Linux
Analysis Report
zerspc.elf
Overview
General Information
Sample name: | zerspc.elf |
Analysis ID: | 1628708 |
MD5: | dcbcc097951aeb29929569bd5d8e992e |
SHA1: | 177f68a3dbbabf286c11638fc078eaf0a0056524 |
SHA256: | 53f9cda28d0063032152a724349521a61f5ee7942e123a720ec15148c2a72d2f |
Tags: | elfuser-abuse_ch |
Infos: |
Detection
Score: | 52 |
Range: | 0 - 100 |
Signatures
Multi AV Scanner detection for submitted file
Sends malformed DNS queries
Detected TCP or UDP traffic on non-standard ports
Sample has stripped symbol table
Sample listens on a socket
Uses the "uname" system call to query kernel version information (possible evasion)
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1628708 |
Start date and time: | 2025-03-04 03:46:15 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 43s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | zerspc.elf |
Detection: | MAL |
Classification: | mal52.troj.linELF@0/0@40/0 |
Command: | /tmp/zerspc.elf |
PID: | 5552 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | gosh that chinese family at the other table sure ate a lot |
Standard Error: |
- system is lnxubuntu20
- zerspc.elf New Fork (PID: 5554, Parent: 5552)
- zerspc.elf New Fork (PID: 5556, Parent: 5554)
- cleanup
⊘No yara matches
⊘No Suricata rule has matched
- • AV Detection
- • Networking
- • System Summary
- • Malware Analysis System Evasion
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Networking |
---|
Source: | DNS traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | .symtab present: |
Source: | Classification label: |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | Direct Volume Access | OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
⊘No configs have been found
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
38% | Virustotal | Browse | ||
37% | ReversingLabs | Linux.Backdoor.Mirai |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
watchmepull.dyn | 46.19.143.10 | true | false | high | |
ohlookthereismyboats.geek | 46.19.143.10 | true | false | high | |
watchmepull.dyn. [malformed] | unknown | unknown | false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
46.19.143.10 | watchmepull.dyn | Switzerland | 51852 | PLI-ASCH | false | |
185.159.74.127 | unknown | Georgia | 59447 | SAYFANETTR | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
46.19.143.10 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
ohlookthereismyboats.geek | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
PLI-ASCH | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
SAYFANETTR | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 6.033384667884947 |
TrID: |
|
File name: | zerspc.elf |
File size: | 53'712 bytes |
MD5: | dcbcc097951aeb29929569bd5d8e992e |
SHA1: | 177f68a3dbbabf286c11638fc078eaf0a0056524 |
SHA256: | 53f9cda28d0063032152a724349521a61f5ee7942e123a720ec15148c2a72d2f |
SHA512: | 4d5728886229766ef66a44d8b81fca368ed4107fffdb6630a3ee1551b25284b45cb7e08159383af9b3fc9968ccd665876edceea8e12be0235210e4eeacea5ea4 |
SSDEEP: | 768:gnodq9NbwosyoynH9C0KjIa8fel9irO+3xwRitdFv:gn8SNbbUynH9C0Kjf8fxvP |
TLSH: | 16335B21BE792E17C0D5B8BA22F34728F3E5560E25A8CB1E7DB20E8DFF1594451076B2 |
File Content Preview: | .ELF...........................4.........4. ...(..........................................................%.........dt.Q................................@..(....@.0.................#.....c...`.....!..... ...@.....".........`......$ ... ...@...........`.... |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 53272 |
Section Header Size: | 40 |
Number of Section Headers: | 11 |
Header String Table Index: | 10 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x10094 | 0x94 | 0x1c | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.text | PROGBITS | 0x100b0 | 0xb0 | 0xc2f4 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.fini | PROGBITS | 0x1c3a4 | 0xc3a4 | 0x14 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.rodata | PROGBITS | 0x1c3b8 | 0xc3b8 | 0x918 | 0x0 | 0x2 | A | 0 | 0 | 8 |
.ctors | PROGBITS | 0x2ccd4 | 0xccd4 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x2ccdc | 0xccdc | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.jcr | PROGBITS | 0x2cce4 | 0xcce4 | 0x4 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x2cce8 | 0xcce8 | 0x2ec | 0x0 | 0x3 | WA | 0 | 0 | 8 |
.bss | NOBITS | 0x2cfd8 | 0xcfd4 | 0x2290 | 0x0 | 0x3 | WA | 0 | 0 | 8 |
.shstrtab | STRTAB | 0x0 | 0xcfd4 | 0x43 | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x10000 | 0x10000 | 0xccd0 | 0xccd0 | 6.0775 | 0x5 | R E | 0x10000 | .init .text .fini .rodata | |
LOAD | 0xccd4 | 0x2ccd4 | 0x2ccd4 | 0x300 | 0x2594 | 2.1553 | 0x6 | RW | 0x10000 | .ctors .dtors .jcr .data .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x4 |
Download Network PCAP: filtered – full
- Total Packets: 101
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 4, 2025 03:47:13.855627060 CET | 52260 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:13.860702991 CET | 1440 | 52260 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:13.860753059 CET | 52260 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:13.873411894 CET | 52260 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:13.878458023 CET | 1440 | 52260 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:13.878500938 CET | 52260 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:13.883536100 CET | 1440 | 52260 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:23.883862972 CET | 52260 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:23.890997887 CET | 1440 | 52260 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:24.084822893 CET | 1440 | 52260 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:24.085608959 CET | 52260 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:24.092479944 CET | 1440 | 52260 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:24.107275963 CET | 34222 | 1440 | 192.168.2.15 | 185.159.74.127 |
Mar 4, 2025 03:47:24.112504959 CET | 1440 | 34222 | 185.159.74.127 | 192.168.2.15 |
Mar 4, 2025 03:47:24.112580061 CET | 34222 | 1440 | 192.168.2.15 | 185.159.74.127 |
Mar 4, 2025 03:47:24.113498926 CET | 34222 | 1440 | 192.168.2.15 | 185.159.74.127 |
Mar 4, 2025 03:47:24.120558023 CET | 1440 | 34222 | 185.159.74.127 | 192.168.2.15 |
Mar 4, 2025 03:47:24.120619059 CET | 34222 | 1440 | 192.168.2.15 | 185.159.74.127 |
Mar 4, 2025 03:47:24.127686024 CET | 1440 | 34222 | 185.159.74.127 | 192.168.2.15 |
Mar 4, 2025 03:47:34.900449038 CET | 1440 | 34222 | 185.159.74.127 | 192.168.2.15 |
Mar 4, 2025 03:47:34.900751114 CET | 34222 | 1440 | 192.168.2.15 | 185.159.74.127 |
Mar 4, 2025 03:47:34.905911922 CET | 1440 | 34222 | 185.159.74.127 | 192.168.2.15 |
Mar 4, 2025 03:47:34.926783085 CET | 52264 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:34.932009935 CET | 1440 | 52264 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:34.932080030 CET | 52264 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:34.933325052 CET | 52264 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:34.938395023 CET | 1440 | 52264 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:34.938556910 CET | 52264 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:34.943635941 CET | 1440 | 52264 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:45.488172054 CET | 1440 | 52264 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:45.488527060 CET | 52264 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:45.495085001 CET | 1440 | 52264 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:45.660968065 CET | 52266 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:45.667686939 CET | 1440 | 52266 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:45.667792082 CET | 52266 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:45.669049978 CET | 52266 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:45.675545931 CET | 1440 | 52266 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:45.675633907 CET | 52266 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:45.682230949 CET | 1440 | 52266 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:56.247838974 CET | 1440 | 52266 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:56.248446941 CET | 52266 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:56.253468990 CET | 1440 | 52266 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:56.289484024 CET | 52268 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:56.294600964 CET | 1440 | 52268 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:56.294686079 CET | 52268 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:56.296269894 CET | 52268 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:56.301314116 CET | 1440 | 52268 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:47:56.301389933 CET | 52268 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:47:56.306476116 CET | 1440 | 52268 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:06.842907906 CET | 1440 | 52268 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:06.843271971 CET | 52268 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:06.848819017 CET | 1440 | 52268 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:06.945168018 CET | 52270 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:06.950491905 CET | 1440 | 52270 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:06.950601101 CET | 52270 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:06.952049017 CET | 52270 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:06.958489895 CET | 1440 | 52270 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:06.958559036 CET | 52270 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:06.966922045 CET | 1440 | 52270 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:17.506669044 CET | 1440 | 52270 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:17.507353067 CET | 52270 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:17.512408018 CET | 1440 | 52270 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:17.705450058 CET | 52272 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:17.710583925 CET | 1440 | 52272 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:17.710719109 CET | 52272 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:17.712367058 CET | 52272 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:17.717497110 CET | 1440 | 52272 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:17.717572927 CET | 52272 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:17.722661018 CET | 1440 | 52272 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:27.722299099 CET | 52272 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:27.727354050 CET | 1440 | 52272 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:27.915122986 CET | 1440 | 52272 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:27.915443897 CET | 52272 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:27.920555115 CET | 1440 | 52272 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:28.369541883 CET | 52274 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:28.374607086 CET | 1440 | 52274 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:28.374664068 CET | 52274 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:28.376068115 CET | 52274 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:28.381112099 CET | 1440 | 52274 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:28.381164074 CET | 52274 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:28.386200905 CET | 1440 | 52274 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:38.939337015 CET | 1440 | 52274 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:38.940320015 CET | 52274 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:38.945462942 CET | 1440 | 52274 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:39.139496088 CET | 52276 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:39.144598007 CET | 1440 | 52276 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:39.144676924 CET | 52276 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:39.145962000 CET | 52276 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:39.150928974 CET | 1440 | 52276 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:39.150998116 CET | 52276 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:39.156265974 CET | 1440 | 52276 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:49.737819910 CET | 1440 | 52276 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:49.738035917 CET | 52276 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:49.743096113 CET | 1440 | 52276 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:49.901581049 CET | 52278 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:49.906609058 CET | 1440 | 52278 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:49.906686068 CET | 52278 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:49.907669067 CET | 52278 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:49.912724972 CET | 1440 | 52278 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:48:49.912775040 CET | 52278 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:48:49.917853117 CET | 1440 | 52278 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:49:00.470617056 CET | 1440 | 52278 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:49:00.470815897 CET | 52278 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:49:00.475986004 CET | 1440 | 52278 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:49:00.932667017 CET | 52280 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:49:00.937946081 CET | 1440 | 52280 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:49:00.938268900 CET | 52280 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:49:00.940306902 CET | 52280 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:49:00.945414066 CET | 1440 | 52280 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:49:00.945563078 CET | 52280 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:49:00.950651884 CET | 1440 | 52280 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:49:11.501929045 CET | 1440 | 52280 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:49:11.502500057 CET | 52280 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:49:11.508357048 CET | 1440 | 52280 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:49:11.522588968 CET | 52282 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:49:11.527679920 CET | 1440 | 52282 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:49:11.527760983 CET | 52282 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:49:11.528723955 CET | 52282 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:49:11.533729076 CET | 1440 | 52282 | 46.19.143.10 | 192.168.2.15 |
Mar 4, 2025 03:49:11.533807039 CET | 52282 | 1440 | 192.168.2.15 | 46.19.143.10 |
Mar 4, 2025 03:49:11.538955927 CET | 1440 | 52282 | 46.19.143.10 | 192.168.2.15 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 4, 2025 03:47:13.836800098 CET | 58835 | 53 | 192.168.2.15 | 152.53.15.127 |
Mar 4, 2025 03:47:13.854707003 CET | 53 | 58835 | 152.53.15.127 | 192.168.2.15 |
Mar 4, 2025 03:47:24.088044882 CET | 46033 | 53 | 192.168.2.15 | 202.61.197.122 |
Mar 4, 2025 03:47:24.106555939 CET | 53 | 46033 | 202.61.197.122 | 192.168.2.15 |
Mar 4, 2025 03:47:34.902545929 CET | 53420 | 53 | 192.168.2.15 | 194.36.144.87 |
Mar 4, 2025 03:47:34.925882101 CET | 53 | 53420 | 194.36.144.87 | 192.168.2.15 |
Mar 4, 2025 03:47:45.490015984 CET | 46755 | 53 | 192.168.2.15 | 81.169.136.222 |
Mar 4, 2025 03:47:45.524311066 CET | 53 | 46755 | 81.169.136.222 | 192.168.2.15 |
Mar 4, 2025 03:47:45.526027918 CET | 49988 | 53 | 192.168.2.15 | 81.169.136.222 |
Mar 4, 2025 03:47:45.557591915 CET | 53 | 49988 | 81.169.136.222 | 192.168.2.15 |
Mar 4, 2025 03:47:45.559231997 CET | 47776 | 53 | 192.168.2.15 | 81.169.136.222 |
Mar 4, 2025 03:47:45.591871023 CET | 53 | 47776 | 81.169.136.222 | 192.168.2.15 |
Mar 4, 2025 03:47:45.593441963 CET | 39226 | 53 | 192.168.2.15 | 81.169.136.222 |
Mar 4, 2025 03:47:45.625277996 CET | 53 | 39226 | 81.169.136.222 | 192.168.2.15 |
Mar 4, 2025 03:47:45.626944065 CET | 51952 | 53 | 192.168.2.15 | 81.169.136.222 |
Mar 4, 2025 03:47:45.660013914 CET | 53 | 51952 | 81.169.136.222 | 192.168.2.15 |
Mar 4, 2025 03:47:56.250716925 CET | 42195 | 53 | 192.168.2.15 | 185.181.61.24 |
Mar 4, 2025 03:47:56.288199902 CET | 53 | 42195 | 185.181.61.24 | 192.168.2.15 |
Mar 4, 2025 03:48:06.845238924 CET | 55865 | 53 | 192.168.2.15 | 152.53.15.127 |
Mar 4, 2025 03:48:06.863373995 CET | 53 | 55865 | 152.53.15.127 | 192.168.2.15 |
Mar 4, 2025 03:48:06.865091085 CET | 57019 | 53 | 192.168.2.15 | 152.53.15.127 |
Mar 4, 2025 03:48:06.883708000 CET | 53 | 57019 | 152.53.15.127 | 192.168.2.15 |
Mar 4, 2025 03:48:06.885323048 CET | 38837 | 53 | 192.168.2.15 | 152.53.15.127 |
Mar 4, 2025 03:48:06.904256105 CET | 53 | 38837 | 152.53.15.127 | 192.168.2.15 |
Mar 4, 2025 03:48:06.905776024 CET | 34054 | 53 | 192.168.2.15 | 152.53.15.127 |
Mar 4, 2025 03:48:06.923927069 CET | 53 | 34054 | 152.53.15.127 | 192.168.2.15 |
Mar 4, 2025 03:48:06.925708055 CET | 47374 | 53 | 192.168.2.15 | 152.53.15.127 |
Mar 4, 2025 03:48:06.944479942 CET | 53 | 47374 | 152.53.15.127 | 192.168.2.15 |
Mar 4, 2025 03:48:17.509505033 CET | 33385 | 53 | 192.168.2.15 | 185.181.61.24 |
Mar 4, 2025 03:48:17.546992064 CET | 53 | 33385 | 185.181.61.24 | 192.168.2.15 |
Mar 4, 2025 03:48:17.548887968 CET | 36387 | 53 | 192.168.2.15 | 185.181.61.24 |
Mar 4, 2025 03:48:17.586466074 CET | 53 | 36387 | 185.181.61.24 | 192.168.2.15 |
Mar 4, 2025 03:48:17.588501930 CET | 51983 | 53 | 192.168.2.15 | 185.181.61.24 |
Mar 4, 2025 03:48:17.626080036 CET | 53 | 51983 | 185.181.61.24 | 192.168.2.15 |
Mar 4, 2025 03:48:17.627696037 CET | 41840 | 53 | 192.168.2.15 | 185.181.61.24 |
Mar 4, 2025 03:48:17.665205002 CET | 53 | 41840 | 185.181.61.24 | 192.168.2.15 |
Mar 4, 2025 03:48:17.667190075 CET | 54154 | 53 | 192.168.2.15 | 185.181.61.24 |
Mar 4, 2025 03:48:17.704550028 CET | 53 | 54154 | 185.181.61.24 | 192.168.2.15 |
Mar 4, 2025 03:48:27.917573929 CET | 48289 | 53 | 192.168.2.15 | 168.235.111.72 |
Mar 4, 2025 03:48:28.005429983 CET | 53 | 48289 | 168.235.111.72 | 192.168.2.15 |
Mar 4, 2025 03:48:28.007334948 CET | 35706 | 53 | 192.168.2.15 | 168.235.111.72 |
Mar 4, 2025 03:48:28.094758987 CET | 53 | 35706 | 168.235.111.72 | 192.168.2.15 |
Mar 4, 2025 03:48:28.096786022 CET | 35929 | 53 | 192.168.2.15 | 168.235.111.72 |
Mar 4, 2025 03:48:28.187994957 CET | 53 | 35929 | 168.235.111.72 | 192.168.2.15 |
Mar 4, 2025 03:48:28.189831018 CET | 60912 | 53 | 192.168.2.15 | 168.235.111.72 |
Mar 4, 2025 03:48:28.279175997 CET | 53 | 60912 | 168.235.111.72 | 192.168.2.15 |
Mar 4, 2025 03:48:28.280502081 CET | 33553 | 53 | 192.168.2.15 | 168.235.111.72 |
Mar 4, 2025 03:48:28.368906975 CET | 53 | 33553 | 168.235.111.72 | 192.168.2.15 |
Mar 4, 2025 03:48:38.942591906 CET | 55017 | 53 | 192.168.2.15 | 185.181.61.24 |
Mar 4, 2025 03:48:38.980079889 CET | 53 | 55017 | 185.181.61.24 | 192.168.2.15 |
Mar 4, 2025 03:48:38.982171059 CET | 52296 | 53 | 192.168.2.15 | 185.181.61.24 |
Mar 4, 2025 03:48:39.019689083 CET | 53 | 52296 | 185.181.61.24 | 192.168.2.15 |
Mar 4, 2025 03:48:39.021752119 CET | 40266 | 53 | 192.168.2.15 | 185.181.61.24 |
Mar 4, 2025 03:48:39.059221029 CET | 53 | 40266 | 185.181.61.24 | 192.168.2.15 |
Mar 4, 2025 03:48:39.061196089 CET | 38285 | 53 | 192.168.2.15 | 185.181.61.24 |
Mar 4, 2025 03:48:39.098578930 CET | 53 | 38285 | 185.181.61.24 | 192.168.2.15 |
Mar 4, 2025 03:48:39.100663900 CET | 48118 | 53 | 192.168.2.15 | 185.181.61.24 |
Mar 4, 2025 03:48:39.138292074 CET | 53 | 48118 | 185.181.61.24 | 192.168.2.15 |
Mar 4, 2025 03:48:49.739145041 CET | 38267 | 53 | 192.168.2.15 | 81.169.136.222 |
Mar 4, 2025 03:48:49.770539999 CET | 53 | 38267 | 81.169.136.222 | 192.168.2.15 |
Mar 4, 2025 03:48:49.771635056 CET | 53684 | 53 | 192.168.2.15 | 81.169.136.222 |
Mar 4, 2025 03:48:49.803081989 CET | 53 | 53684 | 81.169.136.222 | 192.168.2.15 |
Mar 4, 2025 03:48:49.804106951 CET | 42021 | 53 | 192.168.2.15 | 81.169.136.222 |
Mar 4, 2025 03:48:49.835093021 CET | 53 | 42021 | 81.169.136.222 | 192.168.2.15 |
Mar 4, 2025 03:48:49.836479902 CET | 40731 | 53 | 192.168.2.15 | 81.169.136.222 |
Mar 4, 2025 03:48:49.867887020 CET | 53 | 40731 | 81.169.136.222 | 192.168.2.15 |
Mar 4, 2025 03:48:49.869642019 CET | 51103 | 53 | 192.168.2.15 | 81.169.136.222 |
Mar 4, 2025 03:48:49.900918007 CET | 53 | 51103 | 81.169.136.222 | 192.168.2.15 |
Mar 4, 2025 03:49:00.472552061 CET | 46025 | 53 | 192.168.2.15 | 168.235.111.72 |
Mar 4, 2025 03:49:00.566097975 CET | 53 | 46025 | 168.235.111.72 | 192.168.2.15 |
Mar 4, 2025 03:49:00.568698883 CET | 47129 | 53 | 192.168.2.15 | 168.235.111.72 |
Mar 4, 2025 03:49:00.657872915 CET | 53 | 47129 | 168.235.111.72 | 192.168.2.15 |
Mar 4, 2025 03:49:00.660152912 CET | 60567 | 53 | 192.168.2.15 | 168.235.111.72 |
Mar 4, 2025 03:49:00.747507095 CET | 53 | 60567 | 168.235.111.72 | 192.168.2.15 |
Mar 4, 2025 03:49:00.750189066 CET | 35964 | 53 | 192.168.2.15 | 168.235.111.72 |
Mar 4, 2025 03:49:00.839553118 CET | 53 | 35964 | 168.235.111.72 | 192.168.2.15 |
Mar 4, 2025 03:49:00.841995001 CET | 42767 | 53 | 192.168.2.15 | 168.235.111.72 |
Mar 4, 2025 03:49:00.930934906 CET | 53 | 42767 | 168.235.111.72 | 192.168.2.15 |
Mar 4, 2025 03:49:11.504659891 CET | 59890 | 53 | 192.168.2.15 | 194.36.144.87 |
Mar 4, 2025 03:49:11.521759033 CET | 53 | 59890 | 194.36.144.87 | 192.168.2.15 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 4, 2025 03:47:13.836800098 CET | 192.168.2.15 | 152.53.15.127 | 0xed34 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:47:24.088044882 CET | 192.168.2.15 | 202.61.197.122 | 0xef7b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:47:34.902545929 CET | 192.168.2.15 | 194.36.144.87 | 0x7d5a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:47:45.490015984 CET | 192.168.2.15 | 81.169.136.222 | 0xcb37 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:47:45.526027918 CET | 192.168.2.15 | 81.169.136.222 | 0xcb37 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:47:45.559231997 CET | 192.168.2.15 | 81.169.136.222 | 0xcb37 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:47:45.593441963 CET | 192.168.2.15 | 81.169.136.222 | 0xcb37 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:47:45.626944065 CET | 192.168.2.15 | 81.169.136.222 | 0xcb37 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:47:56.250716925 CET | 192.168.2.15 | 185.181.61.24 | 0x78c2 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:48:06.845238924 CET | 192.168.2.15 | 152.53.15.127 | 0xc172 | Standard query (0) | 256 | 486 | false | |
Mar 4, 2025 03:48:06.865091085 CET | 192.168.2.15 | 152.53.15.127 | 0xc172 | Standard query (0) | 256 | 486 | false | |
Mar 4, 2025 03:48:06.885323048 CET | 192.168.2.15 | 152.53.15.127 | 0xc172 | Standard query (0) | 256 | 486 | false | |
Mar 4, 2025 03:48:06.905776024 CET | 192.168.2.15 | 152.53.15.127 | 0xc172 | Standard query (0) | 256 | 486 | false | |
Mar 4, 2025 03:48:06.925708055 CET | 192.168.2.15 | 152.53.15.127 | 0xc172 | Standard query (0) | 256 | 486 | false | |
Mar 4, 2025 03:48:17.509505033 CET | 192.168.2.15 | 185.181.61.24 | 0xeca3 | Standard query (0) | 256 | 497 | false | |
Mar 4, 2025 03:48:17.548887968 CET | 192.168.2.15 | 185.181.61.24 | 0xeca3 | Standard query (0) | 256 | 497 | false | |
Mar 4, 2025 03:48:17.588501930 CET | 192.168.2.15 | 185.181.61.24 | 0xeca3 | Standard query (0) | 256 | 497 | false | |
Mar 4, 2025 03:48:17.627696037 CET | 192.168.2.15 | 185.181.61.24 | 0xeca3 | Standard query (0) | 256 | 497 | false | |
Mar 4, 2025 03:48:17.667190075 CET | 192.168.2.15 | 185.181.61.24 | 0xeca3 | Standard query (0) | 256 | 497 | false | |
Mar 4, 2025 03:48:27.917573929 CET | 192.168.2.15 | 168.235.111.72 | 0xe467 | Standard query (0) | 256 | 507 | false | |
Mar 4, 2025 03:48:28.007334948 CET | 192.168.2.15 | 168.235.111.72 | 0xe467 | Standard query (0) | 256 | 508 | false | |
Mar 4, 2025 03:48:28.096786022 CET | 192.168.2.15 | 168.235.111.72 | 0xe467 | Standard query (0) | 256 | 508 | false | |
Mar 4, 2025 03:48:28.189831018 CET | 192.168.2.15 | 168.235.111.72 | 0xe467 | Standard query (0) | 256 | 508 | false | |
Mar 4, 2025 03:48:28.280502081 CET | 192.168.2.15 | 168.235.111.72 | 0xe467 | Standard query (0) | 256 | 508 | false | |
Mar 4, 2025 03:48:38.942591906 CET | 192.168.2.15 | 185.181.61.24 | 0x5fe6 | Standard query (0) | 256 | 262 | false | |
Mar 4, 2025 03:48:38.982171059 CET | 192.168.2.15 | 185.181.61.24 | 0x5fe6 | Standard query (0) | 256 | 263 | false | |
Mar 4, 2025 03:48:39.021752119 CET | 192.168.2.15 | 185.181.61.24 | 0x5fe6 | Standard query (0) | 256 | 263 | false | |
Mar 4, 2025 03:48:39.061196089 CET | 192.168.2.15 | 185.181.61.24 | 0x5fe6 | Standard query (0) | 256 | 263 | false | |
Mar 4, 2025 03:48:39.100663900 CET | 192.168.2.15 | 185.181.61.24 | 0x5fe6 | Standard query (0) | 256 | 263 | false | |
Mar 4, 2025 03:48:49.739145041 CET | 192.168.2.15 | 81.169.136.222 | 0xc916 | Standard query (0) | 256 | 273 | false | |
Mar 4, 2025 03:48:49.771635056 CET | 192.168.2.15 | 81.169.136.222 | 0xc916 | Standard query (0) | 256 | 273 | false | |
Mar 4, 2025 03:48:49.804106951 CET | 192.168.2.15 | 81.169.136.222 | 0xc916 | Standard query (0) | 256 | 273 | false | |
Mar 4, 2025 03:48:49.836479902 CET | 192.168.2.15 | 81.169.136.222 | 0xc916 | Standard query (0) | 256 | 273 | false | |
Mar 4, 2025 03:48:49.869642019 CET | 192.168.2.15 | 81.169.136.222 | 0xc916 | Standard query (0) | 256 | 273 | false | |
Mar 4, 2025 03:49:00.472552061 CET | 192.168.2.15 | 168.235.111.72 | 0x47ac | Standard query (0) | 256 | 284 | false | |
Mar 4, 2025 03:49:00.568698883 CET | 192.168.2.15 | 168.235.111.72 | 0x47ac | Standard query (0) | 256 | 284 | false | |
Mar 4, 2025 03:49:00.660152912 CET | 192.168.2.15 | 168.235.111.72 | 0x47ac | Standard query (0) | 256 | 284 | false | |
Mar 4, 2025 03:49:00.750189066 CET | 192.168.2.15 | 168.235.111.72 | 0x47ac | Standard query (0) | 256 | 284 | false | |
Mar 4, 2025 03:49:00.841995001 CET | 192.168.2.15 | 168.235.111.72 | 0x47ac | Standard query (0) | 256 | 284 | false | |
Mar 4, 2025 03:49:11.504659891 CET | 192.168.2.15 | 194.36.144.87 | 0xea47 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 4, 2025 03:47:13.854707003 CET | 152.53.15.127 | 192.168.2.15 | 0xed34 | No error (0) | 46.19.143.10 | A (IP address) | IN (0x0001) | false | ||
Mar 4, 2025 03:47:24.106555939 CET | 202.61.197.122 | 192.168.2.15 | 0xef7b | No error (0) | 185.159.74.127 | A (IP address) | IN (0x0001) | false | ||
Mar 4, 2025 03:47:24.106555939 CET | 202.61.197.122 | 192.168.2.15 | 0xef7b | No error (0) | 46.19.143.10 | A (IP address) | IN (0x0001) | false | ||
Mar 4, 2025 03:47:34.925882101 CET | 194.36.144.87 | 192.168.2.15 | 0x7d5a | No error (0) | 46.19.143.10 | A (IP address) | IN (0x0001) | false | ||
Mar 4, 2025 03:47:45.524311066 CET | 81.169.136.222 | 192.168.2.15 | 0xcb37 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:47:45.557591915 CET | 81.169.136.222 | 192.168.2.15 | 0xcb37 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:47:45.591871023 CET | 81.169.136.222 | 192.168.2.15 | 0xcb37 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:47:45.625277996 CET | 81.169.136.222 | 192.168.2.15 | 0xcb37 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:47:45.660013914 CET | 81.169.136.222 | 192.168.2.15 | 0xcb37 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
Mar 4, 2025 03:47:56.288199902 CET | 185.181.61.24 | 192.168.2.15 | 0x78c2 | No error (0) | 46.19.143.10 | A (IP address) | IN (0x0001) | false | ||
Mar 4, 2025 03:48:06.863373995 CET | 152.53.15.127 | 192.168.2.15 | 0xc172 | Format error (1) | none | none | 256 | 486 | false | |
Mar 4, 2025 03:48:06.883708000 CET | 152.53.15.127 | 192.168.2.15 | 0xc172 | Format error (1) | none | none | 256 | 486 | false | |
Mar 4, 2025 03:48:06.904256105 CET | 152.53.15.127 | 192.168.2.15 | 0xc172 | Format error (1) | none | none | 256 | 486 | false | |
Mar 4, 2025 03:48:06.923927069 CET | 152.53.15.127 | 192.168.2.15 | 0xc172 | Format error (1) | none | none | 256 | 486 | false | |
Mar 4, 2025 03:48:06.944479942 CET | 152.53.15.127 | 192.168.2.15 | 0xc172 | Format error (1) | none | none | 256 | 486 | false | |
Mar 4, 2025 03:49:11.521759033 CET | 194.36.144.87 | 192.168.2.15 | 0xea47 | No error (0) | 46.19.143.10 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 02:47:13 |
Start date (UTC): | 04/03/2025 |
Path: | /tmp/zerspc.elf |
Arguments: | /tmp/zerspc.elf |
File size: | 4379400 bytes |
MD5 hash: | 7dc1c0e23cd5e102bb12e5c29403410e |
Start time (UTC): | 02:47:13 |
Start date (UTC): | 04/03/2025 |
Path: | /tmp/zerspc.elf |
Arguments: | - |
File size: | 4379400 bytes |
MD5 hash: | 7dc1c0e23cd5e102bb12e5c29403410e |
Start time (UTC): | 02:47:13 |
Start date (UTC): | 04/03/2025 |
Path: | /tmp/zerspc.elf |
Arguments: | - |
File size: | 4379400 bytes |
MD5 hash: | 7dc1c0e23cd5e102bb12e5c29403410e |