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.text | PROGBITS | 0x400120 | 0x120 | 0xe350 | 0x0 | 0x6 | AX | 0 | 0 | 16 |
.fini | PROGBITS | 0x40e470 | 0xe470 | 0x5c | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.rodata | PROGBITS | 0x40e4d0 | 0xe4d0 | 0x5a0 | 0x0 | 0x2 | A | 0 | 0 | 16 |
.ctors | PROGBITS | 0x44f000 | 0xf000 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x44f008 | 0xf008 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data.rel.ro | PROGBITS | 0x44f014 | 0xf014 | 0xc | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x44f020 | 0xf020 | 0x270 | 0x0 | 0x3 | WA | 0 | 0 | 16 |
.got | PROGBITS | 0x44f290 | 0xf290 | 0x39c | 0x4 | 0x10000003 | WAp | 0 | 0 | 16 |
.sbss | NOBITS | 0x44f62c | 0xf62c | 0x14 | 0x0 | 0x10000003 | WAp | 0 | 0 | 4 |
.bss | NOBITS | 0x44f640 | 0xf62c | 0x1198 | 0x0 | 0x3 | WA | 0 | 0 | 16 |
.mdebug.abi32 | PROGBITS | 0x774 | 0xf62c | 0x0 | 0x0 | 0x0 | 0 | 0 | 1 | |
.shstrtab | STRTAB | 0x0 | 0xf62c | 0x64 | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x400000 | 0x400000 | 0xea70 | 0xea70 | 5.4215 | 0x5 | R E | 0x10000 | .init .text .fini .rodata | |
LOAD | 0xf000 | 0x44f000 | 0x44f000 | 0x62c | 0x17d8 | 4.0723 | 0x6 | RW | 0x10000 | .ctors .dtors .data.rel.ro .data .got .sbss .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x7 | RWE | 0x4 |
Download Network PCAP: filtered – full
Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-01-19T03:27:56.842732+0100 | 2500034 | ET COMPROMISED Known Compromised or Hostile Host Traffic group 18 | 2 | 83.222.191.90 | 13566 | 192.168.2.13 | 42792 | TCP |
- Total Packets: 155
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 19, 2025 03:27:56.493956089 CET | 56908 | 13566 | 192.168.2.13 | 83.222.3.218 |
Jan 19, 2025 03:27:56.499104023 CET | 13566 | 56908 | 83.222.3.218 | 192.168.2.13 |
Jan 19, 2025 03:27:56.499167919 CET | 56908 | 13566 | 192.168.2.13 | 83.222.3.218 |
Jan 19, 2025 03:27:56.515809059 CET | 56908 | 13566 | 192.168.2.13 | 83.222.3.218 |
Jan 19, 2025 03:27:56.520718098 CET | 13566 | 56908 | 83.222.3.218 | 192.168.2.13 |
Jan 19, 2025 03:27:56.520787954 CET | 56908 | 13566 | 192.168.2.13 | 83.222.3.218 |
Jan 19, 2025 03:27:56.533397913 CET | 36370 | 13566 | 192.168.2.13 | 83.222.12.148 |
Jan 19, 2025 03:27:56.538640976 CET | 13566 | 36370 | 83.222.12.148 | 192.168.2.13 |
Jan 19, 2025 03:27:56.538713932 CET | 36370 | 13566 | 192.168.2.13 | 83.222.12.148 |
Jan 19, 2025 03:27:56.550893068 CET | 36370 | 13566 | 192.168.2.13 | 83.222.12.148 |
Jan 19, 2025 03:27:56.555907965 CET | 13566 | 36370 | 83.222.12.148 | 192.168.2.13 |
Jan 19, 2025 03:27:56.555963039 CET | 36370 | 13566 | 192.168.2.13 | 83.222.12.148 |
Jan 19, 2025 03:27:56.556119919 CET | 49506 | 13566 | 192.168.2.13 | 83.222.97.61 |
Jan 19, 2025 03:27:56.561016083 CET | 13566 | 49506 | 83.222.97.61 | 192.168.2.13 |
Jan 19, 2025 03:27:56.561070919 CET | 49506 | 13566 | 192.168.2.13 | 83.222.97.61 |
Jan 19, 2025 03:27:56.561945915 CET | 47202 | 13566 | 192.168.2.13 | 83.222.188.112 |
Jan 19, 2025 03:27:56.564249992 CET | 35812 | 13566 | 192.168.2.13 | 83.222.111.95 |
Jan 19, 2025 03:27:56.566823959 CET | 13566 | 47202 | 83.222.188.112 | 192.168.2.13 |
Jan 19, 2025 03:27:56.566884995 CET | 47202 | 13566 | 192.168.2.13 | 83.222.188.112 |
Jan 19, 2025 03:27:56.569089890 CET | 13566 | 35812 | 83.222.111.95 | 192.168.2.13 |
Jan 19, 2025 03:27:56.569150925 CET | 35812 | 13566 | 192.168.2.13 | 83.222.111.95 |
Jan 19, 2025 03:27:56.579643011 CET | 38470 | 13566 | 192.168.2.13 | 83.222.76.26 |
Jan 19, 2025 03:27:56.584060907 CET | 35388 | 13566 | 192.168.2.13 | 83.222.220.160 |
Jan 19, 2025 03:27:56.584778070 CET | 13566 | 38470 | 83.222.76.26 | 192.168.2.13 |
Jan 19, 2025 03:27:56.584846020 CET | 38470 | 13566 | 192.168.2.13 | 83.222.76.26 |
Jan 19, 2025 03:27:56.588942051 CET | 13566 | 35388 | 83.222.220.160 | 192.168.2.13 |
Jan 19, 2025 03:27:56.588999033 CET | 35388 | 13566 | 192.168.2.13 | 83.222.220.160 |
Jan 19, 2025 03:27:56.598891973 CET | 35388 | 13566 | 192.168.2.13 | 83.222.220.160 |
Jan 19, 2025 03:27:56.600698948 CET | 48148 | 13566 | 192.168.2.13 | 83.222.3.166 |
Jan 19, 2025 03:27:56.604033947 CET | 13566 | 35388 | 83.222.220.160 | 192.168.2.13 |
Jan 19, 2025 03:27:56.604217052 CET | 35388 | 13566 | 192.168.2.13 | 83.222.220.160 |
Jan 19, 2025 03:27:56.604480028 CET | 54002 | 13566 | 192.168.2.13 | 83.222.130.251 |
Jan 19, 2025 03:27:56.605587006 CET | 13566 | 48148 | 83.222.3.166 | 192.168.2.13 |
Jan 19, 2025 03:27:56.605638027 CET | 48148 | 13566 | 192.168.2.13 | 83.222.3.166 |
Jan 19, 2025 03:27:56.608926058 CET | 56838 | 13566 | 192.168.2.13 | 83.222.123.21 |
Jan 19, 2025 03:27:56.609456062 CET | 13566 | 54002 | 83.222.130.251 | 192.168.2.13 |
Jan 19, 2025 03:27:56.609529972 CET | 54002 | 13566 | 192.168.2.13 | 83.222.130.251 |
Jan 19, 2025 03:27:56.613620043 CET | 54656 | 13566 | 192.168.2.13 | 83.222.234.175 |
Jan 19, 2025 03:27:56.613990068 CET | 13566 | 56838 | 83.222.123.21 | 192.168.2.13 |
Jan 19, 2025 03:27:56.614146948 CET | 56838 | 13566 | 192.168.2.13 | 83.222.123.21 |
Jan 19, 2025 03:27:56.618464947 CET | 13566 | 54656 | 83.222.234.175 | 192.168.2.13 |
Jan 19, 2025 03:27:56.618516922 CET | 54656 | 13566 | 192.168.2.13 | 83.222.234.175 |
Jan 19, 2025 03:27:56.620086908 CET | 34308 | 13566 | 192.168.2.13 | 83.222.39.91 |
Jan 19, 2025 03:27:56.624893904 CET | 13566 | 34308 | 83.222.39.91 | 192.168.2.13 |
Jan 19, 2025 03:27:56.624932051 CET | 34308 | 13566 | 192.168.2.13 | 83.222.39.91 |
Jan 19, 2025 03:27:56.625463963 CET | 49628 | 13566 | 192.168.2.13 | 83.222.104.198 |
Jan 19, 2025 03:27:56.630273104 CET | 13566 | 49628 | 83.222.104.198 | 192.168.2.13 |
Jan 19, 2025 03:27:56.630314112 CET | 49628 | 13566 | 192.168.2.13 | 83.222.104.198 |
Jan 19, 2025 03:27:56.630449057 CET | 49130 | 13566 | 192.168.2.13 | 83.222.175.167 |
Jan 19, 2025 03:27:56.635221958 CET | 13566 | 49130 | 83.222.175.167 | 192.168.2.13 |
Jan 19, 2025 03:27:56.635245085 CET | 57272 | 13566 | 192.168.2.13 | 83.222.217.203 |
Jan 19, 2025 03:27:56.635260105 CET | 49130 | 13566 | 192.168.2.13 | 83.222.175.167 |
Jan 19, 2025 03:27:56.640192032 CET | 13566 | 57272 | 83.222.217.203 | 192.168.2.13 |
Jan 19, 2025 03:27:56.640259981 CET | 57272 | 13566 | 192.168.2.13 | 83.222.217.203 |
Jan 19, 2025 03:27:56.641733885 CET | 46224 | 13566 | 192.168.2.13 | 83.222.172.220 |
Jan 19, 2025 03:27:56.646652937 CET | 13566 | 46224 | 83.222.172.220 | 192.168.2.13 |
Jan 19, 2025 03:27:56.646712065 CET | 46224 | 13566 | 192.168.2.13 | 83.222.172.220 |
Jan 19, 2025 03:27:56.649629116 CET | 47342 | 13566 | 192.168.2.13 | 83.222.166.184 |
Jan 19, 2025 03:27:56.654330015 CET | 47964 | 13566 | 192.168.2.13 | 83.222.113.7 |
Jan 19, 2025 03:27:56.654598951 CET | 13566 | 47342 | 83.222.166.184 | 192.168.2.13 |
Jan 19, 2025 03:27:56.654644966 CET | 47342 | 13566 | 192.168.2.13 | 83.222.166.184 |
Jan 19, 2025 03:27:56.659284115 CET | 13566 | 47964 | 83.222.113.7 | 192.168.2.13 |
Jan 19, 2025 03:27:56.659356117 CET | 47964 | 13566 | 192.168.2.13 | 83.222.113.7 |
Jan 19, 2025 03:27:56.660562992 CET | 51884 | 13566 | 192.168.2.13 | 83.222.245.45 |
Jan 19, 2025 03:27:56.665282965 CET | 50884 | 13566 | 192.168.2.13 | 83.222.120.101 |
Jan 19, 2025 03:27:56.665518999 CET | 13566 | 51884 | 83.222.245.45 | 192.168.2.13 |
Jan 19, 2025 03:27:56.665575981 CET | 51884 | 13566 | 192.168.2.13 | 83.222.245.45 |
Jan 19, 2025 03:27:56.666620016 CET | 51810 | 13566 | 192.168.2.13 | 83.222.140.196 |
Jan 19, 2025 03:27:56.670208931 CET | 13566 | 50884 | 83.222.120.101 | 192.168.2.13 |
Jan 19, 2025 03:27:56.670254946 CET | 50884 | 13566 | 192.168.2.13 | 83.222.120.101 |
Jan 19, 2025 03:27:56.671444893 CET | 56748 | 13566 | 192.168.2.13 | 83.222.127.104 |
Jan 19, 2025 03:27:56.671475887 CET | 13566 | 51810 | 83.222.140.196 | 192.168.2.13 |
Jan 19, 2025 03:27:56.671521902 CET | 51810 | 13566 | 192.168.2.13 | 83.222.140.196 |
Jan 19, 2025 03:27:56.673615932 CET | 57718 | 13566 | 192.168.2.13 | 83.222.100.130 |
Jan 19, 2025 03:27:56.675438881 CET | 43724 | 13566 | 192.168.2.13 | 83.222.15.230 |
Jan 19, 2025 03:27:56.676295996 CET | 13566 | 56748 | 83.222.127.104 | 192.168.2.13 |
Jan 19, 2025 03:27:56.676345110 CET | 56748 | 13566 | 192.168.2.13 | 83.222.127.104 |
Jan 19, 2025 03:27:56.678472996 CET | 13566 | 57718 | 83.222.100.130 | 192.168.2.13 |
Jan 19, 2025 03:27:56.678519964 CET | 57718 | 13566 | 192.168.2.13 | 83.222.100.130 |
Jan 19, 2025 03:27:56.680372000 CET | 13566 | 43724 | 83.222.15.230 | 192.168.2.13 |
Jan 19, 2025 03:27:56.680433989 CET | 43724 | 13566 | 192.168.2.13 | 83.222.15.230 |
Jan 19, 2025 03:27:56.689398050 CET | 43724 | 13566 | 192.168.2.13 | 83.222.15.230 |
Jan 19, 2025 03:27:56.690179110 CET | 35344 | 13566 | 192.168.2.13 | 83.222.125.138 |
Jan 19, 2025 03:27:56.694730043 CET | 13566 | 43724 | 83.222.15.230 | 192.168.2.13 |
Jan 19, 2025 03:27:56.694789886 CET | 43724 | 13566 | 192.168.2.13 | 83.222.15.230 |
Jan 19, 2025 03:27:56.696487904 CET | 13566 | 35344 | 83.222.125.138 | 192.168.2.13 |
Jan 19, 2025 03:27:56.696547985 CET | 35344 | 13566 | 192.168.2.13 | 83.222.125.138 |
Jan 19, 2025 03:27:56.703398943 CET | 36508 | 13566 | 192.168.2.13 | 83.222.251.103 |
Jan 19, 2025 03:27:56.704386950 CET | 38252 | 13566 | 192.168.2.13 | 83.222.58.34 |
Jan 19, 2025 03:27:56.709222078 CET | 13566 | 36508 | 83.222.251.103 | 192.168.2.13 |
Jan 19, 2025 03:27:56.709351063 CET | 36508 | 13566 | 192.168.2.13 | 83.222.251.103 |
Jan 19, 2025 03:27:56.710336924 CET | 13566 | 38252 | 83.222.58.34 | 192.168.2.13 |
Jan 19, 2025 03:27:56.710386992 CET | 38252 | 13566 | 192.168.2.13 | 83.222.58.34 |
Jan 19, 2025 03:27:56.717931986 CET | 37304 | 13566 | 192.168.2.13 | 83.222.195.162 |
Jan 19, 2025 03:27:56.722585917 CET | 55660 | 13566 | 192.168.2.13 | 83.222.233.114 |
Jan 19, 2025 03:27:56.722805023 CET | 13566 | 37304 | 83.222.195.162 | 192.168.2.13 |
Jan 19, 2025 03:27:56.722845078 CET | 37304 | 13566 | 192.168.2.13 | 83.222.195.162 |
Jan 19, 2025 03:27:56.725519896 CET | 42614 | 13566 | 192.168.2.13 | 83.222.73.194 |
Jan 19, 2025 03:27:56.727387905 CET | 13566 | 55660 | 83.222.233.114 | 192.168.2.13 |
Jan 19, 2025 03:27:56.727428913 CET | 55660 | 13566 | 192.168.2.13 | 83.222.233.114 |
Jan 19, 2025 03:27:56.728435040 CET | 40928 | 13566 | 192.168.2.13 | 83.222.62.245 |
Jan 19, 2025 03:27:56.730351925 CET | 13566 | 42614 | 83.222.73.194 | 192.168.2.13 |
Jan 19, 2025 03:27:56.730395079 CET | 42614 | 13566 | 192.168.2.13 | 83.222.73.194 |
Jan 19, 2025 03:27:56.731251955 CET | 51606 | 13566 | 192.168.2.13 | 83.222.159.228 |
Jan 19, 2025 03:27:56.733252048 CET | 13566 | 40928 | 83.222.62.245 | 192.168.2.13 |
Jan 19, 2025 03:27:56.733299017 CET | 40928 | 13566 | 192.168.2.13 | 83.222.62.245 |
Jan 19, 2025 03:27:56.735985994 CET | 13566 | 51606 | 83.222.159.228 | 192.168.2.13 |
Jan 19, 2025 03:27:56.736031055 CET | 51606 | 13566 | 192.168.2.13 | 83.222.159.228 |
Jan 19, 2025 03:27:56.737848997 CET | 56864 | 13566 | 192.168.2.13 | 83.222.173.16 |
Jan 19, 2025 03:27:56.742666006 CET | 13566 | 56864 | 83.222.173.16 | 192.168.2.13 |
Jan 19, 2025 03:27:56.742710114 CET | 56864 | 13566 | 192.168.2.13 | 83.222.173.16 |
Jan 19, 2025 03:27:56.745057106 CET | 56864 | 13566 | 192.168.2.13 | 83.222.173.16 |
Jan 19, 2025 03:27:56.746546984 CET | 58440 | 13566 | 192.168.2.13 | 83.222.235.163 |
Jan 19, 2025 03:27:56.749598026 CET | 48142 | 13566 | 192.168.2.13 | 83.222.61.99 |
Jan 19, 2025 03:27:56.749973059 CET | 13566 | 56864 | 83.222.173.16 | 192.168.2.13 |
Jan 19, 2025 03:27:56.750024080 CET | 56864 | 13566 | 192.168.2.13 | 83.222.173.16 |
Jan 19, 2025 03:27:56.751497984 CET | 13566 | 58440 | 83.222.235.163 | 192.168.2.13 |
Jan 19, 2025 03:27:56.751544952 CET | 58440 | 13566 | 192.168.2.13 | 83.222.235.163 |
Jan 19, 2025 03:27:56.754482031 CET | 13566 | 48142 | 83.222.61.99 | 192.168.2.13 |
Jan 19, 2025 03:27:56.754530907 CET | 48142 | 13566 | 192.168.2.13 | 83.222.61.99 |
Jan 19, 2025 03:27:56.756555080 CET | 54340 | 13566 | 192.168.2.13 | 83.222.8.202 |
Jan 19, 2025 03:27:56.761487007 CET | 13566 | 54340 | 83.222.8.202 | 192.168.2.13 |
Jan 19, 2025 03:27:56.761549950 CET | 54340 | 13566 | 192.168.2.13 | 83.222.8.202 |
Jan 19, 2025 03:27:56.762268066 CET | 54340 | 13566 | 192.168.2.13 | 83.222.8.202 |
Jan 19, 2025 03:27:56.763262987 CET | 38492 | 13566 | 192.168.2.13 | 83.222.39.135 |
Jan 19, 2025 03:27:56.765568972 CET | 58258 | 13566 | 192.168.2.13 | 83.222.50.139 |
Jan 19, 2025 03:27:56.767179012 CET | 13566 | 54340 | 83.222.8.202 | 192.168.2.13 |
Jan 19, 2025 03:27:56.767234087 CET | 54340 | 13566 | 192.168.2.13 | 83.222.8.202 |
Jan 19, 2025 03:27:56.767628908 CET | 34468 | 13566 | 192.168.2.13 | 83.222.9.65 |
Jan 19, 2025 03:27:56.768140078 CET | 13566 | 38492 | 83.222.39.135 | 192.168.2.13 |
Jan 19, 2025 03:27:56.768183947 CET | 38492 | 13566 | 192.168.2.13 | 83.222.39.135 |
Jan 19, 2025 03:27:56.769846916 CET | 57256 | 13566 | 192.168.2.13 | 83.222.113.134 |
Jan 19, 2025 03:27:56.770452976 CET | 13566 | 58258 | 83.222.50.139 | 192.168.2.13 |
Jan 19, 2025 03:27:56.770498991 CET | 58258 | 13566 | 192.168.2.13 | 83.222.50.139 |
Jan 19, 2025 03:27:56.772466898 CET | 13566 | 34468 | 83.222.9.65 | 192.168.2.13 |
Jan 19, 2025 03:27:56.772504091 CET | 34468 | 13566 | 192.168.2.13 | 83.222.9.65 |
Jan 19, 2025 03:27:56.772733927 CET | 34656 | 13566 | 192.168.2.13 | 83.222.204.109 |
Jan 19, 2025 03:27:56.774655104 CET | 13566 | 57256 | 83.222.113.134 | 192.168.2.13 |
Jan 19, 2025 03:27:56.774703026 CET | 57256 | 13566 | 192.168.2.13 | 83.222.113.134 |
Jan 19, 2025 03:27:56.776164055 CET | 47490 | 13566 | 192.168.2.13 | 83.222.237.6 |
Jan 19, 2025 03:27:56.777597904 CET | 13566 | 34656 | 83.222.204.109 | 192.168.2.13 |
Jan 19, 2025 03:27:56.777637005 CET | 34656 | 13566 | 192.168.2.13 | 83.222.204.109 |
Jan 19, 2025 03:27:56.778858900 CET | 57200 | 13566 | 192.168.2.13 | 83.222.143.176 |
Jan 19, 2025 03:27:56.780651093 CET | 51070 | 13566 | 192.168.2.13 | 83.222.168.120 |
Jan 19, 2025 03:27:56.780971050 CET | 13566 | 47490 | 83.222.237.6 | 192.168.2.13 |
Jan 19, 2025 03:27:56.781023026 CET | 47490 | 13566 | 192.168.2.13 | 83.222.237.6 |
Jan 19, 2025 03:27:56.782747984 CET | 45268 | 13566 | 192.168.2.13 | 83.222.35.242 |
Jan 19, 2025 03:27:56.783691883 CET | 13566 | 57200 | 83.222.143.176 | 192.168.2.13 |
Jan 19, 2025 03:27:56.783735037 CET | 57200 | 13566 | 192.168.2.13 | 83.222.143.176 |
Jan 19, 2025 03:27:56.785126925 CET | 52302 | 13566 | 192.168.2.13 | 83.222.59.97 |
Jan 19, 2025 03:27:56.785474062 CET | 13566 | 51070 | 83.222.168.120 | 192.168.2.13 |
Jan 19, 2025 03:27:56.785554886 CET | 51070 | 13566 | 192.168.2.13 | 83.222.168.120 |
Jan 19, 2025 03:27:56.787583113 CET | 13566 | 45268 | 83.222.35.242 | 192.168.2.13 |
Jan 19, 2025 03:27:56.787625074 CET | 45268 | 13566 | 192.168.2.13 | 83.222.35.242 |
Jan 19, 2025 03:27:56.788543940 CET | 42594 | 13566 | 192.168.2.13 | 83.222.231.218 |
Jan 19, 2025 03:27:56.789956093 CET | 13566 | 52302 | 83.222.59.97 | 192.168.2.13 |
Jan 19, 2025 03:27:56.790009975 CET | 52302 | 13566 | 192.168.2.13 | 83.222.59.97 |
Jan 19, 2025 03:27:56.791342974 CET | 51780 | 13566 | 192.168.2.13 | 83.222.69.149 |
Jan 19, 2025 03:27:56.793380976 CET | 13566 | 42594 | 83.222.231.218 | 192.168.2.13 |
Jan 19, 2025 03:27:56.793426037 CET | 42594 | 13566 | 192.168.2.13 | 83.222.231.218 |
Jan 19, 2025 03:27:56.793447018 CET | 46102 | 13566 | 192.168.2.13 | 83.222.234.48 |
Jan 19, 2025 03:27:56.795676947 CET | 47812 | 13566 | 192.168.2.13 | 83.222.56.39 |
Jan 19, 2025 03:27:56.796185017 CET | 13566 | 51780 | 83.222.69.149 | 192.168.2.13 |
Jan 19, 2025 03:27:56.796227932 CET | 51780 | 13566 | 192.168.2.13 | 83.222.69.149 |
Jan 19, 2025 03:27:56.797943115 CET | 45696 | 13566 | 192.168.2.13 | 83.222.148.64 |
Jan 19, 2025 03:27:56.798237085 CET | 13566 | 46102 | 83.222.234.48 | 192.168.2.13 |
Jan 19, 2025 03:27:56.798274040 CET | 46102 | 13566 | 192.168.2.13 | 83.222.234.48 |
Jan 19, 2025 03:27:56.800076008 CET | 60448 | 13566 | 192.168.2.13 | 83.222.241.187 |
Jan 19, 2025 03:27:56.800550938 CET | 13566 | 47812 | 83.222.56.39 | 192.168.2.13 |
Jan 19, 2025 03:27:56.800596952 CET | 47812 | 13566 | 192.168.2.13 | 83.222.56.39 |
Jan 19, 2025 03:27:56.802530050 CET | 51954 | 13566 | 192.168.2.13 | 83.222.199.36 |
Jan 19, 2025 03:27:56.802766085 CET | 13566 | 45696 | 83.222.148.64 | 192.168.2.13 |
Jan 19, 2025 03:27:56.802814960 CET | 45696 | 13566 | 192.168.2.13 | 83.222.148.64 |
Jan 19, 2025 03:27:56.804533958 CET | 44872 | 13566 | 192.168.2.13 | 83.222.71.208 |
Jan 19, 2025 03:27:56.804944992 CET | 13566 | 60448 | 83.222.241.187 | 192.168.2.13 |
Jan 19, 2025 03:27:56.804986954 CET | 60448 | 13566 | 192.168.2.13 | 83.222.241.187 |
Jan 19, 2025 03:27:56.807223082 CET | 49488 | 13566 | 192.168.2.13 | 83.222.101.184 |
Jan 19, 2025 03:27:56.807327032 CET | 13566 | 51954 | 83.222.199.36 | 192.168.2.13 |
Jan 19, 2025 03:27:56.807378054 CET | 51954 | 13566 | 192.168.2.13 | 83.222.199.36 |
Jan 19, 2025 03:27:56.808947086 CET | 53486 | 13566 | 192.168.2.13 | 83.222.86.49 |
Jan 19, 2025 03:27:56.809381962 CET | 13566 | 44872 | 83.222.71.208 | 192.168.2.13 |
Jan 19, 2025 03:27:56.809423923 CET | 44872 | 13566 | 192.168.2.13 | 83.222.71.208 |
Jan 19, 2025 03:27:56.811425924 CET | 60038 | 13566 | 192.168.2.13 | 83.222.37.67 |
Jan 19, 2025 03:27:56.812071085 CET | 13566 | 49488 | 83.222.101.184 | 192.168.2.13 |
Jan 19, 2025 03:27:56.812119961 CET | 49488 | 13566 | 192.168.2.13 | 83.222.101.184 |
Jan 19, 2025 03:27:56.813200951 CET | 38034 | 13566 | 192.168.2.13 | 83.222.55.181 |
Jan 19, 2025 03:27:56.813755989 CET | 13566 | 53486 | 83.222.86.49 | 192.168.2.13 |
Jan 19, 2025 03:27:56.813786030 CET | 53486 | 13566 | 192.168.2.13 | 83.222.86.49 |
Jan 19, 2025 03:27:56.815829039 CET | 44366 | 13566 | 192.168.2.13 | 83.222.244.224 |
Jan 19, 2025 03:27:56.816184998 CET | 13566 | 60038 | 83.222.37.67 | 192.168.2.13 |
Jan 19, 2025 03:27:56.816231966 CET | 60038 | 13566 | 192.168.2.13 | 83.222.37.67 |
Jan 19, 2025 03:27:56.818080902 CET | 13566 | 38034 | 83.222.55.181 | 192.168.2.13 |
Jan 19, 2025 03:27:56.818098068 CET | 46362 | 13566 | 192.168.2.13 | 83.222.45.23 |
Jan 19, 2025 03:27:56.818128109 CET | 38034 | 13566 | 192.168.2.13 | 83.222.55.181 |
Jan 19, 2025 03:27:56.820339918 CET | 49138 | 13566 | 192.168.2.13 | 83.222.210.104 |
Jan 19, 2025 03:27:56.820583105 CET | 13566 | 44366 | 83.222.244.224 | 192.168.2.13 |
Jan 19, 2025 03:27:56.820621014 CET | 44366 | 13566 | 192.168.2.13 | 83.222.244.224 |
Jan 19, 2025 03:27:56.821468115 CET | 49388 | 13566 | 192.168.2.13 | 83.222.120.185 |
Jan 19, 2025 03:27:56.822433949 CET | 50746 | 13566 | 192.168.2.13 | 83.222.66.189 |
Jan 19, 2025 03:27:56.822886944 CET | 13566 | 46362 | 83.222.45.23 | 192.168.2.13 |
Jan 19, 2025 03:27:56.822926044 CET | 46362 | 13566 | 192.168.2.13 | 83.222.45.23 |
Jan 19, 2025 03:27:56.823597908 CET | 38246 | 13566 | 192.168.2.13 | 83.222.78.44 |
Jan 19, 2025 03:27:56.824460030 CET | 58468 | 13566 | 192.168.2.13 | 83.222.237.134 |
Jan 19, 2025 03:27:56.825083971 CET | 13566 | 49138 | 83.222.210.104 | 192.168.2.13 |
Jan 19, 2025 03:27:56.825122118 CET | 49138 | 13566 | 192.168.2.13 | 83.222.210.104 |
Jan 19, 2025 03:27:56.825349092 CET | 56292 | 13566 | 192.168.2.13 | 83.222.84.129 |
Jan 19, 2025 03:27:56.826272964 CET | 13566 | 49388 | 83.222.120.185 | 192.168.2.13 |
Jan 19, 2025 03:27:56.826308966 CET | 49388 | 13566 | 192.168.2.13 | 83.222.120.185 |
Jan 19, 2025 03:27:56.827183962 CET | 13566 | 50746 | 83.222.66.189 | 192.168.2.13 |
Jan 19, 2025 03:27:56.827231884 CET | 50746 | 13566 | 192.168.2.13 | 83.222.66.189 |
Jan 19, 2025 03:27:56.828406096 CET | 13566 | 38246 | 83.222.78.44 | 192.168.2.13 |
Jan 19, 2025 03:27:56.828459024 CET | 38246 | 13566 | 192.168.2.13 | 83.222.78.44 |
Jan 19, 2025 03:27:56.829287052 CET | 13566 | 58468 | 83.222.237.134 | 192.168.2.13 |
Jan 19, 2025 03:27:56.829441071 CET | 58468 | 13566 | 192.168.2.13 | 83.222.237.134 |
Jan 19, 2025 03:27:56.830180883 CET | 13566 | 56292 | 83.222.84.129 | 192.168.2.13 |
Jan 19, 2025 03:27:56.830229998 CET | 56292 | 13566 | 192.168.2.13 | 83.222.84.129 |
Jan 19, 2025 03:27:56.837955952 CET | 42792 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:27:56.842731953 CET | 13566 | 42792 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:27:56.842778921 CET | 42792 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:27:56.844387054 CET | 42792 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:27:56.850033045 CET | 13566 | 42792 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:27:56.850115061 CET | 42792 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:27:56.855489969 CET | 13566 | 42792 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:28:06.854954958 CET | 42792 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:28:06.860296011 CET | 13566 | 42792 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:28:07.359489918 CET | 13566 | 42792 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:28:07.359628916 CET | 42792 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:28:07.497812986 CET | 13566 | 42792 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:28:07.497914076 CET | 42792 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:29:07.541021109 CET | 42792 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:29:07.546104908 CET | 13566 | 42792 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:29:07.748541117 CET | 13566 | 42792 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:29:07.748796940 CET | 42792 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:29:08.445868015 CET | 13566 | 42792 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:29:08.446314096 CET | 42792 | 13566 | 192.168.2.13 | 83.222.191.90 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 19, 2025 03:27:56.827630043 CET | 38367 | 53 | 192.168.2.13 | 8.8.8.8 |
Jan 19, 2025 03:27:56.836941957 CET | 53 | 38367 | 8.8.8.8 | 192.168.2.13 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jan 19, 2025 03:27:56.827630043 CET | 192.168.2.13 | 8.8.8.8 | 0xe67f | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jan 19, 2025 03:27:56.836941957 CET | 8.8.8.8 | 192.168.2.13 | 0xe67f | No error (0) | 83.222.191.90 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 02:27:55 |
Start date (UTC): | 19/01/2025 |
Path: | /tmp/loki.mips.elf |
Arguments: | /tmp/loki.mips.elf |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 02:27:55 |
Start date (UTC): | 19/01/2025 |
Path: | /tmp/loki.mips.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 02:27:55 |
Start date (UTC): | 19/01/2025 |
Path: | /tmp/loki.mips.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |