Linux
Analysis Report
nimips.elf
Overview
General Information
Detection
Score: | 60 |
Range: | 0 - 100 |
Signatures
Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Connects to many ports of the same IP (likely port scanning)
Detected TCP or UDP traffic on non-standard ports
Enumerates processes within the "proc" file system
Executes the "rm" command used to delete files or directories
Sample has stripped symbol table
Sample listens on a socket
Uses the "uname" system call to query kernel version information (possible evasion)
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1635960 |
Start date and time: | 2025-03-12 09:05:06 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 37s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | nimips.elf |
Detection: | MAL |
Classification: | mal60.troj.linELF@0/2@0/0 |
Command: | /tmp/nimips.elf |
PID: | 5517 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | For God so loved the world |
Standard Error: |
- system is lnxubuntu20
- dash New Fork (PID: 5507, Parent: 3670)
- dash New Fork (PID: 5508, Parent: 3670)
- nimips.elf New Fork (PID: 5529, Parent: 5517)
- cleanup
⊘No yara matches
⊘No Suricata rule has matched
- • AV Detection
- • Networking
- • System Summary
- • Persistence and Installation Behavior
- • Malware Analysis System Evasion
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Avira: |
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Networking |
---|
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | UDP traffic: |
Source: | Socket: | Jump to behavior |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | String found in binary or memory: |
Source: | .symtab present: |
Source: | Classification label: |
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Rm executable: | Jump to behavior | ||
Source: | Rm executable: | Jump to behavior |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | 1 File Deletion | 1 OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
⊘No configs have been found
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
20% | Virustotal | Browse | ||
18% | ReversingLabs | Linux.Trojan.Mirai | ||
100% | Avira | EXP/ELF.Agent.J.8 |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No contacted domains info
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
156.244.6.124 | unknown | Seychelles | 132839 | POWERLINE-AS-APPOWERLINEDATACENTERHK | true | |
154.205.157.159 | unknown | Seychelles | 26484 | IKGUL-26484US | false | |
154.205.155.243 | unknown | Seychelles | 26484 | IKGUL-26484US | false | |
156.244.14.93 | unknown | Seychelles | 132839 | POWERLINE-AS-APPOWERLINEDATACENTERHK | false | |
156.244.13.166 | unknown | Seychelles | 132839 | POWERLINE-AS-APPOWERLINEDATACENTERHK | true | |
154.205.155.97 | unknown | Seychelles | 26484 | IKGUL-26484US | true | |
74.125.250.129 | unknown | United States | 15169 | GOOGLEUS | false | |
156.244.44.239 | unknown | Seychelles | 132839 | POWERLINE-AS-APPOWERLINEDATACENTERHK | true |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
156.244.6.124 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
154.205.157.159 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
156.244.14.93 | Get hash | malicious | Unknown | Browse | ||
156.244.13.166 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
154.205.155.97 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
156.244.44.239 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse |
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
IKGUL-26484US | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
POWERLINE-AS-APPOWERLINEDATACENTERHK | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
POWERLINE-AS-APPOWERLINEDATACENTERHK | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
IKGUL-26484US | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
Process: | /tmp/nimips.elf |
File Type: | |
Category: | dropped |
Size (bytes): | 16 |
Entropy (8bit): | 3.5 |
Encrypted: | false |
SSDEEP: | 3:TgF03n:TgU |
MD5: | 4D28E55E74CD0D53BAACADA13DD5507E |
SHA1: | 55E77DA643437917673B1729630AF37D72B04A57 |
SHA-256: | CC56840CB1AAE05A8CF7236A813D2C79FC65E01FFC1E2794BC9BAC77A13A72B9 |
SHA-512: | 2EEFE4DA52AAB7F47B7EA12C082A546666877371D442282254B45EFCF009AFBDFBF4DA9298487BC7DF8F4940D654A3AEA254E1BA50DD46BC77B4157726BCE325 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | /tmp/nimips.elf |
File Type: | |
Category: | dropped |
Size (bytes): | 16 |
Entropy (8bit): | 3.5 |
Encrypted: | false |
SSDEEP: | 3:TgF03n:TgU |
MD5: | 4D28E55E74CD0D53BAACADA13DD5507E |
SHA1: | 55E77DA643437917673B1729630AF37D72B04A57 |
SHA-256: | CC56840CB1AAE05A8CF7236A813D2C79FC65E01FFC1E2794BC9BAC77A13A72B9 |
SHA-512: | 2EEFE4DA52AAB7F47B7EA12C082A546666877371D442282254B45EFCF009AFBDFBF4DA9298487BC7DF8F4940D654A3AEA254E1BA50DD46BC77B4157726BCE325 |
Malicious: | false |
Reputation: | low |
Preview: |
File type: | |
Entropy (8bit): | 5.519665250965247 |
TrID: |
|
File name: | nimips.elf |
File size: | 85'104 bytes |
MD5: | 833feb0df15c75d09fd2f10ffbd7b5e0 |
SHA1: | 839be5d2776caada6254e9457071f862c643432b |
SHA256: | 5b339544ba55c78bff25dbd5e737cd854d6c61d5ed3b1866d6d5fe110a8a9d7e |
SHA512: | 74364af6f497e08d95245c1c040f5c56e962966f55f1c1c87d99a61279a0abaedfb8aa204b7209dc2c4a306faa3f6448864cb2f29ae33bb9b672d714263eb582 |
SSDEEP: | 1536:LM6Ek3io/h7l7yDahFSFC0F1cuvvRfZvS011ZHs6euTbFWa:LM6EDo/h70ahFSj5xv53Hpbx |
TLSH: | A183D90F2E65CFADF26DC33447B74A31936923D522E1C685D2ACE2111F6434EA45FBA8 |
File Content Preview: | .ELF.....................@.`...4..J......4. ...(.............@...@....?...?...............@..E@..E@....D..l$........dt.Q............................<...'......!'.......................<...'......!... ....'9... ......................<...'..h...!........'9& |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 84624 |
Section Header Size: | 40 |
Number of Section Headers: | 12 |
Header String Table Index: | 11 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x400094 | 0x94 | 0x8c | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.text | PROGBITS | 0x400120 | 0x120 | 0x125e0 | 0x0 | 0x6 | AX | 0 | 0 | 16 |
.fini | PROGBITS | 0x412700 | 0x12700 | 0x5c | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.rodata | PROGBITS | 0x412760 | 0x12760 | 0x1870 | 0x0 | 0x2 | A | 0 | 0 | 16 |
.ctors | PROGBITS | 0x454000 | 0x14000 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x454008 | 0x14008 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x454020 | 0x14020 | 0x434 | 0x0 | 0x3 | WA | 0 | 0 | 16 |
.got | PROGBITS | 0x454460 | 0x14460 | 0x5e4 | 0x4 | 0x10000003 | WAp | 0 | 0 | 16 |
.sbss | NOBITS | 0x454a44 | 0x14a44 | 0x14 | 0x0 | 0x10000003 | WAp | 0 | 0 | 4 |
.bss | NOBITS | 0x454a60 | 0x14a44 | 0x61c4 | 0x0 | 0x3 | WA | 0 | 0 | 16 |
.shstrtab | STRTAB | 0x0 | 0x14a44 | 0x49 | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x400000 | 0x400000 | 0x13fd0 | 0x13fd0 | 5.5616 | 0x5 | R E | 0x10000 | .init .text .fini .rodata | |
LOAD | 0x14000 | 0x454000 | 0x454000 | 0xa44 | 0x6c24 | 3.5644 | 0x6 | RW | 0x10000 | .ctors .dtors .data .got .sbss .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x7 | RWE | 0x4 |
Download Network PCAP: filtered – full
- Total Packets: 104
- 2 Ports have been hidden.
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 12, 2025 09:05:49.450234890 CET | 57432 | 7680 | 192.168.2.15 | 154.205.155.243 |
Mar 12, 2025 09:05:49.469615936 CET | 7680 | 57432 | 154.205.155.243 | 192.168.2.15 |
Mar 12, 2025 09:05:49.469732046 CET | 57432 | 7680 | 192.168.2.15 | 154.205.155.243 |
Mar 12, 2025 09:05:50.055377960 CET | 7680 | 57432 | 154.205.155.243 | 192.168.2.15 |
Mar 12, 2025 09:05:50.056807041 CET | 57432 | 7680 | 192.168.2.15 | 154.205.155.243 |
Mar 12, 2025 09:05:50.147697926 CET | 7680 | 57432 | 154.205.155.243 | 192.168.2.15 |
Mar 12, 2025 09:05:50.149936914 CET | 57432 | 7680 | 192.168.2.15 | 154.205.155.243 |
Mar 12, 2025 09:05:55.941111088 CET | 57432 | 7680 | 192.168.2.15 | 154.205.155.243 |
Mar 12, 2025 09:05:55.945899963 CET | 7680 | 57432 | 154.205.155.243 | 192.168.2.15 |
Mar 12, 2025 09:05:56.255506039 CET | 7680 | 57432 | 154.205.155.243 | 192.168.2.15 |
Mar 12, 2025 09:05:56.255917072 CET | 57432 | 7680 | 192.168.2.15 | 154.205.155.243 |
Mar 12, 2025 09:05:56.260749102 CET | 7680 | 57432 | 154.205.155.243 | 192.168.2.15 |
Mar 12, 2025 09:05:57.257802010 CET | 52278 | 26141 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:05:57.262640953 CET | 26141 | 52278 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:05:57.262713909 CET | 52278 | 26141 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:05:58.231502056 CET | 26141 | 52278 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:05:58.231678009 CET | 52278 | 26141 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:05:58.594455957 CET | 26141 | 52278 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:05:58.594784975 CET | 52278 | 26141 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:03.712675095 CET | 52278 | 26141 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:03.717737913 CET | 26141 | 52278 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:04.112289906 CET | 26141 | 52278 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:04.112533092 CET | 52278 | 26141 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:04.117240906 CET | 26141 | 52278 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:05.114464045 CET | 57992 | 49722 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:06:05.119282007 CET | 49722 | 57992 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:06:05.119359970 CET | 57992 | 49722 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:06:05.677733898 CET | 49722 | 57992 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:06:05.677865982 CET | 57992 | 49722 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:06:05.764384031 CET | 49722 | 57992 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:06:05.764506102 CET | 57992 | 49722 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:06:11.606878042 CET | 57992 | 49722 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:06:11.611546040 CET | 49722 | 57992 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:06:11.772489071 CET | 49722 | 57992 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:06:11.772648096 CET | 57992 | 49722 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:06:11.777333021 CET | 49722 | 57992 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:06:12.774808884 CET | 45818 | 41763 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:12.779562950 CET | 41763 | 45818 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:12.779638052 CET | 45818 | 41763 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:13.743180990 CET | 41763 | 45818 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:13.743401051 CET | 45818 | 41763 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:14.088491917 CET | 41763 | 45818 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:14.088654041 CET | 45818 | 41763 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:19.245702982 CET | 45818 | 41763 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:19.250591993 CET | 41763 | 45818 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:19.643256903 CET | 41763 | 45818 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:19.643599033 CET | 45818 | 41763 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:19.648426056 CET | 41763 | 45818 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:20.645785093 CET | 34446 | 50182 | 192.168.2.15 | 156.244.44.239 |
Mar 12, 2025 09:06:20.650497913 CET | 50182 | 34446 | 156.244.44.239 | 192.168.2.15 |
Mar 12, 2025 09:06:20.650595903 CET | 34446 | 50182 | 192.168.2.15 | 156.244.44.239 |
Mar 12, 2025 09:06:21.205595970 CET | 50182 | 34446 | 156.244.44.239 | 192.168.2.15 |
Mar 12, 2025 09:06:21.205766916 CET | 34446 | 50182 | 192.168.2.15 | 156.244.44.239 |
Mar 12, 2025 09:06:21.292264938 CET | 50182 | 34446 | 156.244.44.239 | 192.168.2.15 |
Mar 12, 2025 09:06:21.292490959 CET | 34446 | 50182 | 192.168.2.15 | 156.244.44.239 |
Mar 12, 2025 09:06:27.104226112 CET | 34446 | 50182 | 192.168.2.15 | 156.244.44.239 |
Mar 12, 2025 09:06:27.109421015 CET | 50182 | 34446 | 156.244.44.239 | 192.168.2.15 |
Mar 12, 2025 09:06:27.270301104 CET | 50182 | 34446 | 156.244.44.239 | 192.168.2.15 |
Mar 12, 2025 09:06:27.270416021 CET | 34446 | 50182 | 192.168.2.15 | 156.244.44.239 |
Mar 12, 2025 09:06:27.275827885 CET | 50182 | 34446 | 156.244.44.239 | 192.168.2.15 |
Mar 12, 2025 09:06:28.272264957 CET | 53110 | 35086 | 192.168.2.15 | 154.205.155.97 |
Mar 12, 2025 09:06:28.277085066 CET | 35086 | 53110 | 154.205.155.97 | 192.168.2.15 |
Mar 12, 2025 09:06:28.277180910 CET | 53110 | 35086 | 192.168.2.15 | 154.205.155.97 |
Mar 12, 2025 09:06:28.853638887 CET | 35086 | 53110 | 154.205.155.97 | 192.168.2.15 |
Mar 12, 2025 09:06:28.853859901 CET | 53110 | 35086 | 192.168.2.15 | 154.205.155.97 |
Mar 12, 2025 09:06:28.944199085 CET | 35086 | 53110 | 154.205.155.97 | 192.168.2.15 |
Mar 12, 2025 09:06:28.944299936 CET | 53110 | 35086 | 192.168.2.15 | 154.205.155.97 |
Mar 12, 2025 09:06:34.737967968 CET | 53110 | 35086 | 192.168.2.15 | 154.205.155.97 |
Mar 12, 2025 09:06:34.742806911 CET | 35086 | 53110 | 154.205.155.97 | 192.168.2.15 |
Mar 12, 2025 09:06:34.907857895 CET | 35086 | 53110 | 154.205.155.97 | 192.168.2.15 |
Mar 12, 2025 09:06:34.908016920 CET | 53110 | 35086 | 192.168.2.15 | 154.205.155.97 |
Mar 12, 2025 09:06:34.912705898 CET | 35086 | 53110 | 154.205.155.97 | 192.168.2.15 |
Mar 12, 2025 09:06:35.909784079 CET | 56978 | 46164 | 192.168.2.15 | 156.244.14.93 |
Mar 12, 2025 09:06:35.914568901 CET | 46164 | 56978 | 156.244.14.93 | 192.168.2.15 |
Mar 12, 2025 09:06:35.914654970 CET | 56978 | 46164 | 192.168.2.15 | 156.244.14.93 |
Mar 12, 2025 09:06:36.493526936 CET | 46164 | 56978 | 156.244.14.93 | 192.168.2.15 |
Mar 12, 2025 09:06:36.493659019 CET | 56978 | 46164 | 192.168.2.15 | 156.244.14.93 |
Mar 12, 2025 09:06:36.594511032 CET | 46164 | 56978 | 156.244.14.93 | 192.168.2.15 |
Mar 12, 2025 09:06:36.594605923 CET | 56978 | 46164 | 192.168.2.15 | 156.244.14.93 |
Mar 12, 2025 09:06:42.387408972 CET | 56978 | 46164 | 192.168.2.15 | 156.244.14.93 |
Mar 12, 2025 09:06:42.392157078 CET | 46164 | 56978 | 156.244.14.93 | 192.168.2.15 |
Mar 12, 2025 09:06:42.555394888 CET | 46164 | 56978 | 156.244.14.93 | 192.168.2.15 |
Mar 12, 2025 09:06:42.555562973 CET | 56978 | 46164 | 192.168.2.15 | 156.244.14.93 |
Mar 12, 2025 09:06:42.560317039 CET | 46164 | 56978 | 156.244.14.93 | 192.168.2.15 |
Mar 12, 2025 09:06:43.557588100 CET | 47418 | 5102 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:43.562402010 CET | 5102 | 47418 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:43.562470913 CET | 47418 | 5102 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:44.537098885 CET | 5102 | 47418 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:44.537261963 CET | 47418 | 5102 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:44.893003941 CET | 5102 | 47418 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:44.893100977 CET | 47418 | 5102 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:50.012728930 CET | 47418 | 5102 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:50.017436981 CET | 5102 | 47418 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:50.415610075 CET | 5102 | 47418 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:50.415869951 CET | 47418 | 5102 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:06:50.421542883 CET | 5102 | 47418 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:06:51.417444944 CET | 41540 | 7680 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:06:51.422173977 CET | 7680 | 41540 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:06:51.422235012 CET | 41540 | 7680 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:06:52.019418955 CET | 7680 | 41540 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:06:52.019728899 CET | 41540 | 7680 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:06:52.107898951 CET | 7680 | 41540 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:06:52.108027935 CET | 41540 | 7680 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:06:55.223207951 CET | 7680 | 41540 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:06:55.223345041 CET | 41540 | 7680 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:06:57.906826973 CET | 41540 | 7680 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:06:57.913408041 CET | 7680 | 41540 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:06:57.913520098 CET | 41540 | 7680 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:07:12.923177004 CET | 38492 | 29486 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:07:12.928028107 CET | 29486 | 38492 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:07:12.928143978 CET | 38492 | 29486 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:07:13.495294094 CET | 29486 | 38492 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:07:13.495446920 CET | 38492 | 29486 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:07:13.596221924 CET | 29486 | 38492 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:07:13.596330881 CET | 38492 | 29486 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:07:19.394051075 CET | 38492 | 29486 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:07:19.398737907 CET | 29486 | 38492 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:07:19.559772968 CET | 29486 | 38492 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:07:19.560091972 CET | 38492 | 29486 | 192.168.2.15 | 156.244.13.166 |
Mar 12, 2025 09:07:19.564800024 CET | 29486 | 38492 | 156.244.13.166 | 192.168.2.15 |
Mar 12, 2025 09:07:20.562134981 CET | 42142 | 7680 | 192.168.2.15 | 154.205.155.97 |
Mar 12, 2025 09:07:20.572060108 CET | 7680 | 42142 | 154.205.155.97 | 192.168.2.15 |
Mar 12, 2025 09:07:20.572143078 CET | 42142 | 7680 | 192.168.2.15 | 154.205.155.97 |
Mar 12, 2025 09:07:21.156042099 CET | 7680 | 42142 | 154.205.155.97 | 192.168.2.15 |
Mar 12, 2025 09:07:21.156137943 CET | 42142 | 7680 | 192.168.2.15 | 154.205.155.97 |
Mar 12, 2025 09:07:21.244621992 CET | 7680 | 42142 | 154.205.155.97 | 192.168.2.15 |
Mar 12, 2025 09:07:21.244690895 CET | 42142 | 7680 | 192.168.2.15 | 154.205.155.97 |
Mar 12, 2025 09:07:27.028722048 CET | 42142 | 7680 | 192.168.2.15 | 154.205.155.97 |
Mar 12, 2025 09:07:27.033538103 CET | 7680 | 42142 | 154.205.155.97 | 192.168.2.15 |
Mar 12, 2025 09:07:27.194858074 CET | 7680 | 42142 | 154.205.155.97 | 192.168.2.15 |
Mar 12, 2025 09:07:27.195080996 CET | 42142 | 7680 | 192.168.2.15 | 154.205.155.97 |
Mar 12, 2025 09:07:27.199867964 CET | 7680 | 42142 | 154.205.155.97 | 192.168.2.15 |
Mar 12, 2025 09:07:28.197223902 CET | 58292 | 30751 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:07:28.202271938 CET | 30751 | 58292 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:07:28.202353001 CET | 58292 | 30751 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:07:29.167956114 CET | 30751 | 58292 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:07:29.168179989 CET | 58292 | 30751 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:07:29.527924061 CET | 30751 | 58292 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:07:29.528218031 CET | 58292 | 30751 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:07:34.652203083 CET | 58292 | 30751 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:07:34.656977892 CET | 30751 | 58292 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:07:35.074227095 CET | 30751 | 58292 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:07:35.074600935 CET | 58292 | 30751 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:07:35.079406977 CET | 30751 | 58292 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:07:36.076422930 CET | 45836 | 41763 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:07:36.081818104 CET | 41763 | 45836 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:07:36.081933022 CET | 45836 | 41763 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:07:37.035407066 CET | 41763 | 45836 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:07:37.035612106 CET | 45836 | 41763 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:07:37.381653070 CET | 41763 | 45836 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:07:37.381793022 CET | 45836 | 41763 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:07:42.530328035 CET | 45836 | 41763 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:07:42.535011053 CET | 41763 | 45836 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:07:42.922646999 CET | 41763 | 45836 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:07:42.922812939 CET | 45836 | 41763 | 192.168.2.15 | 156.244.6.124 |
Mar 12, 2025 09:07:42.927562952 CET | 41763 | 45836 | 156.244.6.124 | 192.168.2.15 |
Mar 12, 2025 09:07:43.924365044 CET | 54380 | 26141 | 192.168.2.15 | 154.205.157.159 |
Mar 12, 2025 09:07:43.929069996 CET | 26141 | 54380 | 154.205.157.159 | 192.168.2.15 |
Mar 12, 2025 09:07:43.929137945 CET | 54380 | 26141 | 192.168.2.15 | 154.205.157.159 |
Mar 12, 2025 09:07:44.521296978 CET | 26141 | 54380 | 154.205.157.159 | 192.168.2.15 |
Mar 12, 2025 09:07:44.521433115 CET | 54380 | 26141 | 192.168.2.15 | 154.205.157.159 |
Mar 12, 2025 09:07:44.609761953 CET | 26141 | 54380 | 154.205.157.159 | 192.168.2.15 |
Mar 12, 2025 09:07:44.609865904 CET | 54380 | 26141 | 192.168.2.15 | 154.205.157.159 |
Mar 12, 2025 09:07:50.380997896 CET | 54380 | 26141 | 192.168.2.15 | 154.205.157.159 |
Mar 12, 2025 09:07:50.385776043 CET | 26141 | 54380 | 154.205.157.159 | 192.168.2.15 |
Mar 12, 2025 09:07:50.546711922 CET | 26141 | 54380 | 154.205.157.159 | 192.168.2.15 |
Mar 12, 2025 09:07:50.547046900 CET | 54380 | 26141 | 192.168.2.15 | 154.205.157.159 |
Mar 12, 2025 09:07:50.551772118 CET | 26141 | 54380 | 154.205.157.159 | 192.168.2.15 |
Mar 12, 2025 09:07:51.548294067 CET | 42404 | 52962 | 192.168.2.15 | 156.244.14.93 |
Mar 12, 2025 09:07:51.553106070 CET | 52962 | 42404 | 156.244.14.93 | 192.168.2.15 |
Mar 12, 2025 09:07:51.553181887 CET | 42404 | 52962 | 192.168.2.15 | 156.244.14.93 |
Mar 12, 2025 09:07:52.109603882 CET | 52962 | 42404 | 156.244.14.93 | 192.168.2.15 |
Mar 12, 2025 09:07:52.109731913 CET | 42404 | 52962 | 192.168.2.15 | 156.244.14.93 |
Mar 12, 2025 09:07:52.196192980 CET | 52962 | 42404 | 156.244.14.93 | 192.168.2.15 |
Mar 12, 2025 09:07:52.196260929 CET | 42404 | 52962 | 192.168.2.15 | 156.244.14.93 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 12, 2025 09:05:50.486779928 CET | 37511 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:05:50.935803890 CET | 19302 | 37511 | 74.125.250.129 | 192.168.2.15 |
Mar 12, 2025 09:05:58.259604931 CET | 58695 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:05:58.710541964 CET | 19302 | 58695 | 74.125.250.129 | 192.168.2.15 |
Mar 12, 2025 09:06:06.116063118 CET | 44521 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:06:06.604783058 CET | 19302 | 44521 | 74.125.250.129 | 192.168.2.15 |
Mar 12, 2025 09:06:13.776550055 CET | 33633 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:06:14.243144989 CET | 19302 | 33633 | 74.125.250.129 | 192.168.2.15 |
Mar 12, 2025 09:06:21.647715092 CET | 53233 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:06:22.101768970 CET | 19302 | 53233 | 74.125.250.129 | 192.168.2.15 |
Mar 12, 2025 09:06:29.274393082 CET | 38119 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:06:29.736289024 CET | 19302 | 38119 | 74.125.250.129 | 192.168.2.15 |
Mar 12, 2025 09:06:36.911093950 CET | 46092 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:06:37.385452032 CET | 19302 | 46092 | 74.125.250.129 | 192.168.2.15 |
Mar 12, 2025 09:06:44.559199095 CET | 55576 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:06:45.010940075 CET | 19302 | 55576 | 74.125.250.129 | 192.168.2.15 |
Mar 12, 2025 09:06:52.419106007 CET | 33902 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:06:52.905220032 CET | 19302 | 33902 | 74.125.250.129 | 192.168.2.15 |
Mar 12, 2025 09:07:13.925867081 CET | 56052 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:07:14.392497063 CET | 19302 | 56052 | 74.125.250.129 | 192.168.2.15 |
Mar 12, 2025 09:07:21.564167976 CET | 35042 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:07:22.026973009 CET | 19302 | 35042 | 74.125.250.129 | 192.168.2.15 |
Mar 12, 2025 09:07:29.199054956 CET | 59881 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:07:29.649626017 CET | 19302 | 59881 | 74.125.250.129 | 192.168.2.15 |
Mar 12, 2025 09:07:37.078353882 CET | 53654 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:07:37.528518915 CET | 19302 | 53654 | 74.125.250.129 | 192.168.2.15 |
Mar 12, 2025 09:07:44.925671101 CET | 52693 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:07:45.379353046 CET | 19302 | 52693 | 74.125.250.129 | 192.168.2.15 |
Mar 12, 2025 09:07:52.549588919 CET | 54303 | 19302 | 192.168.2.15 | 74.125.250.129 |
Mar 12, 2025 09:07:53.019531012 CET | 19302 | 54303 | 74.125.250.129 | 192.168.2.15 |
System Behavior
Start time (UTC): | 08:05:39 |
Start date (UTC): | 12/03/2025 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:05:39 |
Start date (UTC): | 12/03/2025 |
Path: | /usr/bin/rm |
Arguments: | rm -f /tmp/tmp.WtMgtKnvIZ /tmp/tmp.44CFdAkDOy /tmp/tmp.klGVCjsXl9 |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
Start time (UTC): | 08:05:39 |
Start date (UTC): | 12/03/2025 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:05:39 |
Start date (UTC): | 12/03/2025 |
Path: | /usr/bin/rm |
Arguments: | rm -f /tmp/tmp.WtMgtKnvIZ /tmp/tmp.44CFdAkDOy /tmp/tmp.klGVCjsXl9 |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
Start time (UTC): | 08:05:47 |
Start date (UTC): | 12/03/2025 |
Path: | /tmp/nimips.elf |
Arguments: | /tmp/nimips.elf |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 08:05:48 |
Start date (UTC): | 12/03/2025 |
Path: | /tmp/nimips.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |