Linux
Analysis Report
loki.ppc.elf
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Multi AV Scanner detection for submitted file
Detected TCP or UDP traffic on non-standard ports
Sample has stripped symbol table
Sample listens on a socket
Suricata IDS alerts with low severity for network traffic
Uses the "uname" system call to query kernel version information (possible evasion)
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1594507 |
Start date and time: | 2025-01-19 03:52:07 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 45s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | loki.ppc.elf |
Detection: | MAL |
Classification: | mal48.linELF@0/0@1/0 |
Command: | /tmp/loki.ppc.elf |
PID: | 5434 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | suka |
Standard Error: |
- system is lnxubuntu20
- loki.ppc.elf New Fork (PID: 5436, Parent: 5434)
- loki.ppc.elf New Fork (PID: 5438, Parent: 5434)
- cleanup
⊘No yara matches
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-01-19T03:52:57.822655+0100 | 2500034 | 2 | Misc Attack | 83.222.191.90 | 13566 | 192.168.2.13 | 42836 | TCP |
- • AV Detection
- • Networking
- • System Summary
- • Malware Analysis System Evasion
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | ReversingLabs: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | Suricata IDS: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | .symtab present: |
Source: | Classification label: |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | Direct Volume Access | OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
⊘No configs have been found
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
26% | ReversingLabs | Linux.Backdoor.Mirai |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
secure-network-rebirthltd.ru | 83.222.191.90 | true | false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
83.222.26.143 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.193.184 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.21.162 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.112.243 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.86.225 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.71.19 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.63.114 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.138.242 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.185.68 | unknown | Bulgaria | 43561 | NET1-ASBG | false | |
83.222.129.82 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.204.173 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.143.144 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.44.157 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.244.73 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.187.186 | unknown | Bulgaria | 43561 | NET1-ASBG | false | |
83.222.195.109 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.84.45 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.188.229 | unknown | Bulgaria | 43561 | NET1-ASBG | false | |
83.222.255.25 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.255.23 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.92.142 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.60.118 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.84.125 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.101.148 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.74.4 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.237.53 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.190.241 | unknown | Bulgaria | 43561 | NET1-ASBG | false | |
83.222.189.79 | unknown | Bulgaria | 43561 | NET1-ASBG | false | |
83.222.32.21 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.244.214 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.175.144 | unknown | Bulgaria | 12615 | GCN-ASGCNAD-SofiaBulgariaBG | false | |
83.222.74.56 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.229.126 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.49.125 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.95.173 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.209.183 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.80.100 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.175.81 | unknown | Bulgaria | 12615 | GCN-ASGCNAD-SofiaBulgariaBG | false | |
83.222.26.25 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.247.95 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.87.229 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.175.41 | unknown | Bulgaria | 12615 | GCN-ASGCNAD-SofiaBulgariaBG | false | |
83.222.152.210 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.166.0 | unknown | Bulgaria | 12615 | GCN-ASGCNAD-SofiaBulgariaBG | false | |
83.222.157.75 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.126.114 | unknown | Russian Federation | 47328 | TRI-ASTrueRecordsIncES | false | |
83.222.171.33 | unknown | Bulgaria | 12615 | GCN-ASGCNAD-SofiaBulgariaBG | false | |
83.222.148.57 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.40.150 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.206.240 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.72.87 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.209.0 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.180.182 | unknown | Bulgaria | 205872 | EXTRANET-ASBG | false | |
83.222.33.88 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.254.61 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.43.209 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.85.39 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.194.171 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.41.198 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.77.61 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.66.197 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.87.58 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.8.167 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.87.11 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.230.13 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.113.2 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.232.67 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.120.250 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.37.148 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.32.166 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.36.180 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.191.90 | secure-network-rebirthltd.ru | Bulgaria | 43561 | NET1-ASBG | false | |
83.222.125.82 | unknown | Russian Federation | 47328 | TRI-ASTrueRecordsIncES | false | |
83.222.13.24 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.72.253 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.182.241 | unknown | Bulgaria | 205872 | EXTRANET-ASBG | false | |
83.222.218.2 | unknown | Russian Federation | 25159 | SONICDUO-ASRU | false | |
83.222.106.20 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.72.58 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false | |
83.222.106.184 | unknown | Russian Federation | 42632 | MNOGOBYTE-ASMoscowRussiaRU | false | |
83.222.229.100 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.162.35 | unknown | Bulgaria | 31037 | WAVENETLB | false | |
83.222.195.117 | unknown | Russian Federation | 6854 | SYNTERRA-ASRU | false | |
83.222.54.46 | unknown | Luxembourg | 8632 | LOL-ASluLU | false | |
83.222.20.157 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.239.13 | unknown | United Kingdom | 13768 | COGECO-PEER1CA | false | |
83.222.17.194 | unknown | Russian Federation | 25532 | MASTERHOST-ASMoscowRussiaRU | false | |
83.222.143.218 | unknown | Switzerland | 31736 | SENSELAN-ASsenseLANGmbHCH | false | |
83.222.82.192 | unknown | Russian Federation | 16285 | ASN-UMNTechnicheskayaStr18bYekaterinburgRussiaRU | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
83.222.185.68 | Get hash | malicious | Mirai | Browse |
| |
83.222.21.162 | Get hash | malicious | Mirai | Browse | ||
83.222.255.25 | Get hash | malicious | Unknown | Browse | ||
83.222.63.114 | Get hash | malicious | Unknown | Browse | ||
83.222.84.45 | Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
secure-network-rebirthltd.ru | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
MASTERHOST-ASMoscowRussiaRU | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
SYNTERRA-ASRU | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
MASTERHOST-ASMoscowRussiaRU | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 6.189240208223776 |
TrID: |
|
File name: | loki.ppc.elf |
File size: | 46'968 bytes |
MD5: | d1cbdd91c6a1e3c22f1b7c397bb0a7bc |
SHA1: | cd13f71e298b436428a8e056943c2f2a82750ab6 |
SHA256: | 565dda6988182ccd8376d7df0dd3af386e78a89b0065f99ea544a4d9d4e1ec36 |
SHA512: | 55104ba1d6e1c4b08a583c28f2d7f4ac796fbeddf5c8fbd42e267e8dc172d3e8622e397c021c86ebde437b6c8c1c23f0cb9105463fe9b3b34ad6d153595330f6 |
SSDEEP: | 768:JmzroEN8npRpJeDVEjiowCvDXFzkUsgAoPKzfQMty/ZbIITm3wVvR:UnoEKpIZCV/jRkr1oOQMt4bImm3evR |
TLSH: | B4235D42721C0A57D4A75AB0393F56E083FEA9A030F4F688251F9B5A8275F3611C2FDE |
File Content Preview: | .ELF...........................4.........4. ...(.......................................................T............dt.Q.............................!..|......$H...H..a...$8!. |...N.. .!..|.......?.............../...@..\?........+../...A..$8...})......N.. |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 46488 |
Section Header Size: | 40 |
Number of Section Headers: | 12 |
Header String Table Index: | 11 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x10000094 | 0x94 | 0x24 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.text | PROGBITS | 0x100000b8 | 0xb8 | 0xacb8 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.fini | PROGBITS | 0x1000ad70 | 0xad70 | 0x20 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.rodata | PROGBITS | 0x1000ad90 | 0xad90 | 0x564 | 0x0 | 0x2 | A | 0 | 0 | 4 |
.ctors | PROGBITS | 0x1001b2f8 | 0xb2f8 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x1001b300 | 0xb300 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x1001b310 | 0xb310 | 0x224 | 0x0 | 0x3 | WA | 0 | 0 | 8 |
.sdata | PROGBITS | 0x1001b534 | 0xb534 | 0x18 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.sbss | NOBITS | 0x1001b54c | 0xb54c | 0x58 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.bss | NOBITS | 0x1001b5a4 | 0xb54c | 0x110c | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.shstrtab | STRTAB | 0x0 | 0xb54c | 0x4b | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x10000000 | 0x10000000 | 0xb2f4 | 0xb2f4 | 6.2358 | 0x5 | R E | 0x10000 | .init .text .fini .rodata | |
LOAD | 0xb2f8 | 0x1001b2f8 | 0x1001b2f8 | 0x254 | 0x13b8 | 3.2189 | 0x6 | RW | 0x10000 | .ctors .dtors .data .sdata .sbss .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x4 |
Download Network PCAP: filtered – full
Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-01-19T03:52:57.822655+0100 | 2500034 | ET COMPROMISED Known Compromised or Hostile Host Traffic group 18 | 2 | 83.222.191.90 | 13566 | 192.168.2.13 | 42836 | TCP |
- Total Packets: 197
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 19, 2025 03:52:57.521219015 CET | 45480 | 13566 | 192.168.2.13 | 83.222.143.218 |
Jan 19, 2025 03:52:57.526565075 CET | 13566 | 45480 | 83.222.143.218 | 192.168.2.13 |
Jan 19, 2025 03:52:57.526667118 CET | 45480 | 13566 | 192.168.2.13 | 83.222.143.218 |
Jan 19, 2025 03:52:57.542130947 CET | 43424 | 13566 | 192.168.2.13 | 83.222.152.210 |
Jan 19, 2025 03:52:57.547339916 CET | 13566 | 43424 | 83.222.152.210 | 192.168.2.13 |
Jan 19, 2025 03:52:57.547396898 CET | 43424 | 13566 | 192.168.2.13 | 83.222.152.210 |
Jan 19, 2025 03:52:57.559035063 CET | 43424 | 13566 | 192.168.2.13 | 83.222.152.210 |
Jan 19, 2025 03:52:57.564073086 CET | 13566 | 43424 | 83.222.152.210 | 192.168.2.13 |
Jan 19, 2025 03:52:57.564152956 CET | 43424 | 13566 | 192.168.2.13 | 83.222.152.210 |
Jan 19, 2025 03:52:57.575201988 CET | 56100 | 13566 | 192.168.2.13 | 83.222.129.82 |
Jan 19, 2025 03:52:57.580095053 CET | 13566 | 56100 | 83.222.129.82 | 192.168.2.13 |
Jan 19, 2025 03:52:57.580151081 CET | 56100 | 13566 | 192.168.2.13 | 83.222.129.82 |
Jan 19, 2025 03:52:57.582454920 CET | 37794 | 13566 | 192.168.2.13 | 83.222.162.35 |
Jan 19, 2025 03:52:57.585428953 CET | 43684 | 13566 | 192.168.2.13 | 83.222.77.61 |
Jan 19, 2025 03:52:57.586627960 CET | 35088 | 13566 | 192.168.2.13 | 83.222.255.25 |
Jan 19, 2025 03:52:57.587356091 CET | 13566 | 37794 | 83.222.162.35 | 192.168.2.13 |
Jan 19, 2025 03:52:57.587416887 CET | 37794 | 13566 | 192.168.2.13 | 83.222.162.35 |
Jan 19, 2025 03:52:57.590672016 CET | 13566 | 43684 | 83.222.77.61 | 192.168.2.13 |
Jan 19, 2025 03:52:57.590743065 CET | 43684 | 13566 | 192.168.2.13 | 83.222.77.61 |
Jan 19, 2025 03:52:57.591634989 CET | 13566 | 35088 | 83.222.255.25 | 192.168.2.13 |
Jan 19, 2025 03:52:57.591679096 CET | 35088 | 13566 | 192.168.2.13 | 83.222.255.25 |
Jan 19, 2025 03:52:57.599535942 CET | 35088 | 13566 | 192.168.2.13 | 83.222.255.25 |
Jan 19, 2025 03:52:57.601533890 CET | 39514 | 13566 | 192.168.2.13 | 83.222.80.100 |
Jan 19, 2025 03:52:57.604127884 CET | 35214 | 13566 | 192.168.2.13 | 83.222.63.114 |
Jan 19, 2025 03:52:57.604679108 CET | 13566 | 35088 | 83.222.255.25 | 192.168.2.13 |
Jan 19, 2025 03:52:57.604729891 CET | 35088 | 13566 | 192.168.2.13 | 83.222.255.25 |
Jan 19, 2025 03:52:57.606606960 CET | 13566 | 39514 | 83.222.80.100 | 192.168.2.13 |
Jan 19, 2025 03:52:57.606786966 CET | 39514 | 13566 | 192.168.2.13 | 83.222.80.100 |
Jan 19, 2025 03:52:57.609026909 CET | 13566 | 35214 | 83.222.63.114 | 192.168.2.13 |
Jan 19, 2025 03:52:57.609119892 CET | 35214 | 13566 | 192.168.2.13 | 83.222.63.114 |
Jan 19, 2025 03:52:57.617618084 CET | 33640 | 13566 | 192.168.2.13 | 83.222.36.180 |
Jan 19, 2025 03:52:57.620186090 CET | 60708 | 13566 | 192.168.2.13 | 83.222.37.148 |
Jan 19, 2025 03:52:57.622258902 CET | 53760 | 13566 | 192.168.2.13 | 83.222.206.240 |
Jan 19, 2025 03:52:57.622684956 CET | 13566 | 33640 | 83.222.36.180 | 192.168.2.13 |
Jan 19, 2025 03:52:57.622726917 CET | 33640 | 13566 | 192.168.2.13 | 83.222.36.180 |
Jan 19, 2025 03:52:57.624465942 CET | 39412 | 13566 | 192.168.2.13 | 83.222.148.57 |
Jan 19, 2025 03:52:57.625390053 CET | 13566 | 60708 | 83.222.37.148 | 192.168.2.13 |
Jan 19, 2025 03:52:57.625430107 CET | 60708 | 13566 | 192.168.2.13 | 83.222.37.148 |
Jan 19, 2025 03:52:57.626549006 CET | 39638 | 13566 | 192.168.2.13 | 83.222.175.144 |
Jan 19, 2025 03:52:57.627270937 CET | 13566 | 53760 | 83.222.206.240 | 192.168.2.13 |
Jan 19, 2025 03:52:57.627309084 CET | 53760 | 13566 | 192.168.2.13 | 83.222.206.240 |
Jan 19, 2025 03:52:57.629276037 CET | 37540 | 13566 | 192.168.2.13 | 83.222.112.243 |
Jan 19, 2025 03:52:57.629317045 CET | 13566 | 39412 | 83.222.148.57 | 192.168.2.13 |
Jan 19, 2025 03:52:57.629365921 CET | 39412 | 13566 | 192.168.2.13 | 83.222.148.57 |
Jan 19, 2025 03:52:57.631402016 CET | 13566 | 39638 | 83.222.175.144 | 192.168.2.13 |
Jan 19, 2025 03:52:57.631453991 CET | 39638 | 13566 | 192.168.2.13 | 83.222.175.144 |
Jan 19, 2025 03:52:57.631701946 CET | 54900 | 13566 | 192.168.2.13 | 83.222.40.150 |
Jan 19, 2025 03:52:57.633882999 CET | 57254 | 13566 | 192.168.2.13 | 83.222.106.184 |
Jan 19, 2025 03:52:57.634155989 CET | 13566 | 37540 | 83.222.112.243 | 192.168.2.13 |
Jan 19, 2025 03:52:57.634206057 CET | 37540 | 13566 | 192.168.2.13 | 83.222.112.243 |
Jan 19, 2025 03:52:57.636533022 CET | 13566 | 54900 | 83.222.40.150 | 192.168.2.13 |
Jan 19, 2025 03:52:57.636580944 CET | 54900 | 13566 | 192.168.2.13 | 83.222.40.150 |
Jan 19, 2025 03:52:57.636770964 CET | 33838 | 13566 | 192.168.2.13 | 83.222.113.2 |
Jan 19, 2025 03:52:57.638747931 CET | 13566 | 57254 | 83.222.106.184 | 192.168.2.13 |
Jan 19, 2025 03:52:57.638796091 CET | 57254 | 13566 | 192.168.2.13 | 83.222.106.184 |
Jan 19, 2025 03:52:57.639836073 CET | 56348 | 13566 | 192.168.2.13 | 83.222.138.242 |
Jan 19, 2025 03:52:57.640564919 CET | 33758 | 13566 | 192.168.2.13 | 83.222.84.45 |
Jan 19, 2025 03:52:57.641711950 CET | 13566 | 33838 | 83.222.113.2 | 192.168.2.13 |
Jan 19, 2025 03:52:57.641879082 CET | 33838 | 13566 | 192.168.2.13 | 83.222.113.2 |
Jan 19, 2025 03:52:57.643811941 CET | 36824 | 13566 | 192.168.2.13 | 83.222.21.162 |
Jan 19, 2025 03:52:57.644728899 CET | 13566 | 56348 | 83.222.138.242 | 192.168.2.13 |
Jan 19, 2025 03:52:57.644785881 CET | 56348 | 13566 | 192.168.2.13 | 83.222.138.242 |
Jan 19, 2025 03:52:57.645457029 CET | 13566 | 33758 | 83.222.84.45 | 192.168.2.13 |
Jan 19, 2025 03:52:57.645505905 CET | 33758 | 13566 | 192.168.2.13 | 83.222.84.45 |
Jan 19, 2025 03:52:57.646214962 CET | 48348 | 13566 | 192.168.2.13 | 83.222.106.20 |
Jan 19, 2025 03:52:57.647448063 CET | 51564 | 13566 | 192.168.2.13 | 83.222.187.186 |
Jan 19, 2025 03:52:57.648664951 CET | 37752 | 13566 | 192.168.2.13 | 83.222.120.250 |
Jan 19, 2025 03:52:57.648691893 CET | 13566 | 36824 | 83.222.21.162 | 192.168.2.13 |
Jan 19, 2025 03:52:57.648737907 CET | 36824 | 13566 | 192.168.2.13 | 83.222.21.162 |
Jan 19, 2025 03:52:57.651026964 CET | 13566 | 48348 | 83.222.106.20 | 192.168.2.13 |
Jan 19, 2025 03:52:57.651127100 CET | 48348 | 13566 | 192.168.2.13 | 83.222.106.20 |
Jan 19, 2025 03:52:57.652014017 CET | 53896 | 13566 | 192.168.2.13 | 83.222.44.157 |
Jan 19, 2025 03:52:57.652379036 CET | 13566 | 51564 | 83.222.187.186 | 192.168.2.13 |
Jan 19, 2025 03:52:57.652591944 CET | 51564 | 13566 | 192.168.2.13 | 83.222.187.186 |
Jan 19, 2025 03:52:57.653577089 CET | 13566 | 37752 | 83.222.120.250 | 192.168.2.13 |
Jan 19, 2025 03:52:57.653731108 CET | 37752 | 13566 | 192.168.2.13 | 83.222.120.250 |
Jan 19, 2025 03:52:57.653990984 CET | 41010 | 13566 | 192.168.2.13 | 83.222.175.81 |
Jan 19, 2025 03:52:57.655251026 CET | 42486 | 13566 | 192.168.2.13 | 83.222.49.125 |
Jan 19, 2025 03:52:57.656138897 CET | 46094 | 13566 | 192.168.2.13 | 83.222.66.197 |
Jan 19, 2025 03:52:57.657180071 CET | 13566 | 53896 | 83.222.44.157 | 192.168.2.13 |
Jan 19, 2025 03:52:57.657238007 CET | 53896 | 13566 | 192.168.2.13 | 83.222.44.157 |
Jan 19, 2025 03:52:57.657289028 CET | 56322 | 13566 | 192.168.2.13 | 83.222.182.241 |
Jan 19, 2025 03:52:57.658876896 CET | 13566 | 41010 | 83.222.175.81 | 192.168.2.13 |
Jan 19, 2025 03:52:57.658926964 CET | 41010 | 13566 | 192.168.2.13 | 83.222.175.81 |
Jan 19, 2025 03:52:57.660202980 CET | 13566 | 42486 | 83.222.49.125 | 192.168.2.13 |
Jan 19, 2025 03:52:57.660275936 CET | 42486 | 13566 | 192.168.2.13 | 83.222.49.125 |
Jan 19, 2025 03:52:57.661077023 CET | 13566 | 46094 | 83.222.66.197 | 192.168.2.13 |
Jan 19, 2025 03:52:57.661148071 CET | 46094 | 13566 | 192.168.2.13 | 83.222.66.197 |
Jan 19, 2025 03:52:57.662148952 CET | 13566 | 56322 | 83.222.182.241 | 192.168.2.13 |
Jan 19, 2025 03:52:57.662199974 CET | 56322 | 13566 | 192.168.2.13 | 83.222.182.241 |
Jan 19, 2025 03:52:57.672700882 CET | 56322 | 13566 | 192.168.2.13 | 83.222.182.241 |
Jan 19, 2025 03:52:57.673069954 CET | 59254 | 13566 | 192.168.2.13 | 83.222.85.39 |
Jan 19, 2025 03:52:57.673492908 CET | 37618 | 13566 | 192.168.2.13 | 83.222.229.126 |
Jan 19, 2025 03:52:57.674073935 CET | 54974 | 13566 | 192.168.2.13 | 83.222.189.79 |
Jan 19, 2025 03:52:57.677840948 CET | 13566 | 56322 | 83.222.182.241 | 192.168.2.13 |
Jan 19, 2025 03:52:57.677897930 CET | 56322 | 13566 | 192.168.2.13 | 83.222.182.241 |
Jan 19, 2025 03:52:57.678037882 CET | 13566 | 59254 | 83.222.85.39 | 192.168.2.13 |
Jan 19, 2025 03:52:57.678098917 CET | 59254 | 13566 | 192.168.2.13 | 83.222.85.39 |
Jan 19, 2025 03:52:57.678329945 CET | 13566 | 37618 | 83.222.229.126 | 192.168.2.13 |
Jan 19, 2025 03:52:57.678411007 CET | 37618 | 13566 | 192.168.2.13 | 83.222.229.126 |
Jan 19, 2025 03:52:57.678905964 CET | 13566 | 54974 | 83.222.189.79 | 192.168.2.13 |
Jan 19, 2025 03:52:57.678952932 CET | 54974 | 13566 | 192.168.2.13 | 83.222.189.79 |
Jan 19, 2025 03:52:57.686218977 CET | 54974 | 13566 | 192.168.2.13 | 83.222.189.79 |
Jan 19, 2025 03:52:57.689302921 CET | 43248 | 13566 | 192.168.2.13 | 83.222.54.46 |
Jan 19, 2025 03:52:57.689989090 CET | 60360 | 13566 | 192.168.2.13 | 83.222.82.192 |
Jan 19, 2025 03:52:57.691155910 CET | 13566 | 54974 | 83.222.189.79 | 192.168.2.13 |
Jan 19, 2025 03:52:57.691229105 CET | 54974 | 13566 | 192.168.2.13 | 83.222.189.79 |
Jan 19, 2025 03:52:57.694210052 CET | 13566 | 43248 | 83.222.54.46 | 192.168.2.13 |
Jan 19, 2025 03:52:57.694255114 CET | 43248 | 13566 | 192.168.2.13 | 83.222.54.46 |
Jan 19, 2025 03:52:57.694890022 CET | 13566 | 60360 | 83.222.82.192 | 192.168.2.13 |
Jan 19, 2025 03:52:57.694933891 CET | 60360 | 13566 | 192.168.2.13 | 83.222.82.192 |
Jan 19, 2025 03:52:57.705187082 CET | 46042 | 13566 | 192.168.2.13 | 83.222.32.166 |
Jan 19, 2025 03:52:57.708882093 CET | 37920 | 13566 | 192.168.2.13 | 83.222.237.53 |
Jan 19, 2025 03:52:57.710097075 CET | 13566 | 46042 | 83.222.32.166 | 192.168.2.13 |
Jan 19, 2025 03:52:57.710184097 CET | 46042 | 13566 | 192.168.2.13 | 83.222.32.166 |
Jan 19, 2025 03:52:57.711461067 CET | 32796 | 13566 | 192.168.2.13 | 83.222.72.87 |
Jan 19, 2025 03:52:57.713547945 CET | 36602 | 13566 | 192.168.2.13 | 83.222.74.4 |
Jan 19, 2025 03:52:57.713784933 CET | 13566 | 37920 | 83.222.237.53 | 192.168.2.13 |
Jan 19, 2025 03:52:57.713843107 CET | 37920 | 13566 | 192.168.2.13 | 83.222.237.53 |
Jan 19, 2025 03:52:57.715814114 CET | 48868 | 13566 | 192.168.2.13 | 83.222.17.194 |
Jan 19, 2025 03:52:57.716387987 CET | 13566 | 32796 | 83.222.72.87 | 192.168.2.13 |
Jan 19, 2025 03:52:57.716439962 CET | 32796 | 13566 | 192.168.2.13 | 83.222.72.87 |
Jan 19, 2025 03:52:57.716974974 CET | 51984 | 13566 | 192.168.2.13 | 83.222.254.61 |
Jan 19, 2025 03:52:57.717689037 CET | 34680 | 13566 | 192.168.2.13 | 83.222.95.173 |
Jan 19, 2025 03:52:57.718358040 CET | 13566 | 36602 | 83.222.74.4 | 192.168.2.13 |
Jan 19, 2025 03:52:57.718406916 CET | 36602 | 13566 | 192.168.2.13 | 83.222.74.4 |
Jan 19, 2025 03:52:57.718472004 CET | 44624 | 13566 | 192.168.2.13 | 83.222.143.144 |
Jan 19, 2025 03:52:57.720685005 CET | 13566 | 48868 | 83.222.17.194 | 192.168.2.13 |
Jan 19, 2025 03:52:57.720745087 CET | 48868 | 13566 | 192.168.2.13 | 83.222.17.194 |
Jan 19, 2025 03:52:57.721801996 CET | 13566 | 51984 | 83.222.254.61 | 192.168.2.13 |
Jan 19, 2025 03:52:57.721892118 CET | 51984 | 13566 | 192.168.2.13 | 83.222.254.61 |
Jan 19, 2025 03:52:57.722527981 CET | 13566 | 34680 | 83.222.95.173 | 192.168.2.13 |
Jan 19, 2025 03:52:57.722613096 CET | 34680 | 13566 | 192.168.2.13 | 83.222.95.173 |
Jan 19, 2025 03:52:57.723272085 CET | 13566 | 44624 | 83.222.143.144 | 192.168.2.13 |
Jan 19, 2025 03:52:57.723340988 CET | 44624 | 13566 | 192.168.2.13 | 83.222.143.144 |
Jan 19, 2025 03:52:57.729427099 CET | 44624 | 13566 | 192.168.2.13 | 83.222.143.144 |
Jan 19, 2025 03:52:57.730390072 CET | 44806 | 13566 | 192.168.2.13 | 83.222.43.209 |
Jan 19, 2025 03:52:57.732620955 CET | 34100 | 13566 | 192.168.2.13 | 83.222.86.225 |
Jan 19, 2025 03:52:57.733913898 CET | 34360 | 13566 | 192.168.2.13 | 83.222.194.171 |
Jan 19, 2025 03:52:57.734399080 CET | 13566 | 44624 | 83.222.143.144 | 192.168.2.13 |
Jan 19, 2025 03:52:57.734453917 CET | 44624 | 13566 | 192.168.2.13 | 83.222.143.144 |
Jan 19, 2025 03:52:57.734771967 CET | 35410 | 13566 | 192.168.2.13 | 83.222.8.167 |
Jan 19, 2025 03:52:57.735224962 CET | 13566 | 44806 | 83.222.43.209 | 192.168.2.13 |
Jan 19, 2025 03:52:57.735266924 CET | 44806 | 13566 | 192.168.2.13 | 83.222.43.209 |
Jan 19, 2025 03:52:57.737500906 CET | 13566 | 34100 | 83.222.86.225 | 192.168.2.13 |
Jan 19, 2025 03:52:57.737631083 CET | 34100 | 13566 | 192.168.2.13 | 83.222.86.225 |
Jan 19, 2025 03:52:57.738775015 CET | 13566 | 34360 | 83.222.194.171 | 192.168.2.13 |
Jan 19, 2025 03:52:57.738923073 CET | 34360 | 13566 | 192.168.2.13 | 83.222.194.171 |
Jan 19, 2025 03:52:57.739612103 CET | 13566 | 35410 | 83.222.8.167 | 192.168.2.13 |
Jan 19, 2025 03:52:57.739666939 CET | 35410 | 13566 | 192.168.2.13 | 83.222.8.167 |
Jan 19, 2025 03:52:57.745340109 CET | 37940 | 13566 | 192.168.2.13 | 83.222.41.198 |
Jan 19, 2025 03:52:57.747090101 CET | 37922 | 13566 | 192.168.2.13 | 83.222.247.95 |
Jan 19, 2025 03:52:57.749247074 CET | 36418 | 13566 | 192.168.2.13 | 83.222.244.73 |
Jan 19, 2025 03:52:57.750256062 CET | 13566 | 37940 | 83.222.41.198 | 192.168.2.13 |
Jan 19, 2025 03:52:57.750310898 CET | 37940 | 13566 | 192.168.2.13 | 83.222.41.198 |
Jan 19, 2025 03:52:57.750653028 CET | 54926 | 13566 | 192.168.2.13 | 83.222.32.21 |
Jan 19, 2025 03:52:57.751936913 CET | 46276 | 13566 | 192.168.2.13 | 83.222.239.13 |
Jan 19, 2025 03:52:57.751945972 CET | 13566 | 37922 | 83.222.247.95 | 192.168.2.13 |
Jan 19, 2025 03:52:57.751998901 CET | 37922 | 13566 | 192.168.2.13 | 83.222.247.95 |
Jan 19, 2025 03:52:57.753736973 CET | 58912 | 13566 | 192.168.2.13 | 83.222.74.56 |
Jan 19, 2025 03:52:57.754158020 CET | 13566 | 36418 | 83.222.244.73 | 192.168.2.13 |
Jan 19, 2025 03:52:57.754293919 CET | 36418 | 13566 | 192.168.2.13 | 83.222.244.73 |
Jan 19, 2025 03:52:57.755525112 CET | 13566 | 54926 | 83.222.32.21 | 192.168.2.13 |
Jan 19, 2025 03:52:57.755580902 CET | 54926 | 13566 | 192.168.2.13 | 83.222.32.21 |
Jan 19, 2025 03:52:57.755947113 CET | 43104 | 13566 | 192.168.2.13 | 83.222.101.148 |
Jan 19, 2025 03:52:57.756917000 CET | 13566 | 46276 | 83.222.239.13 | 192.168.2.13 |
Jan 19, 2025 03:52:57.757015944 CET | 46276 | 13566 | 192.168.2.13 | 83.222.239.13 |
Jan 19, 2025 03:52:57.757636070 CET | 50650 | 13566 | 192.168.2.13 | 83.222.60.118 |
Jan 19, 2025 03:52:57.758636951 CET | 13566 | 58912 | 83.222.74.56 | 192.168.2.13 |
Jan 19, 2025 03:52:57.758682013 CET | 58912 | 13566 | 192.168.2.13 | 83.222.74.56 |
Jan 19, 2025 03:52:57.759711027 CET | 53506 | 13566 | 192.168.2.13 | 83.222.87.58 |
Jan 19, 2025 03:52:57.760776043 CET | 13566 | 43104 | 83.222.101.148 | 192.168.2.13 |
Jan 19, 2025 03:52:57.760821104 CET | 43104 | 13566 | 192.168.2.13 | 83.222.101.148 |
Jan 19, 2025 03:52:57.761125088 CET | 56468 | 13566 | 192.168.2.13 | 83.222.180.182 |
Jan 19, 2025 03:52:57.762490034 CET | 13566 | 50650 | 83.222.60.118 | 192.168.2.13 |
Jan 19, 2025 03:52:57.762531042 CET | 50650 | 13566 | 192.168.2.13 | 83.222.60.118 |
Jan 19, 2025 03:52:57.762876987 CET | 57750 | 13566 | 192.168.2.13 | 83.222.232.67 |
Jan 19, 2025 03:52:57.764533043 CET | 13566 | 53506 | 83.222.87.58 | 192.168.2.13 |
Jan 19, 2025 03:52:57.764666080 CET | 53506 | 13566 | 192.168.2.13 | 83.222.87.58 |
Jan 19, 2025 03:52:57.764729977 CET | 39222 | 13566 | 192.168.2.13 | 83.222.71.19 |
Jan 19, 2025 03:52:57.766016006 CET | 13566 | 56468 | 83.222.180.182 | 192.168.2.13 |
Jan 19, 2025 03:52:57.766063929 CET | 56468 | 13566 | 192.168.2.13 | 83.222.180.182 |
Jan 19, 2025 03:52:57.766712904 CET | 36050 | 13566 | 192.168.2.13 | 83.222.20.157 |
Jan 19, 2025 03:52:57.767627001 CET | 13566 | 57750 | 83.222.232.67 | 192.168.2.13 |
Jan 19, 2025 03:52:57.767683983 CET | 57750 | 13566 | 192.168.2.13 | 83.222.232.67 |
Jan 19, 2025 03:52:57.768157005 CET | 55966 | 13566 | 192.168.2.13 | 83.222.244.214 |
Jan 19, 2025 03:52:57.769551992 CET | 13566 | 39222 | 83.222.71.19 | 192.168.2.13 |
Jan 19, 2025 03:52:57.769598007 CET | 39222 | 13566 | 192.168.2.13 | 83.222.71.19 |
Jan 19, 2025 03:52:57.770315886 CET | 42352 | 13566 | 192.168.2.13 | 83.222.72.253 |
Jan 19, 2025 03:52:57.771625996 CET | 13566 | 36050 | 83.222.20.157 | 192.168.2.13 |
Jan 19, 2025 03:52:57.771814108 CET | 36050 | 13566 | 192.168.2.13 | 83.222.20.157 |
Jan 19, 2025 03:52:57.772670984 CET | 33100 | 13566 | 192.168.2.13 | 83.222.126.114 |
Jan 19, 2025 03:52:57.773067951 CET | 13566 | 55966 | 83.222.244.214 | 192.168.2.13 |
Jan 19, 2025 03:52:57.773123980 CET | 55966 | 13566 | 192.168.2.13 | 83.222.244.214 |
Jan 19, 2025 03:52:57.774234056 CET | 49972 | 13566 | 192.168.2.13 | 83.222.195.117 |
Jan 19, 2025 03:52:57.775206089 CET | 13566 | 42352 | 83.222.72.253 | 192.168.2.13 |
Jan 19, 2025 03:52:57.775249958 CET | 42352 | 13566 | 192.168.2.13 | 83.222.72.253 |
Jan 19, 2025 03:52:57.776529074 CET | 53482 | 13566 | 192.168.2.13 | 83.222.209.183 |
Jan 19, 2025 03:52:57.777539015 CET | 13566 | 33100 | 83.222.126.114 | 192.168.2.13 |
Jan 19, 2025 03:52:57.777625084 CET | 33100 | 13566 | 192.168.2.13 | 83.222.126.114 |
Jan 19, 2025 03:52:57.778096914 CET | 54090 | 13566 | 192.168.2.13 | 83.222.190.241 |
Jan 19, 2025 03:52:57.779031992 CET | 13566 | 49972 | 83.222.195.117 | 192.168.2.13 |
Jan 19, 2025 03:52:57.779076099 CET | 49972 | 13566 | 192.168.2.13 | 83.222.195.117 |
Jan 19, 2025 03:52:57.779994011 CET | 58102 | 13566 | 192.168.2.13 | 83.222.204.173 |
Jan 19, 2025 03:52:57.781131029 CET | 33504 | 13566 | 192.168.2.13 | 83.222.255.23 |
Jan 19, 2025 03:52:57.781377077 CET | 13566 | 53482 | 83.222.209.183 | 192.168.2.13 |
Jan 19, 2025 03:52:57.781424999 CET | 53482 | 13566 | 192.168.2.13 | 83.222.209.183 |
Jan 19, 2025 03:52:57.782942057 CET | 13566 | 54090 | 83.222.190.241 | 192.168.2.13 |
Jan 19, 2025 03:52:57.782987118 CET | 54090 | 13566 | 192.168.2.13 | 83.222.190.241 |
Jan 19, 2025 03:52:57.783783913 CET | 54868 | 13566 | 192.168.2.13 | 83.222.229.100 |
Jan 19, 2025 03:52:57.784837008 CET | 13566 | 58102 | 83.222.204.173 | 192.168.2.13 |
Jan 19, 2025 03:52:57.784883022 CET | 58102 | 13566 | 192.168.2.13 | 83.222.204.173 |
Jan 19, 2025 03:52:57.785976887 CET | 13566 | 33504 | 83.222.255.23 | 192.168.2.13 |
Jan 19, 2025 03:52:57.786026955 CET | 33504 | 13566 | 192.168.2.13 | 83.222.255.23 |
Jan 19, 2025 03:52:57.786109924 CET | 60878 | 13566 | 192.168.2.13 | 83.222.171.33 |
Jan 19, 2025 03:52:57.788239956 CET | 58142 | 13566 | 192.168.2.13 | 83.222.218.2 |
Jan 19, 2025 03:52:57.789755106 CET | 42224 | 13566 | 192.168.2.13 | 83.222.92.142 |
Jan 19, 2025 03:52:57.790713072 CET | 39946 | 13566 | 192.168.2.13 | 83.222.185.68 |
Jan 19, 2025 03:52:57.791573048 CET | 54224 | 13566 | 192.168.2.13 | 83.222.209.0 |
Jan 19, 2025 03:52:57.792402983 CET | 34506 | 13566 | 192.168.2.13 | 83.222.87.229 |
Jan 19, 2025 03:52:57.793436050 CET | 52768 | 13566 | 192.168.2.13 | 83.222.157.75 |
Jan 19, 2025 03:52:57.793744087 CET | 13566 | 54868 | 83.222.229.100 | 192.168.2.13 |
Jan 19, 2025 03:52:57.793773890 CET | 13566 | 60878 | 83.222.171.33 | 192.168.2.13 |
Jan 19, 2025 03:52:57.793793917 CET | 54868 | 13566 | 192.168.2.13 | 83.222.229.100 |
Jan 19, 2025 03:52:57.793802977 CET | 13566 | 58142 | 83.222.218.2 | 192.168.2.13 |
Jan 19, 2025 03:52:57.793819904 CET | 60878 | 13566 | 192.168.2.13 | 83.222.171.33 |
Jan 19, 2025 03:52:57.793951988 CET | 58142 | 13566 | 192.168.2.13 | 83.222.218.2 |
Jan 19, 2025 03:52:57.794218063 CET | 45296 | 13566 | 192.168.2.13 | 83.222.188.229 |
Jan 19, 2025 03:52:57.795406103 CET | 46180 | 13566 | 192.168.2.13 | 83.222.72.58 |
Jan 19, 2025 03:52:57.796361923 CET | 45092 | 13566 | 192.168.2.13 | 83.222.87.11 |
Jan 19, 2025 03:52:57.797342062 CET | 60528 | 13566 | 192.168.2.13 | 83.222.175.41 |
Jan 19, 2025 03:52:57.798384905 CET | 40924 | 13566 | 192.168.2.13 | 83.222.195.109 |
Jan 19, 2025 03:52:57.798692942 CET | 13566 | 42224 | 83.222.92.142 | 192.168.2.13 |
Jan 19, 2025 03:52:57.798722982 CET | 13566 | 39946 | 83.222.185.68 | 192.168.2.13 |
Jan 19, 2025 03:52:57.798743963 CET | 42224 | 13566 | 192.168.2.13 | 83.222.92.142 |
Jan 19, 2025 03:52:57.798751116 CET | 13566 | 54224 | 83.222.209.0 | 192.168.2.13 |
Jan 19, 2025 03:52:57.798780918 CET | 13566 | 34506 | 83.222.87.229 | 192.168.2.13 |
Jan 19, 2025 03:52:57.798788071 CET | 54224 | 13566 | 192.168.2.13 | 83.222.209.0 |
Jan 19, 2025 03:52:57.798810005 CET | 13566 | 52768 | 83.222.157.75 | 192.168.2.13 |
Jan 19, 2025 03:52:57.798839092 CET | 34506 | 13566 | 192.168.2.13 | 83.222.87.229 |
Jan 19, 2025 03:52:57.798844099 CET | 52768 | 13566 | 192.168.2.13 | 83.222.157.75 |
Jan 19, 2025 03:52:57.798887968 CET | 39946 | 13566 | 192.168.2.13 | 83.222.185.68 |
Jan 19, 2025 03:52:57.799040079 CET | 13566 | 45296 | 83.222.188.229 | 192.168.2.13 |
Jan 19, 2025 03:52:57.799088001 CET | 45296 | 13566 | 192.168.2.13 | 83.222.188.229 |
Jan 19, 2025 03:52:57.799159050 CET | 55062 | 13566 | 192.168.2.13 | 83.222.26.143 |
Jan 19, 2025 03:52:57.799789906 CET | 33650 | 13566 | 192.168.2.13 | 83.222.26.25 |
Jan 19, 2025 03:52:57.800311089 CET | 13566 | 46180 | 83.222.72.58 | 192.168.2.13 |
Jan 19, 2025 03:52:57.800355911 CET | 46180 | 13566 | 192.168.2.13 | 83.222.72.58 |
Jan 19, 2025 03:52:57.800734043 CET | 57620 | 13566 | 192.168.2.13 | 83.222.166.0 |
Jan 19, 2025 03:52:57.801243067 CET | 13566 | 45092 | 83.222.87.11 | 192.168.2.13 |
Jan 19, 2025 03:52:57.801280975 CET | 45092 | 13566 | 192.168.2.13 | 83.222.87.11 |
Jan 19, 2025 03:52:57.801707983 CET | 46276 | 13566 | 192.168.2.13 | 83.222.125.82 |
Jan 19, 2025 03:52:57.802220106 CET | 13566 | 60528 | 83.222.175.41 | 192.168.2.13 |
Jan 19, 2025 03:52:57.802278996 CET | 60528 | 13566 | 192.168.2.13 | 83.222.175.41 |
Jan 19, 2025 03:52:57.803226948 CET | 13566 | 40924 | 83.222.195.109 | 192.168.2.13 |
Jan 19, 2025 03:52:57.803272963 CET | 40924 | 13566 | 192.168.2.13 | 83.222.195.109 |
Jan 19, 2025 03:52:57.803342104 CET | 38084 | 13566 | 192.168.2.13 | 83.222.33.88 |
Jan 19, 2025 03:52:57.803944111 CET | 13566 | 55062 | 83.222.26.143 | 192.168.2.13 |
Jan 19, 2025 03:52:57.803989887 CET | 55062 | 13566 | 192.168.2.13 | 83.222.26.143 |
Jan 19, 2025 03:52:57.804367065 CET | 59930 | 13566 | 192.168.2.13 | 83.222.84.125 |
Jan 19, 2025 03:52:57.804590940 CET | 13566 | 33650 | 83.222.26.25 | 192.168.2.13 |
Jan 19, 2025 03:52:57.804675102 CET | 33650 | 13566 | 192.168.2.13 | 83.222.26.25 |
Jan 19, 2025 03:52:57.805332899 CET | 51128 | 13566 | 192.168.2.13 | 83.222.230.13 |
Jan 19, 2025 03:52:57.805645943 CET | 13566 | 57620 | 83.222.166.0 | 192.168.2.13 |
Jan 19, 2025 03:52:57.805697918 CET | 57620 | 13566 | 192.168.2.13 | 83.222.166.0 |
Jan 19, 2025 03:52:57.806545019 CET | 47360 | 13566 | 192.168.2.13 | 83.222.193.184 |
Jan 19, 2025 03:52:57.806598902 CET | 13566 | 46276 | 83.222.125.82 | 192.168.2.13 |
Jan 19, 2025 03:52:57.806673050 CET | 46276 | 13566 | 192.168.2.13 | 83.222.125.82 |
Jan 19, 2025 03:52:57.807411909 CET | 41722 | 13566 | 192.168.2.13 | 83.222.13.24 |
Jan 19, 2025 03:52:57.808159113 CET | 13566 | 38084 | 83.222.33.88 | 192.168.2.13 |
Jan 19, 2025 03:52:57.808203936 CET | 38084 | 13566 | 192.168.2.13 | 83.222.33.88 |
Jan 19, 2025 03:52:57.809242964 CET | 13566 | 59930 | 83.222.84.125 | 192.168.2.13 |
Jan 19, 2025 03:52:57.809295893 CET | 59930 | 13566 | 192.168.2.13 | 83.222.84.125 |
Jan 19, 2025 03:52:57.810272932 CET | 13566 | 51128 | 83.222.230.13 | 192.168.2.13 |
Jan 19, 2025 03:52:57.810338974 CET | 51128 | 13566 | 192.168.2.13 | 83.222.230.13 |
Jan 19, 2025 03:52:57.811458111 CET | 13566 | 47360 | 83.222.193.184 | 192.168.2.13 |
Jan 19, 2025 03:52:57.811506033 CET | 47360 | 13566 | 192.168.2.13 | 83.222.193.184 |
Jan 19, 2025 03:52:57.812215090 CET | 13566 | 41722 | 83.222.13.24 | 192.168.2.13 |
Jan 19, 2025 03:52:57.812278986 CET | 41722 | 13566 | 192.168.2.13 | 83.222.13.24 |
Jan 19, 2025 03:52:57.817553043 CET | 42836 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:52:57.822654963 CET | 13566 | 42836 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:52:57.822916985 CET | 42836 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:52:57.823642969 CET | 42836 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:52:57.828882933 CET | 13566 | 42836 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:52:57.829176903 CET | 42836 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:52:57.834553957 CET | 13566 | 42836 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:53:07.833956003 CET | 42836 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:53:07.840413094 CET | 13566 | 42836 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:53:08.045028925 CET | 13566 | 42836 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:53:08.045233011 CET | 42836 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:53:08.445049047 CET | 13566 | 42836 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:53:08.445380926 CET | 42836 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:54:08.503264904 CET | 42836 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:54:08.508483887 CET | 13566 | 42836 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:54:08.699491978 CET | 13566 | 42836 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:54:08.699801922 CET | 42836 | 13566 | 192.168.2.13 | 83.222.191.90 |
Jan 19, 2025 03:54:09.442231894 CET | 13566 | 42836 | 83.222.191.90 | 192.168.2.13 |
Jan 19, 2025 03:54:09.442678928 CET | 42836 | 13566 | 192.168.2.13 | 83.222.191.90 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jan 19, 2025 03:52:57.809637070 CET | 49301 | 53 | 192.168.2.13 | 8.8.8.8 |
Jan 19, 2025 03:52:57.816600084 CET | 53 | 49301 | 8.8.8.8 | 192.168.2.13 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Jan 19, 2025 03:52:57.809637070 CET | 192.168.2.13 | 8.8.8.8 | 0xa794 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Jan 19, 2025 03:52:57.816600084 CET | 8.8.8.8 | 192.168.2.13 | 0xa794 | No error (0) | 83.222.191.90 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 02:52:56 |
Start date (UTC): | 19/01/2025 |
Path: | /tmp/loki.ppc.elf |
Arguments: | /tmp/loki.ppc.elf |
File size: | 5388968 bytes |
MD5 hash: | ae65271c943d3451b7f026d1fadccea6 |
Start time (UTC): | 02:52:56 |
Start date (UTC): | 19/01/2025 |
Path: | /tmp/loki.ppc.elf |
Arguments: | - |
File size: | 5388968 bytes |
MD5 hash: | ae65271c943d3451b7f026d1fadccea6 |
Start time (UTC): | 02:52:56 |
Start date (UTC): | 19/01/2025 |
Path: | /tmp/loki.ppc.elf |
Arguments: | - |
File size: | 5388968 bytes |
MD5 hash: | ae65271c943d3451b7f026d1fadccea6 |