Joe Sandbox Cloud Basic Analysis Report
Edit tour

Linux Analysis Report
ub8ehJSePAfc9FYqZIT6.ppc.elf

Overview

General Information

Sample name:ub8ehJSePAfc9FYqZIT6.ppc.elf
Analysis ID:1617278
MD5:7d801090340204a8a06d6d146a5bce37
SHA1:fa66c9c88041bad2ab86fe072be2cd4f133bdb48
SHA256:2b78c2e5ee97a28456c3823a382d1295f30a607a068f8a11635a746e05ce74e3
Tags:elfuser-abuse_ch
Infos:

Detection

Score:68
Range:0 - 100

Signatures

Antivirus / Scanner detection for submitted sample
Malicious sample detected (through community Yara rule)
Multi AV Scanner detection for submitted file
Sample is packed with UPX
Detected TCP or UDP traffic on non-standard ports
ELF contains segments with high entropy indicating compressed/encrypted content
Enumerates processes within the "proc" file system
Sample contains only a LOAD segment without any section mappings
Uses the "uname" system call to query kernel version information (possible evasion)
Yara signature match

Classification

RansomwareSpreadingPhishingBankerTrojan / BotAdwareSpywareExploiterEvaderMinercleansuspiciousmalicious

General Information

Joe Sandbox version:42.0.0 Malachite
Analysis ID:1617278
Start date and time:2025-02-17 17:22:31 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 4m 41s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:ub8ehJSePAfc9FYqZIT6.ppc.elf
Detection:MAL
Classification:mal68.evad.linELF@0/0@0/0

Runtime Messages

Command:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
PID:5488
Exit Code:0
Exit Code Info:
Killed:False
Standard Output:
lzrd cock fest"/proc/"/exe
Standard Error:

Process Tree

  • system is lnxubuntu20
  • cleanup

Yara Signatures

Memory Dumps

SourceRuleDescriptionAuthorStrings
5488.1.00007f1c08014000.00007f1c08017000.rwx.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0x350:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x364:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x378:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x38c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x404:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x418:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x42c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x440:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x454:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x468:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x47c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x490:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4a4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4b8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4cc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4e0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
5508.1.00007f1c08014000.00007f1c08017000.rwx.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0x350:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x364:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x378:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x38c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x404:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x418:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x42c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x440:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x454:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x468:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x47c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x490:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4a4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4b8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4cc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4e0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
5492.1.00007f1c08014000.00007f1c08017000.rwx.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0x350:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x364:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x378:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x38c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x404:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x418:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x42c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x440:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x454:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x468:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x47c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x490:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4a4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4b8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4cc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4e0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
5490.1.00007f1c08014000.00007f1c08017000.rwx.sdmpLinux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0x350:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x364:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x378:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x38c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3a0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3b4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3c8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3dc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x3f0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x404:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x418:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x42c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x440:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x454:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x468:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x47c:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x490:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4a4:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4b8:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4cc:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x4e0:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5488Linux_Trojan_Gafgyt_28a2fe0cunknownunknown
  • 0x11f:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x133:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x147:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x15b:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x16f:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x183:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x197:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x1ab:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x1bf:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x1d3:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x1e7:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x1fb:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x20f:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x223:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x237:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x24b:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x25f:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x273:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x287:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x29b:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
  • 0x2af:$a: 2F 78 33 38 2F 78 46 4A 2F 78 39 33 2F 78 49 44 2F 78 39 41 2F 78 33 38 2F 78 46 4A 2F
Click to see the 3 entries

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

  • AV Detection
  • Networking
  • System Summary
  • Data Obfuscation
  • Persistence and Installation Behavior
  • Hooking and other Techniques for Hiding and Protection
  • Malware Analysis System Evasion

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Source: ub8ehJSePAfc9FYqZIT6.ppc.elfAvira: detected
Source: ub8ehJSePAfc9FYqZIT6.ppc.elfReversingLabs: Detection: 44%
Source: global trafficTCP traffic: 192.168.2.14:43462 -> 61.7.209.115:3778
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: unknownTCP traffic detected without corresponding DNS query: 61.7.209.115
Source: ub8ehJSePAfc9FYqZIT6.ppc.elfString found in binary or memory: http://upx.sf.net

System Summary

barindex
Source: 5488.1.00007f1c08014000.00007f1c08017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5508.1.00007f1c08014000.00007f1c08017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5492.1.00007f1c08014000.00007f1c08017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: 5490.1.00007f1c08014000.00007f1c08017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5488, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5490, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5492, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5508, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c Author: unknown
Source: LOAD without section mappingsProgram segment: 0x100000
Source: 5488.1.00007f1c08014000.00007f1c08017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5508.1.00007f1c08014000.00007f1c08017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5492.1.00007f1c08014000.00007f1c08017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: 5490.1.00007f1c08014000.00007f1c08017000.rwx.sdmp, type: MEMORYMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5488, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5490, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5492, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: Process Memory Space: ub8ehJSePAfc9FYqZIT6.ppc.elf PID: 5508, type: MEMORYSTRMatched rule: Linux_Trojan_Gafgyt_28a2fe0c os = linux, severity = x86, creation_date = 2021-01-12, scan_context = file, memory, license = Elastic License v2, threat_name = Linux.Trojan.Gafgyt, fingerprint = a2c6beaec18ca876e8487c11bcc7a29279669588aacb7d3027d8d8df8f5bcead, id = 28a2fe0c-eed5-4c79-81e6-3b11b73a4ebd, last_modified = 2021-09-16
Source: classification engineClassification label: mal68.evad.linELF@0/0@0/0

Data Obfuscation

barindex
Source: initial sampleString containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sampleString containing UPX found: $Info: This file is packed with the UPX executable packer http://upx.sf.net $
Source: initial sampleString containing UPX found: $Id: UPX 3.94 Copyright (C) 1996-2017 the UPX Team. All Rights Reserved. $
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/3760/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/1583/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/2672/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/110/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/3759/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/111/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/112/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/113/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/234/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/1577/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/114/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/235/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/115/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/116/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/117/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/118/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/119/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/3757/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/10/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/917/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/3758/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/11/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/12/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/13/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/14/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/15/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/16/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/17/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/18/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/19/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/1593/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/240/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/120/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/3094/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/121/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/242/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/3406/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/1/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/122/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/243/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/2/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/123/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/244/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/1589/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/3/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/124/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/245/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/1588/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/125/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/4/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/246/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/3402/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/126/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/5/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/247/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/127/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/6/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/248/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/128/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/7/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/249/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/8/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/129/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/800/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/9/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/801/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/803/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/20/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/806/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/21/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/807/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/928/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/22/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/23/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/24/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/25/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/26/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/27/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/28/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/29/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/3420/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/490/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/250/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/130/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/251/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/131/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/252/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/132/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/253/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/254/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/255/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/135/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/256/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/1599/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/257/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/378/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/258/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/3412/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/259/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/30/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/35/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/1371/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/260/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/261/statusJump to behavior
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)File opened: /proc/262/statusJump to behavior
Source: ub8ehJSePAfc9FYqZIT6.ppc.elfSubmission file: segment LOAD with 7.9639 entropy (max. 8.0)
Source: /tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf (PID: 5488)Queries kernel information via 'uname': Jump to behavior
Source: ub8ehJSePAfc9FYqZIT6.ppc.elf, 5490.1.000055ff4d517000.000055ff4d5c7000.rw-.sdmpBinary or memory string: !/etc/qemu-binfmt/ppc11!hotpluggableq
Source: ub8ehJSePAfc9FYqZIT6.ppc.elf, 5488.1.000055ff4d517000.000055ff4d5e8000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5492.1.000055ff4d517000.000055ff4d5c7000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5508.1.000055ff4d517000.000055ff4d5e8000.rw-.sdmpBinary or memory string: !/etc/qemu-binfmt/ppc1
Source: ub8ehJSePAfc9FYqZIT6.ppc.elf, 5488.1.000055ff4d517000.000055ff4d5e8000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5490.1.000055ff4d517000.000055ff4d5c7000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5492.1.000055ff4d517000.000055ff4d5c7000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5508.1.000055ff4d517000.000055ff4d5e8000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/ppc
Source: ub8ehJSePAfc9FYqZIT6.ppc.elf, 5488.1.00007ffc7a59f000.00007ffc7a5c0000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5490.1.00007ffc7a59f000.00007ffc7a5c0000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5492.1.00007ffc7a59f000.00007ffc7a5c0000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5508.1.00007ffc7a59f000.00007ffc7a5c0000.rw-.sdmpBinary or memory string: /usr/bin/qemu-ppc
Source: ub8ehJSePAfc9FYqZIT6.ppc.elf, 5488.1.00007ffc7a59f000.00007ffc7a5c0000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5490.1.00007ffc7a59f000.00007ffc7a5c0000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5492.1.00007ffc7a59f000.00007ffc7a5c0000.rw-.sdmp, ub8ehJSePAfc9FYqZIT6.ppc.elf, 5508.1.00007ffc7a59f000.00007ffc7a5c0000.rw-.sdmpBinary or memory string: x86_64/usr/bin/qemu-ppc/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid AccountsWindows Management InstrumentationPath InterceptionPath Interception11
Obfuscated Files or Information		1
OS Credential Dumping		11
Security Software Discovery		Remote ServicesData from Local System1
Non-Standard Port		Exfiltration Over Other Network MediumAbuse Accessibility Features

Malware Configuration

No configs have been found

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Number of created Files
  • Is malicious
  • Internet
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1617278 Sample: ub8ehJSePAfc9FYqZIT6.ppc.elf Startdate: 17/02/2025 Architecture: LINUX Score: 68 20 61.7.209.115, 3778, 43462, 43464 CAT-APTheCommunicationAuthoityofThailandCATTH Thailand 2->20 22 Malicious sample detected (through community Yara rule) 2->22 24 Antivirus / Scanner detection for submitted sample 2->24 26 Multi AV Scanner detection for submitted file 2->26 28 Sample is packed with UPX 2->28 8 ub8ehJSePAfc9FYqZIT6.ppc.elf 2->8         started        signatures3 process4 process5 10 ub8ehJSePAfc9FYqZIT6.ppc.elf 8->10         started        12 ub8ehJSePAfc9FYqZIT6.ppc.elf 8->12         started        14 ub8ehJSePAfc9FYqZIT6.ppc.elf 8->14         started        process6 16 ub8ehJSePAfc9FYqZIT6.ppc.elf 10->16         started        18 ub8ehJSePAfc9FYqZIT6.ppc.elf 10->18         started       

Screenshots

Download Video

Thumbnails

This section contains all screenshots as thumbnails, including those not shown in the slideshow.


windows-stand

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
ub8ehJSePAfc9FYqZIT6.ppc.elf44%ReversingLabsLinux.Trojan.Mirai
ub8ehJSePAfc9FYqZIT6.ppc.elf100%AviraEXP/ELF.Agent.F.118

Dropped Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Download Network PCAP: filteredfull

Contacted Domains

No contacted domains info
NameSourceMaliciousAntivirus DetectionReputation
http://upx.sf.netub8ehJSePAfc9FYqZIT6.ppc.elffalse
    		high

    World Map of Contacted IPs

    • No. of IPs < 25%
    • 25% < No. of IPs < 50%
    • 50% < No. of IPs < 75%
    • 75% < No. of IPs

    Public IPs

    IPDomainCountryFlagASNASN NameMalicious
    61.7.209.115
    		unknownThailand
    		9931CAT-APTheCommunicationAuthoityofThailandCATTHfalse

    Joe Sandbox View / Context

    IPs

    MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
    61.7.209.115ub8ehJSePAfc9FYqZIT6.x86.elfGet hashmaliciousUnknownBrowse

      Domains

      No context

      ASNs

      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
      CAT-APTheCommunicationAuthoityofThailandCATTHub8ehJSePAfc9FYqZIT6.x86.elfGet hashmaliciousUnknownBrowse
      • 61.7.209.115
      mpsl.elfGet hashmaliciousMirai, MoobotBrowse
      • 122.155.121.49
      .Sarm5.elfGet hashmaliciousMiraiBrowse
      • 61.19.165.82
      https://storage.thaicarecloud.org/Package4273221/step1.php?id=98204537Get hashmaliciousUnknownBrowse
      • 61.19.254.8
      m68k.elfGet hashmaliciousUnknownBrowse
      • 122.155.121.43
      3.elfGet hashmaliciousUnknownBrowse
      • 122.155.39.113
      Fantazy.arm7.elfGet hashmaliciousMiraiBrowse
      • 122.155.121.187
      mipsel.nn.elfGet hashmaliciousMirai, OkiruBrowse
      • 202.129.40.184
      spc.elfGet hashmaliciousMiraiBrowse
      • 110.78.81.185
      botx.spc.elfGet hashmaliciousMiraiBrowse
      • 122.155.39.115

      JA3 Fingerprints

      No context

      Dropped Files

      No context

      Created / dropped Files

      No created / dropped files found

      Static File Info

      General

      File type:ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1 (GNU/Linux), statically linked, no section header
      Entropy (8bit):7.9618840755942655
      TrID:
      • ELF Executable and Linkable format (Linux) (4029/14) 50.16%
      • ELF Executable and Linkable format (generic) (4004/1) 49.84%
      File name:ub8ehJSePAfc9FYqZIT6.ppc.elf
      File size:40'324 bytes
      MD5:7d801090340204a8a06d6d146a5bce37
      SHA1:fa66c9c88041bad2ab86fe072be2cd4f133bdb48
      SHA256:2b78c2e5ee97a28456c3823a382d1295f30a607a068f8a11635a746e05ce74e3
      SHA512:0e9d9fa37b1fb11c09790296471c0745dec7c2b13a4fb7d455579c853d30bb8a67dccf18edf312d857e907ed422d2ed75442b38fa6dc9c230d547d8d2deace71
      SSDEEP:768:yrqQ4JXTPxcCj3do/vTKRVDkO1HmQcvbG+TqarjEP8or8qoZT4uVcqgw09P:uqQbCj3do/+fDrJ1cyUqOgkMMZT4u+qe
      TLSH:E603F157C88D5FD6EAFFE8615305CAD1F2E05A9CBFB24D9D1856CB07332E868520CA60
      File Content Preview:.ELF...........................4.........4. ...(.......................x...x..............k...k...k.................dt.Q................................UPX!..........b...b........V.......?.E.h4...@b........=.a....`..Y...j{.c.HL}.....H..z.q.H.....8ea......

      Static ELF Info

      ELF header

      Class:ELF32
      Data:2's complement, big endian
      Version:1 (current)
      Machine:PowerPC
      Version Number:0x1
      Type:EXEC (Executable file)
      OS/ABI:UNIX - Linux
      ABI Version:0
      Entry Point Address:0x108a90
      Flags:0x0
      ELF Header Size:52
      Program Header Offset:52
      Program Header Size:32
      Number of Program Headers:3
      Section Header Offset:0
      Section Header Size:40
      Number of Section Headers:0
      Header String Table Index:0

      Program Segments

      TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
      LOAD0x00x1000000x1000000x9c780x9c787.96390x5R E0x10000
      LOAD0x6b900x10026b900x10026b900x00x00.00000x6RW 0x10000
      GNU_STACK0x00x00x00x00x00.00000x6RW 0x4

      Network Behavior

      Download Network PCAP: filteredfull

      TimestampSource PortDest PortSource IPDest IP
      Feb 17, 2025 17:23:21.759123087 CET434623778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:21.764607906 CET37784346261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:21.764704943 CET434623778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:21.826663971 CET434623778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:21.831453085 CET37784346261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:21.831500053 CET434623778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:21.836321115 CET37784346261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:27.918418884 CET434643778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:27.923333883 CET37784346461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:27.923396111 CET434643778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:27.992244959 CET434643778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:27.997050047 CET37784346461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:27.997216940 CET434643778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:28.002161980 CET37784346461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:28.924117088 CET37784346461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:28.924360991 CET434643778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:28.924520016 CET434643778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:28.925067902 CET434663778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:28.929857016 CET37784346661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:28.930057049 CET434663778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:28.930969000 CET434663778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:28.935828924 CET37784346661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:28.935920954 CET434663778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:28.940671921 CET37784346661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:29.902009010 CET37784346661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:29.902328968 CET434663778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:29.902328968 CET434663778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:29.902913094 CET434683778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:29.907819986 CET37784346861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:29.907896042 CET434683778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:29.908823967 CET434683778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:29.913706064 CET37784346861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:29.913779020 CET434683778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:29.918526888 CET37784346861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:30.865067959 CET37784346861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:30.865190029 CET434683778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:30.865299940 CET434683778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:30.865976095 CET434703778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:30.870800972 CET37784347061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:30.870860100 CET434703778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:30.871635914 CET434703778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:30.876393080 CET37784347061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:30.876441956 CET434703778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:30.881218910 CET37784347061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:31.836488962 CET434623778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:31.841389894 CET37784346261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:31.848236084 CET37784347061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:31.848323107 CET434703778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:31.848404884 CET434703778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:31.849231005 CET434723778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:31.854028940 CET37784347261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:31.854120970 CET434723778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:31.855134964 CET434723778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:31.859972954 CET37784347261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:31.860042095 CET434723778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:31.864804029 CET37784347261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:32.188733101 CET37784346261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:32.188901901 CET434623778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:32.822674036 CET37784347261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:32.822911978 CET434723778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:32.822988987 CET434723778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:32.823757887 CET434743778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:32.828694105 CET37784347461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:32.828788042 CET434743778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:32.829735041 CET434743778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:32.834527969 CET37784347461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:32.834610939 CET434743778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:32.839442015 CET37784347461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:33.820461988 CET37784347461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:33.820741892 CET434743778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:33.820741892 CET434743778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:33.821399927 CET434763778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:33.826752901 CET37784347661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:33.826811075 CET434763778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:33.828058004 CET434763778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:33.833340883 CET37784347661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:33.833409071 CET434763778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:33.838968992 CET37784347661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:34.831139088 CET37784347661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:34.831316948 CET434763778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:34.831316948 CET434763778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:34.832011938 CET434783778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:34.836775064 CET37784347861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:34.836895943 CET434783778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:34.837984085 CET434783778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:34.842842102 CET37784347861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:34.842922926 CET434783778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:34.847738028 CET37784347861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:35.822469950 CET37784347861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:35.822716951 CET434783778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:35.822845936 CET434783778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:35.823623896 CET434803778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:35.828450918 CET37784348061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:35.828516006 CET434803778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:35.829392910 CET434803778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:35.834223986 CET37784348061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:35.834317923 CET434803778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:35.839071989 CET37784348061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:36.823424101 CET37784348061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:36.823550940 CET434803778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:36.823605061 CET434803778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:36.824316025 CET434823778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:36.829116106 CET37784348261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:36.829216003 CET434823778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:36.830209017 CET434823778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:36.834989071 CET37784348261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:36.835063934 CET434823778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:36.839792013 CET37784348261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:37.818450928 CET37784348261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:37.818789005 CET434823778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:37.818820000 CET434823778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:37.819546938 CET434843778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:37.824434996 CET37784348461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:37.824517965 CET434843778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:37.825818062 CET434843778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:37.830704927 CET37784348461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:37.830770016 CET434843778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:37.835607052 CET37784348461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:38.840126991 CET37784348461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:38.840269089 CET434843778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:38.840316057 CET434843778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:38.840976000 CET434863778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:38.846025944 CET37784348661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:38.846160889 CET434863778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:38.847218037 CET434863778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:38.852066994 CET37784348661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:38.852121115 CET434863778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:38.856971025 CET37784348661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:39.971342087 CET37784348661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:39.971621990 CET434863778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:39.971621990 CET434863778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:39.972369909 CET434883778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:39.977247953 CET37784348861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:39.977417946 CET434883778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:39.978504896 CET434883778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:39.983294010 CET37784348861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:39.983372927 CET434883778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:39.988168001 CET37784348861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:41.003272057 CET37784348861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:41.003530979 CET434883778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:41.003710032 CET434883778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:41.004601955 CET434903778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:41.009382963 CET37784349061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:41.009453058 CET434903778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:41.010773897 CET434903778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:41.016804934 CET37784349061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:41.016863108 CET434903778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:41.022983074 CET37784349061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:41.993180990 CET37784349061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:41.993550062 CET434903778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:41.993550062 CET434903778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:41.994518995 CET434923778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:41.999444008 CET37784349261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:41.999567032 CET434923778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:42.000737906 CET434923778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:42.005506039 CET37784349261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:42.005588055 CET434923778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:42.010426998 CET37784349261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:43.002253056 CET37784349261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:43.002607107 CET434923778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:43.002607107 CET434923778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:43.003259897 CET434943778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:43.008158922 CET37784349461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:43.008264065 CET434943778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:43.009481907 CET434943778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:43.218498945 CET434943778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:43.430454016 CET434943778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:43.434829950 CET37784349461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:43.436763048 CET37784349461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:43.436779976 CET37784349461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:44.212747097 CET37784349461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:44.212964058 CET434943778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:44.212965012 CET434943778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:44.213792086 CET434963778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:44.218606949 CET37784349661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:44.218708992 CET434963778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:44.219748974 CET434963778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:44.224534988 CET37784349661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:44.224605083 CET434963778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:44.229393959 CET37784349661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:45.206691027 CET37784349661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:45.206964970 CET434963778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:45.206964970 CET434963778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:45.207813025 CET434983778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:45.216245890 CET37784349861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:45.216320992 CET434983778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:45.217626095 CET434983778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:45.222404957 CET37784349861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:45.222465992 CET434983778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:45.227217913 CET37784349861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:46.257580996 CET37784349861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:46.257859945 CET434983778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:46.257859945 CET434983778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:46.258718014 CET435003778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:46.263622046 CET37784350061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:46.263859034 CET435003778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:46.265099049 CET435003778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:46.269923925 CET37784350061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:46.270019054 CET435003778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:46.274816036 CET37784350061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:47.305439949 CET37784350061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:47.305784941 CET435003778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:47.305846930 CET435003778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:47.306704044 CET435023778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:47.311558962 CET37784350261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:47.311641932 CET435023778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:47.313107014 CET435023778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:47.317934990 CET37784350261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:47.318032026 CET435023778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:47.322930098 CET37784350261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:48.347390890 CET37784350261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:48.347517967 CET435023778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:48.347552061 CET435023778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:48.348269939 CET435043778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:48.353142023 CET37784350461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:48.353199959 CET435043778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:48.354429007 CET435043778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:48.359189987 CET37784350461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:48.359253883 CET435043778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:48.364007950 CET37784350461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:49.329962969 CET37784350461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:49.330152988 CET435043778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:49.330214024 CET435043778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:49.330892086 CET435063778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:49.335799932 CET37784350661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:49.335865974 CET435063778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:49.336708069 CET435063778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:49.341522932 CET37784350661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:49.341569901 CET435063778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:49.346303940 CET37784350661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:50.324769974 CET37784350661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:50.324879885 CET435063778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:50.324954987 CET435063778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:50.325651884 CET435083778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:50.330466032 CET37784350861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:50.330549002 CET435083778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:50.331419945 CET435083778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:50.336210966 CET37784350861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:50.336277008 CET435083778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:50.341022968 CET37784350861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:51.319068909 CET37784350861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:51.319191933 CET435083778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:51.319262981 CET435083778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:51.319865942 CET435103778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:51.324714899 CET37784351061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:51.324801922 CET435103778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:51.325721979 CET435103778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:51.330497980 CET37784351061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:51.330557108 CET435103778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:51.335361958 CET37784351061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:52.473659992 CET37784351061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:52.474157095 CET435103778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:52.474158049 CET435103778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:52.474955082 CET435123778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:52.479798079 CET37784351261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:52.479877949 CET435123778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:52.481100082 CET435123778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:52.485924959 CET37784351261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:52.486007929 CET435123778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:52.692395926 CET37784351261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:53.475478888 CET37784351261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:53.475755930 CET435123778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:53.475755930 CET435123778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:53.476481915 CET435143778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:53.481354952 CET37784351461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:53.481472015 CET435143778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:53.482697964 CET435143778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:53.487469912 CET37784351461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:53.487554073 CET435143778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:53.492626905 CET37784351461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:54.590394974 CET37784351461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:54.590558052 CET435143778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:54.590595961 CET435143778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:54.591165066 CET435163778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:54.596019983 CET37784351661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:54.596092939 CET435163778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:54.597054005 CET435163778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:54.601898909 CET37784351661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:54.601963997 CET435163778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:54.606726885 CET37784351661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:55.731992960 CET37784351661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:55.732264042 CET435163778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:55.732264042 CET435163778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:55.733465910 CET435183778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:55.738846064 CET37784351861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:55.738955021 CET435183778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:55.740484953 CET435183778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:55.745290995 CET37784351861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:55.745374918 CET435183778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:55.750189066 CET37784351861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:56.712790966 CET37784351861.7.209.115192.168.2.14
      Feb 17, 2025 17:23:56.713027954 CET435183778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:56.713080883 CET435183778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:56.714037895 CET435203778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:56.718882084 CET37784352061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:56.718949080 CET435203778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:56.720477104 CET435203778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:56.725270033 CET37784352061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:56.725334883 CET435203778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:56.730128050 CET37784352061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:57.696932077 CET37784352061.7.209.115192.168.2.14
      Feb 17, 2025 17:23:57.697155952 CET435203778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:57.697221994 CET435203778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:57.698425055 CET435223778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:57.703335047 CET37784352261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:57.703473091 CET435223778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:57.705086946 CET435223778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:57.709902048 CET37784352261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:57.709983110 CET435223778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:57.714824915 CET37784352261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:58.668802023 CET37784352261.7.209.115192.168.2.14
      Feb 17, 2025 17:23:58.669151068 CET435223778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:58.669151068 CET435223778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:58.670075893 CET435243778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:58.675071001 CET37784352461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:58.675167084 CET435243778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:58.676407099 CET435243778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:58.681394100 CET37784352461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:58.681479931 CET435243778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:58.686328888 CET37784352461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:59.753587961 CET37784352461.7.209.115192.168.2.14
      Feb 17, 2025 17:23:59.753783941 CET435243778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:59.753822088 CET435243778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:59.754597902 CET435263778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:59.759433985 CET37784352661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:59.759552956 CET435263778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:59.761034012 CET435263778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:59.766379118 CET37784352661.7.209.115192.168.2.14
      Feb 17, 2025 17:23:59.766467094 CET435263778192.168.2.1461.7.209.115
      Feb 17, 2025 17:23:59.772120953 CET37784352661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:00.862411976 CET37784352661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:00.862622023 CET435263778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:00.862714052 CET435263778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:00.863715887 CET435283778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:00.868576050 CET37784352861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:00.868660927 CET435283778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:00.869854927 CET435283778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:00.874699116 CET37784352861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:00.874772072 CET435283778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:00.879606962 CET37784352861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:01.876403093 CET37784352861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:01.876583099 CET435283778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:01.876661062 CET435283778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:01.877432108 CET435303778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:01.885094881 CET37784353061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:01.885229111 CET435303778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:01.886554003 CET435303778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:01.894001007 CET37784353061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:01.894081116 CET435303778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:01.899852037 CET37784353061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:02.885931015 CET37784353061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:02.886070013 CET435303778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:02.886176109 CET435303778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:02.886934996 CET435323778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:02.891765118 CET37784353261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:02.891849041 CET435323778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:02.892926931 CET435323778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:02.897768974 CET37784353261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:02.897836924 CET435323778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:02.902631998 CET37784353261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:03.858979940 CET37784353261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:03.859158993 CET435323778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:03.859201908 CET435323778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:03.859723091 CET435343778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:03.864500046 CET37784353461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:03.864582062 CET435343778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:03.865451097 CET435343778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:03.870202065 CET37784353461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:03.870263100 CET435343778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:03.875029087 CET37784353461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:04.838061094 CET37784353461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:04.838227987 CET435343778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:04.838342905 CET435343778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:04.839061022 CET435363778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:04.843885899 CET37784353661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:04.843967915 CET435363778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:04.845038891 CET435363778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:04.849895954 CET37784353661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:04.849977970 CET435363778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:04.854754925 CET37784353661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:05.812107086 CET37784353661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:05.812252045 CET435363778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:05.812289000 CET435363778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:05.812918901 CET435383778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:05.817708015 CET37784353861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:05.817758083 CET435383778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:05.818593979 CET435383778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:05.823368073 CET37784353861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:05.823410988 CET435383778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:05.828124046 CET37784353861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:06.799053907 CET37784353861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:06.799237967 CET435383778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:06.799300909 CET435383778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:06.800242901 CET435403778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:06.805098057 CET37784354061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:06.805219889 CET435403778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:06.806385040 CET435403778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:06.811160088 CET37784354061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:06.811239004 CET435403778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:06.816457987 CET37784354061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:07.843405008 CET37784354061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:07.843590975 CET435403778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:07.843686104 CET435403778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:07.844403982 CET435423778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:07.849353075 CET37784354261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:07.849440098 CET435423778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:07.850346088 CET435423778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:07.855218887 CET37784354261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:07.855298996 CET435423778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:07.860227108 CET37784354261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:08.945890903 CET37784354261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:08.946050882 CET435423778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:08.946145058 CET435423778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:08.946729898 CET435443778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:08.951627970 CET37784354461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:08.951767921 CET435443778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:08.952789068 CET435443778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:08.957587957 CET37784354461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:08.957649946 CET435443778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:08.962500095 CET37784354461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:10.845458984 CET37784354461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:10.845807076 CET435443778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:10.845824957 CET37784354461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:10.845865011 CET435443778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:10.845933914 CET435443778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:10.846380949 CET37784354461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:10.846457958 CET435443778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:10.846725941 CET435463778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:10.846965075 CET37784354461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:10.847022057 CET435443778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:10.847939968 CET37784354461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:10.848016977 CET435443778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:10.855638981 CET37784354661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:10.855809927 CET435463778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:10.857074022 CET435463778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:10.861864090 CET37784354661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:10.861933947 CET435463778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:10.866847038 CET37784354661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:11.926249981 CET37784354661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:11.926364899 CET435463778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:11.926410913 CET435463778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:11.927486897 CET435483778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:11.932301998 CET37784354861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:11.932391882 CET435483778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:11.933393955 CET435483778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:11.938146114 CET37784354861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:11.938194990 CET435483778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:11.943085909 CET37784354861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:12.957355976 CET37784354861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:12.957551003 CET435483778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:12.957581997 CET435483778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:12.958743095 CET435503778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:12.963527918 CET37784355061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:12.963589907 CET435503778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:12.964705944 CET435503778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:12.969489098 CET37784355061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:12.969542980 CET435503778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:12.975337029 CET37784355061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:14.677058935 CET37784355061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:14.677196980 CET37784355061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:14.677263021 CET37784355061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:14.677414894 CET435503778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:14.677443981 CET435503778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:14.677443981 CET435503778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:14.677515030 CET435503778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:14.678404093 CET435523778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:14.679541111 CET37784355061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:14.679635048 CET435503778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:14.685044050 CET37784355261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:14.685125113 CET435523778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:14.686602116 CET435523778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:14.691368103 CET37784355261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:14.691427946 CET435523778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:14.696193933 CET37784355261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:15.675343990 CET37784355261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:15.675477982 CET435523778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:15.675534964 CET435523778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:15.676119089 CET435543778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:15.680897951 CET37784355461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:15.681015015 CET435543778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:15.681849003 CET435543778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:15.686853886 CET37784355461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:15.686903954 CET435543778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:15.691648006 CET37784355461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:16.651437044 CET37784355461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:16.651788950 CET435543778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:16.651832104 CET435543778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:16.652681112 CET435563778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:16.657538891 CET37784355661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:16.657622099 CET435563778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:16.658885002 CET435563778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:16.663882971 CET37784355661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:16.663958073 CET435563778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:16.668843985 CET37784355661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:17.662883043 CET37784355661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:17.663041115 CET435563778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:17.663041115 CET435563778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:17.663698912 CET435583778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:17.668509007 CET37784355861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:17.668617964 CET435583778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:17.669359922 CET435583778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:17.674117088 CET37784355861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:17.674201965 CET435583778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:17.678999901 CET37784355861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:18.665035963 CET37784355861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:18.665437937 CET435583778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:18.665438890 CET435583778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:18.666066885 CET435603778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:18.670907021 CET37784356061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:18.670994043 CET435603778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:18.671896935 CET435603778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:18.676691055 CET37784356061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:18.676774025 CET435603778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:18.681575060 CET37784356061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:19.719883919 CET37784356061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:19.720179081 CET435603778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:19.720179081 CET435603778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:19.721086979 CET435623778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:19.725894928 CET37784356261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:19.725980997 CET435623778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:19.726720095 CET435623778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:19.731506109 CET37784356261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:19.731556892 CET435623778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:19.736300945 CET37784356261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:20.731746912 CET37784356261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:20.732037067 CET435623778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:20.732075930 CET435623778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:20.732722044 CET435643778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:20.739841938 CET37784356461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:20.739900112 CET435643778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:20.740923882 CET435643778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:20.747637033 CET37784356461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:20.747689962 CET435643778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:20.754537106 CET37784356461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:21.761543989 CET37784356461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:21.761699915 CET435643778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:21.761787891 CET435643778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:21.762387991 CET435663778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:21.767117977 CET37784356661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:21.767204046 CET435663778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:21.767946959 CET435663778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:21.772758007 CET37784356661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:21.772845030 CET435663778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:21.777601957 CET37784356661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:22.749618053 CET37784356661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:22.749794960 CET435663778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:22.749828100 CET435663778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:22.750528097 CET435683778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:22.755285025 CET37784356861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:22.755338907 CET435683778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:22.756030083 CET435683778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:22.760756969 CET37784356861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:22.760930061 CET435683778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:22.765819073 CET37784356861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:23.749372005 CET37784356861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:23.749596119 CET435683778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:23.749650955 CET435683778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:23.750500917 CET435703778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:23.755328894 CET37784357061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:23.755433083 CET435703778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:23.756247044 CET435703778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:23.761039019 CET37784357061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:23.761131048 CET435703778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:23.765870094 CET37784357061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:24.750133991 CET37784357061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:24.750392914 CET435703778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:24.750442982 CET435703778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:24.751050949 CET435723778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:24.755882025 CET37784357261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:24.755953074 CET435723778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:24.756784916 CET435723778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:24.761578083 CET37784357261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:24.761631966 CET435723778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:24.766413927 CET37784357261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:25.734270096 CET37784357261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:25.734508038 CET435723778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:25.734508991 CET435723778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:25.735167980 CET435743778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:25.739985943 CET37784357461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:25.740046024 CET435743778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:25.741456032 CET435743778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:25.746262074 CET37784357461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:25.746367931 CET435743778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:25.751127958 CET37784357461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:26.993501902 CET37784357461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:26.993761063 CET435743778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:26.993761063 CET435743778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:26.994277000 CET435763778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:26.994383097 CET37784357461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:26.994415045 CET37784357461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:26.994446039 CET435743778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:26.994457960 CET435743778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:26.999753952 CET37784357661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:26.999814034 CET435763778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:27.000576973 CET435763778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:27.005309105 CET37784357661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:27.005357981 CET435763778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:27.010185957 CET37784357661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:28.012803078 CET37784357661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:28.013046980 CET435763778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:28.013077021 CET435763778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:28.013776064 CET435783778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:28.018538952 CET37784357861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:28.018893957 CET435783778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:28.019984961 CET435783778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:28.024769068 CET37784357861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:28.024843931 CET435783778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:28.029629946 CET37784357861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:29.115350962 CET37784357861.7.209.115192.168.2.14
      Feb 17, 2025 17:24:29.115556002 CET435783778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:29.115658998 CET435783778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:29.116408110 CET435803778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:29.121237993 CET37784358061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:29.121331930 CET435803778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:29.122453928 CET435803778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:29.127283096 CET37784358061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:29.127360106 CET435803778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:29.132155895 CET37784358061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:30.418732882 CET37784358061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:30.418859005 CET435803778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:30.418879032 CET435803778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:30.419040918 CET37784358061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:30.419087887 CET37784358061.7.209.115192.168.2.14
      Feb 17, 2025 17:24:30.419148922 CET435803778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:30.419148922 CET435803778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:30.419620037 CET435823778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:30.424696922 CET37784358261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:30.424843073 CET435823778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:30.425688982 CET435823778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:30.430483103 CET37784358261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:30.430557966 CET435823778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:30.435278893 CET37784358261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:31.403852940 CET37784358261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:31.404035091 CET435823778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:31.404035091 CET435823778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:31.404555082 CET435843778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:31.409435987 CET37784358461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:31.409518957 CET435843778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:31.410221100 CET435843778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:31.415026903 CET37784358461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:31.415106058 CET435843778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:31.419996977 CET37784358461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:32.246462107 CET434623778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:32.251378059 CET37784346261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:32.395040989 CET37784358461.7.209.115192.168.2.14
      Feb 17, 2025 17:24:32.395175934 CET435843778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:32.395294905 CET435843778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:32.396176100 CET435863778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:32.401124954 CET37784358661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:32.401227951 CET435863778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:32.402354002 CET435863778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:32.407171011 CET37784358661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:32.407277107 CET435863778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:32.412168980 CET37784358661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:32.598507881 CET37784346261.7.209.115192.168.2.14
      Feb 17, 2025 17:24:32.598717928 CET434623778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:42.408201933 CET435863778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:42.413301945 CET37784358661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:43.601810932 CET37784358661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:43.602097988 CET37784358661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:43.602154016 CET435863778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:43.602210045 CET435863778192.168.2.1461.7.209.115
      Feb 17, 2025 17:24:43.602807045 CET37784358661.7.209.115192.168.2.14
      Feb 17, 2025 17:24:43.602869987 CET435863778192.168.2.1461.7.209.115

      System Behavior

      General

      Start time (UTC):16:23:20
      Start date (UTC):17/02/2025
      Path:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
      Arguments:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
      File size:5388968 bytes
      MD5 hash:ae65271c943d3451b7f026d1fadccea6

      File Activities

      Process Activities

      System Activities

      Network Activities


      General

      Start time (UTC):16:23:20
      Start date (UTC):17/02/2025
      Path:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
      Arguments:-
      File size:5388968 bytes
      MD5 hash:ae65271c943d3451b7f026d1fadccea6

      Process Activities


      General

      Start time (UTC):16:23:20
      Start date (UTC):17/02/2025
      Path:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
      Arguments:-
      File size:5388968 bytes
      MD5 hash:ae65271c943d3451b7f026d1fadccea6

      File Activities

      Process Activities


      General

      Start time (UTC):16:23:20
      Start date (UTC):17/02/2025
      Path:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
      Arguments:-
      File size:5388968 bytes
      MD5 hash:ae65271c943d3451b7f026d1fadccea6

      Process Activities

      Network Activities


      General

      Start time (UTC):16:23:26
      Start date (UTC):17/02/2025
      Path:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
      Arguments:-
      File size:5388968 bytes
      MD5 hash:ae65271c943d3451b7f026d1fadccea6

      File Activities

      Process Activities


      General

      Start time (UTC):16:23:26
      Start date (UTC):17/02/2025
      Path:/tmp/ub8ehJSePAfc9FYqZIT6.ppc.elf
      Arguments:-
      File size:5388968 bytes
      MD5 hash:ae65271c943d3451b7f026d1fadccea6

      Process Activities

      Network Activities