Linux
Analysis Report
sync.arm4.elf
Overview
General Information
Detection
Score: | 72 |
Range: | 0 - 100 |
Signatures
Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Suricata IDS alerts for network traffic
Performs DNS TXT record lookups
Sample deletes itself
Detected TCP or UDP traffic on non-standard ports
Sample has stripped symbol table
Sleeps for long times indicative of sandbox evasion
Tries to resolve domain names, but no domain seems valid (expired dropper behavior)
Uses the "uname" system call to query kernel version information (possible evasion)
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1637905 |
Start date and time: | 2025-03-14 01:52:20 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 46s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | sync.arm4.elf |
Detection: | MAL |
Classification: | mal72.evad.linELF@0/0@54/0 |
- VT rate limit hit for: dnsresolve.socialgains.cf
Command: | /tmp/sync.arm4.elf |
PID: | 5483 |
Exit Code: | 1 |
Exit Code Info: | |
Killed: | False |
Standard Output: | Infect |
Standard Error: |
- system is lnxubuntu20
- sync.arm4.elf New Fork (PID: 5485, Parent: 5483)
- sync.arm4.elf New Fork (PID: 5487, Parent: 5485)
- cleanup
⊘No yara matches
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-03-14T01:53:31.876700+0100 | 2013514 | 1 | A Network Trojan was detected | 192.168.2.13 | 50640 | 1.1.1.1 | 53 | UDP |
- • AV Detection
- • Networking
- • System Summary
- • Hooking and other Techniques for Hiding and Protection
- • Malware Analysis System Evasion
- • HIPS / PFW / Operating System Protection Evasion
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Avira: |
Source: | Virustotal: | Perma Link | ||
Source: | ReversingLabs: |
Networking |
---|
Source: | Suricata IDS: |
Source: | TCP traffic: |
Source: | DNS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | .symtab present: |
Source: | Classification label: |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | File: | Jump to behavior |
Source: | Sleeps longer then 60s: | Jump to behavior | ||
Source: | Sleeps longer then 60s: | Jump to behavior |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | 1 Virtualization/Sandbox Evasion | OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 File Deletion | LSASS Memory | 1 Virtualization/Sandbox Evasion | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
⊘No configs have been found
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
47% | Virustotal | Browse | ||
61% | ReversingLabs | Linux.Backdoor.Mirai | ||
100% | Avira | ANDROID/AVE.Agent.nwhjm |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
dnsresolve.socialgains.cf | unknown | unknown | true | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.44.232.40 | unknown | Canada | 16276 | OVHFR | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
142.44.232.40 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
OVHFR | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | XWorm | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | CAPTCHA Scam ClickFix | Browse |
| ||
Get hash | malicious | HTMLPhisher, Invisible JS, Tycoon2FA | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 6.105577676829183 |
TrID: |
|
File name: | sync.arm4.elf |
File size: | 63'664 bytes |
MD5: | fc655c02778c3456d353aaa6c8af055a |
SHA1: | 1cea90c3d63d49919a792b8c6186f0739ab0966c |
SHA256: | 4434a0cbce16f250a4829995e197bc9235b17ad18ccf2d1282fc31560b12ee83 |
SHA512: | eda11253334af57ecb29d65c51a6858b9b553bb9212b1fcb933c33bdee8954c6efaab0bcf6764fff9dacc6a03610197e5f1baaf32e1c582cb17d9418fe3db376 |
SSDEEP: | 1536:vZkv7nAW27YkQT/sENxNdJtO4+6w3cHazvaM:WhkQT/LNxfJtOWi5aM |
TLSH: | CF534A52F8C2A613C5D4167AFA4F428C371257E9E2DF7603CE294F6237AB46B0EA7411 |
File Content Preview: | .ELF...a..........(.........4... .......4. ...(.....................................................................Q.td..................................-...L."....5..........0@-.\P...0....S.0...P@...0... ....R......0...0...........0... ....R..... 0....S |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 63264 |
Section Header Size: | 40 |
Number of Section Headers: | 10 |
Header String Table Index: | 9 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x8094 | 0x94 | 0x18 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.text | PROGBITS | 0x80b0 | 0xb0 | 0xd770 | 0x0 | 0x6 | AX | 0 | 0 | 16 |
.fini | PROGBITS | 0x15820 | 0xd820 | 0x14 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.rodata | PROGBITS | 0x15834 | 0xd834 | 0x1ab8 | 0x0 | 0x2 | A | 0 | 0 | 4 |
.ctors | PROGBITS | 0x1f2f0 | 0xf2f0 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x1f2f8 | 0xf2f8 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x1f304 | 0xf304 | 0x3dc | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.bss | NOBITS | 0x1f6e0 | 0xf6e0 | 0xa2ac | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.shstrtab | STRTAB | 0x0 | 0xf6e0 | 0x3e | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x8000 | 0x8000 | 0xf2ec | 0xf2ec | 6.1370 | 0x5 | R E | 0x8000 | .init .text .fini .rodata | |
LOAD | 0xf2f0 | 0x1f2f0 | 0x1f2f0 | 0x3f0 | 0xa69c | 3.5353 | 0x6 | RW | 0x8000 | .ctors .dtors .data .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x7 | RWE | 0x4 |
Download Network PCAP: filtered – full
Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-03-14T01:53:31.876700+0100 | 2013514 | ET MALWARE Potential DNS Command and Control via TXT queries | 1 | 192.168.2.13 | 50640 | 1.1.1.1 | 53 | UDP |
- Total Packets: 66
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 14, 2025 01:53:42.312197924 CET | 50128 | 61003 | 192.168.2.13 | 142.44.232.40 |
Mar 14, 2025 01:53:42.317020893 CET | 61003 | 50128 | 142.44.232.40 | 192.168.2.13 |
Mar 14, 2025 01:53:42.317114115 CET | 50128 | 61003 | 192.168.2.13 | 142.44.232.40 |
Mar 14, 2025 01:53:42.317224026 CET | 50128 | 61003 | 192.168.2.13 | 142.44.232.40 |
Mar 14, 2025 01:53:42.321825981 CET | 61003 | 50128 | 142.44.232.40 | 192.168.2.13 |
Mar 14, 2025 01:54:03.701662064 CET | 61003 | 50128 | 142.44.232.40 | 192.168.2.13 |
Mar 14, 2025 01:54:03.701934099 CET | 50128 | 61003 | 192.168.2.13 | 142.44.232.40 |
Mar 14, 2025 01:54:03.706639051 CET | 61003 | 50128 | 142.44.232.40 | 192.168.2.13 |
Mar 14, 2025 01:54:20.445636988 CET | 50130 | 61003 | 192.168.2.13 | 142.44.232.40 |
Mar 14, 2025 01:54:20.450469971 CET | 61003 | 50130 | 142.44.232.40 | 192.168.2.13 |
Mar 14, 2025 01:54:20.450561047 CET | 50130 | 61003 | 192.168.2.13 | 142.44.232.40 |
Mar 14, 2025 01:54:20.450601101 CET | 50130 | 61003 | 192.168.2.13 | 142.44.232.40 |
Mar 14, 2025 01:54:20.455249071 CET | 61003 | 50130 | 142.44.232.40 | 192.168.2.13 |
Mar 14, 2025 01:54:41.807786942 CET | 61003 | 50130 | 142.44.232.40 | 192.168.2.13 |
Mar 14, 2025 01:54:41.808015108 CET | 50130 | 61003 | 192.168.2.13 | 142.44.232.40 |
Mar 14, 2025 01:54:41.812737942 CET | 61003 | 50130 | 142.44.232.40 | 192.168.2.13 |
Mar 14, 2025 01:54:58.982687950 CET | 50132 | 61003 | 192.168.2.13 | 142.44.232.40 |
Mar 14, 2025 01:54:58.987432003 CET | 61003 | 50132 | 142.44.232.40 | 192.168.2.13 |
Mar 14, 2025 01:54:58.987519026 CET | 50132 | 61003 | 192.168.2.13 | 142.44.232.40 |
Mar 14, 2025 01:54:58.987581968 CET | 50132 | 61003 | 192.168.2.13 | 142.44.232.40 |
Mar 14, 2025 01:54:58.992280960 CET | 61003 | 50132 | 142.44.232.40 | 192.168.2.13 |
Mar 14, 2025 01:55:20.375140905 CET | 61003 | 50132 | 142.44.232.40 | 192.168.2.13 |
Mar 14, 2025 01:55:20.375397921 CET | 50132 | 61003 | 192.168.2.13 | 142.44.232.40 |
Mar 14, 2025 01:55:20.380193949 CET | 61003 | 50132 | 142.44.232.40 | 192.168.2.13 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 14, 2025 01:53:26.732290983 CET | 34937 | 53 | 192.168.2.13 | 8.8.4.4 |
Mar 14, 2025 01:53:26.747262001 CET | 53 | 34937 | 8.8.4.4 | 192.168.2.13 |
Mar 14, 2025 01:53:27.761245966 CET | 44703 | 53 | 192.168.2.13 | 8.8.8.8 |
Mar 14, 2025 01:53:27.790173054 CET | 53 | 44703 | 8.8.8.8 | 192.168.2.13 |
Mar 14, 2025 01:53:28.793627977 CET | 53744 | 53 | 192.168.2.13 | 1.0.0.1 |
Mar 14, 2025 01:53:28.817893028 CET | 53 | 53744 | 1.0.0.1 | 192.168.2.13 |
Mar 14, 2025 01:53:29.819875956 CET | 50543 | 53 | 192.168.2.13 | 1.0.0.1 |
Mar 14, 2025 01:53:29.846146107 CET | 53 | 50543 | 1.0.0.1 | 192.168.2.13 |
Mar 14, 2025 01:53:30.848119020 CET | 56051 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:53:30.874223948 CET | 53 | 56051 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:53:31.876699924 CET | 50640 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:53:31.902262926 CET | 53 | 50640 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:53:32.904638052 CET | 38054 | 53 | 192.168.2.13 | 8.8.4.4 |
Mar 14, 2025 01:53:32.934003115 CET | 53 | 38054 | 8.8.4.4 | 192.168.2.13 |
Mar 14, 2025 01:53:33.935969114 CET | 43655 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:53:34.044481993 CET | 53 | 43655 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:53:35.046401978 CET | 46584 | 53 | 192.168.2.13 | 8.8.8.8 |
Mar 14, 2025 01:53:35.075052023 CET | 53 | 46584 | 8.8.8.8 | 192.168.2.13 |
Mar 14, 2025 01:53:36.076913118 CET | 58611 | 53 | 192.168.2.13 | 8.8.4.4 |
Mar 14, 2025 01:53:36.091821909 CET | 53 | 58611 | 8.8.4.4 | 192.168.2.13 |
Mar 14, 2025 01:53:37.093521118 CET | 60302 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:53:37.198052883 CET | 53 | 60302 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:53:38.200522900 CET | 60775 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:53:38.224845886 CET | 53 | 60775 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:53:39.226783991 CET | 56171 | 53 | 192.168.2.13 | 8.8.8.8 |
Mar 14, 2025 01:53:39.258095980 CET | 53 | 56171 | 8.8.8.8 | 192.168.2.13 |
Mar 14, 2025 01:53:40.260396957 CET | 50032 | 53 | 192.168.2.13 | 8.8.8.8 |
Mar 14, 2025 01:53:40.275463104 CET | 53 | 50032 | 8.8.8.8 | 192.168.2.13 |
Mar 14, 2025 01:53:41.277596951 CET | 58398 | 53 | 192.168.2.13 | 8.8.8.8 |
Mar 14, 2025 01:53:41.305955887 CET | 53 | 58398 | 8.8.8.8 | 192.168.2.13 |
Mar 14, 2025 01:54:04.703921080 CET | 48155 | 53 | 192.168.2.13 | 8.8.8.8 |
Mar 14, 2025 01:54:04.719007015 CET | 53 | 48155 | 8.8.8.8 | 192.168.2.13 |
Mar 14, 2025 01:54:05.721178055 CET | 60282 | 53 | 192.168.2.13 | 8.8.4.4 |
Mar 14, 2025 01:54:05.750174999 CET | 53 | 60282 | 8.8.4.4 | 192.168.2.13 |
Mar 14, 2025 01:54:06.753128052 CET | 58267 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:54:06.889909983 CET | 53 | 58267 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:54:07.892996073 CET | 56320 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:54:07.917594910 CET | 53 | 56320 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:54:08.920614004 CET | 48523 | 53 | 192.168.2.13 | 8.8.8.8 |
Mar 14, 2025 01:54:08.937210083 CET | 53 | 48523 | 8.8.8.8 | 192.168.2.13 |
Mar 14, 2025 01:54:09.941010952 CET | 42137 | 53 | 192.168.2.13 | 8.8.4.4 |
Mar 14, 2025 01:54:09.958365917 CET | 53 | 42137 | 8.8.4.4 | 192.168.2.13 |
Mar 14, 2025 01:54:10.961298943 CET | 49335 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:54:11.079677105 CET | 53 | 49335 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:54:12.082921028 CET | 34451 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:54:12.204715967 CET | 53 | 34451 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:54:13.207631111 CET | 60609 | 53 | 192.168.2.13 | 8.8.8.8 |
Mar 14, 2025 01:54:13.222359896 CET | 53 | 60609 | 8.8.8.8 | 192.168.2.13 |
Mar 14, 2025 01:54:14.224973917 CET | 53243 | 53 | 192.168.2.13 | 8.8.8.8 |
Mar 14, 2025 01:54:14.239813089 CET | 53 | 53243 | 8.8.8.8 | 192.168.2.13 |
Mar 14, 2025 01:54:15.242373943 CET | 45522 | 53 | 192.168.2.13 | 1.0.0.1 |
Mar 14, 2025 01:54:15.266793966 CET | 53 | 45522 | 1.0.0.1 | 192.168.2.13 |
Mar 14, 2025 01:54:16.269177914 CET | 48933 | 53 | 192.168.2.13 | 8.8.4.4 |
Mar 14, 2025 01:54:16.284245968 CET | 53 | 48933 | 8.8.4.4 | 192.168.2.13 |
Mar 14, 2025 01:54:17.286835909 CET | 39384 | 53 | 192.168.2.13 | 8.8.4.4 |
Mar 14, 2025 01:54:17.302813053 CET | 53 | 39384 | 8.8.4.4 | 192.168.2.13 |
Mar 14, 2025 01:54:18.305532932 CET | 60059 | 53 | 192.168.2.13 | 1.0.0.1 |
Mar 14, 2025 01:54:18.426109076 CET | 53 | 60059 | 1.0.0.1 | 192.168.2.13 |
Mar 14, 2025 01:54:19.428634882 CET | 34633 | 53 | 192.168.2.13 | 8.8.8.8 |
Mar 14, 2025 01:54:19.443933964 CET | 53 | 34633 | 8.8.8.8 | 192.168.2.13 |
Mar 14, 2025 01:54:42.811240911 CET | 43693 | 53 | 192.168.2.13 | 8.8.4.4 |
Mar 14, 2025 01:54:42.827145100 CET | 53 | 43693 | 8.8.4.4 | 192.168.2.13 |
Mar 14, 2025 01:54:43.830039978 CET | 44251 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:54:43.966871977 CET | 53 | 44251 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:54:44.970525980 CET | 35234 | 53 | 192.168.2.13 | 1.0.0.1 |
Mar 14, 2025 01:54:44.997067928 CET | 53 | 35234 | 1.0.0.1 | 192.168.2.13 |
Mar 14, 2025 01:54:46.000052929 CET | 50208 | 53 | 192.168.2.13 | 1.0.0.1 |
Mar 14, 2025 01:54:46.118079901 CET | 53 | 50208 | 1.0.0.1 | 192.168.2.13 |
Mar 14, 2025 01:54:47.121906996 CET | 48433 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:54:47.260972977 CET | 53 | 48433 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:54:48.265101910 CET | 44820 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:54:48.289557934 CET | 53 | 44820 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:54:49.292684078 CET | 37018 | 53 | 192.168.2.13 | 8.8.8.8 |
Mar 14, 2025 01:54:49.320614100 CET | 53 | 37018 | 8.8.8.8 | 192.168.2.13 |
Mar 14, 2025 01:54:50.324337006 CET | 33258 | 53 | 192.168.2.13 | 8.8.4.4 |
Mar 14, 2025 01:54:50.352747917 CET | 53 | 33258 | 8.8.4.4 | 192.168.2.13 |
Mar 14, 2025 01:54:51.356694937 CET | 46796 | 53 | 192.168.2.13 | 1.0.0.1 |
Mar 14, 2025 01:54:51.381625891 CET | 53 | 46796 | 1.0.0.1 | 192.168.2.13 |
Mar 14, 2025 01:54:52.384557962 CET | 43349 | 53 | 192.168.2.13 | 1.0.0.1 |
Mar 14, 2025 01:54:52.486104012 CET | 53 | 43349 | 1.0.0.1 | 192.168.2.13 |
Mar 14, 2025 01:54:53.489880085 CET | 36199 | 53 | 192.168.2.13 | 8.8.8.8 |
Mar 14, 2025 01:54:53.639537096 CET | 53 | 36199 | 8.8.8.8 | 192.168.2.13 |
Mar 14, 2025 01:54:54.642824888 CET | 52361 | 53 | 192.168.2.13 | 1.0.0.1 |
Mar 14, 2025 01:54:54.667748928 CET | 53 | 52361 | 1.0.0.1 | 192.168.2.13 |
Mar 14, 2025 01:54:55.671338081 CET | 60262 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:54:55.696521044 CET | 53 | 60262 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:54:56.699413061 CET | 43078 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:54:56.836882114 CET | 53 | 43078 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:54:57.839555979 CET | 37486 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:54:57.979943037 CET | 53 | 37486 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:55:21.378046989 CET | 34148 | 53 | 192.168.2.13 | 8.8.8.8 |
Mar 14, 2025 01:55:21.393239975 CET | 53 | 34148 | 8.8.8.8 | 192.168.2.13 |
Mar 14, 2025 01:55:22.395567894 CET | 46566 | 53 | 192.168.2.13 | 8.8.4.4 |
Mar 14, 2025 01:55:22.410489082 CET | 53 | 46566 | 8.8.4.4 | 192.168.2.13 |
Mar 14, 2025 01:55:23.413160086 CET | 41703 | 53 | 192.168.2.13 | 8.8.4.4 |
Mar 14, 2025 01:55:23.439321995 CET | 53 | 41703 | 8.8.4.4 | 192.168.2.13 |
Mar 14, 2025 01:55:24.442289114 CET | 49015 | 53 | 192.168.2.13 | 1.0.0.1 |
Mar 14, 2025 01:55:24.560584068 CET | 53 | 49015 | 1.0.0.1 | 192.168.2.13 |
Mar 14, 2025 01:55:25.563966036 CET | 48093 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:55:25.588335991 CET | 53 | 48093 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:55:26.590653896 CET | 33332 | 53 | 192.168.2.13 | 8.8.8.8 |
Mar 14, 2025 01:55:26.606343031 CET | 53 | 33332 | 8.8.8.8 | 192.168.2.13 |
Mar 14, 2025 01:55:27.608668089 CET | 58507 | 53 | 192.168.2.13 | 1.1.1.1 |
Mar 14, 2025 01:55:27.730950117 CET | 53 | 58507 | 1.1.1.1 | 192.168.2.13 |
Mar 14, 2025 01:55:28.733953953 CET | 36630 | 53 | 192.168.2.13 | 8.8.4.4 |
Mar 14, 2025 01:55:28.748897076 CET | 53 | 36630 | 8.8.4.4 | 192.168.2.13 |
Mar 14, 2025 01:55:29.751884937 CET | 53407 | 53 | 192.168.2.13 | 1.0.0.1 |
Mar 14, 2025 01:55:29.776829004 CET | 53 | 53407 | 1.0.0.1 | 192.168.2.13 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 14, 2025 01:53:26.732290983 CET | 192.168.2.13 | 8.8.4.4 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:27.761245966 CET | 192.168.2.13 | 8.8.8.8 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:28.793627977 CET | 192.168.2.13 | 1.0.0.1 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:29.819875956 CET | 192.168.2.13 | 1.0.0.1 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:30.848119020 CET | 192.168.2.13 | 1.1.1.1 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:31.876699924 CET | 192.168.2.13 | 1.1.1.1 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:32.904638052 CET | 192.168.2.13 | 8.8.4.4 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:33.935969114 CET | 192.168.2.13 | 1.1.1.1 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:35.046401978 CET | 192.168.2.13 | 8.8.8.8 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:36.076913118 CET | 192.168.2.13 | 8.8.4.4 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:37.093521118 CET | 192.168.2.13 | 1.1.1.1 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:38.200522900 CET | 192.168.2.13 | 1.1.1.1 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:39.226783991 CET | 192.168.2.13 | 8.8.8.8 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:40.260396957 CET | 192.168.2.13 | 8.8.8.8 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:41.277596951 CET | 192.168.2.13 | 8.8.8.8 | 0xac9b | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:04.703921080 CET | 192.168.2.13 | 8.8.8.8 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:05.721178055 CET | 192.168.2.13 | 8.8.4.4 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:06.753128052 CET | 192.168.2.13 | 1.1.1.1 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:07.892996073 CET | 192.168.2.13 | 1.1.1.1 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:08.920614004 CET | 192.168.2.13 | 8.8.8.8 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:09.941010952 CET | 192.168.2.13 | 8.8.4.4 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:10.961298943 CET | 192.168.2.13 | 1.1.1.1 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:12.082921028 CET | 192.168.2.13 | 1.1.1.1 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:13.207631111 CET | 192.168.2.13 | 8.8.8.8 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:14.224973917 CET | 192.168.2.13 | 8.8.8.8 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:15.242373943 CET | 192.168.2.13 | 1.0.0.1 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:16.269177914 CET | 192.168.2.13 | 8.8.4.4 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:17.286835909 CET | 192.168.2.13 | 8.8.4.4 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:18.305532932 CET | 192.168.2.13 | 1.0.0.1 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:19.428634882 CET | 192.168.2.13 | 8.8.8.8 | 0xa8ae | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:42.811240911 CET | 192.168.2.13 | 8.8.4.4 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:43.830039978 CET | 192.168.2.13 | 1.1.1.1 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:44.970525980 CET | 192.168.2.13 | 1.0.0.1 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:46.000052929 CET | 192.168.2.13 | 1.0.0.1 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:47.121906996 CET | 192.168.2.13 | 1.1.1.1 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:48.265101910 CET | 192.168.2.13 | 1.1.1.1 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:49.292684078 CET | 192.168.2.13 | 8.8.8.8 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:50.324337006 CET | 192.168.2.13 | 8.8.4.4 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:51.356694937 CET | 192.168.2.13 | 1.0.0.1 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:52.384557962 CET | 192.168.2.13 | 1.0.0.1 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:53.489880085 CET | 192.168.2.13 | 8.8.8.8 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:54.642824888 CET | 192.168.2.13 | 1.0.0.1 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:55.671338081 CET | 192.168.2.13 | 1.1.1.1 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:56.699413061 CET | 192.168.2.13 | 1.1.1.1 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:57.839555979 CET | 192.168.2.13 | 1.1.1.1 | 0x3161 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:21.378046989 CET | 192.168.2.13 | 8.8.8.8 | 0x71ce | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:22.395567894 CET | 192.168.2.13 | 8.8.4.4 | 0x71ce | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:23.413160086 CET | 192.168.2.13 | 8.8.4.4 | 0x71ce | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:24.442289114 CET | 192.168.2.13 | 1.0.0.1 | 0x71ce | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:25.563966036 CET | 192.168.2.13 | 1.1.1.1 | 0x71ce | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:26.590653896 CET | 192.168.2.13 | 8.8.8.8 | 0x71ce | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:27.608668089 CET | 192.168.2.13 | 1.1.1.1 | 0x71ce | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:28.733953953 CET | 192.168.2.13 | 8.8.4.4 | 0x71ce | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:29.751884937 CET | 192.168.2.13 | 1.0.0.1 | 0x71ce | Standard query (0) | 16 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 14, 2025 01:53:26.747262001 CET | 8.8.4.4 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:27.790173054 CET | 8.8.8.8 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:28.817893028 CET | 1.0.0.1 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:29.846146107 CET | 1.0.0.1 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:30.874223948 CET | 1.1.1.1 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:31.902262926 CET | 1.1.1.1 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:32.934003115 CET | 8.8.4.4 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:34.044481993 CET | 1.1.1.1 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:35.075052023 CET | 8.8.8.8 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:36.091821909 CET | 8.8.4.4 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:37.198052883 CET | 1.1.1.1 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:38.224845886 CET | 1.1.1.1 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:39.258095980 CET | 8.8.8.8 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:40.275463104 CET | 8.8.8.8 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:41.305955887 CET | 8.8.8.8 | 192.168.2.13 | 0xac9b | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:04.719007015 CET | 8.8.8.8 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:05.750174999 CET | 8.8.4.4 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:06.889909983 CET | 1.1.1.1 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:07.917594910 CET | 1.1.1.1 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:08.937210083 CET | 8.8.8.8 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:09.958365917 CET | 8.8.4.4 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:11.079677105 CET | 1.1.1.1 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:12.204715967 CET | 1.1.1.1 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:13.222359896 CET | 8.8.8.8 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:14.239813089 CET | 8.8.8.8 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:15.266793966 CET | 1.0.0.1 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:16.284245968 CET | 8.8.4.4 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:17.302813053 CET | 8.8.4.4 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:18.426109076 CET | 1.0.0.1 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:19.443933964 CET | 8.8.8.8 | 192.168.2.13 | 0xa8ae | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:42.827145100 CET | 8.8.4.4 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:43.966871977 CET | 1.1.1.1 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:44.997067928 CET | 1.0.0.1 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:46.118079901 CET | 1.0.0.1 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:47.260972977 CET | 1.1.1.1 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:48.289557934 CET | 1.1.1.1 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:49.320614100 CET | 8.8.8.8 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:50.352747917 CET | 8.8.4.4 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:51.381625891 CET | 1.0.0.1 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:52.486104012 CET | 1.0.0.1 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:53.639537096 CET | 8.8.8.8 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:54.667748928 CET | 1.0.0.1 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:55.696521044 CET | 1.1.1.1 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:56.836882114 CET | 1.1.1.1 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:57.979943037 CET | 1.1.1.1 | 192.168.2.13 | 0x3161 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:21.393239975 CET | 8.8.8.8 | 192.168.2.13 | 0x71ce | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:22.410489082 CET | 8.8.4.4 | 192.168.2.13 | 0x71ce | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:23.439321995 CET | 8.8.4.4 | 192.168.2.13 | 0x71ce | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:24.560584068 CET | 1.0.0.1 | 192.168.2.13 | 0x71ce | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:25.588335991 CET | 1.1.1.1 | 192.168.2.13 | 0x71ce | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:26.606343031 CET | 8.8.8.8 | 192.168.2.13 | 0x71ce | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:27.730950117 CET | 1.1.1.1 | 192.168.2.13 | 0x71ce | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:28.748897076 CET | 8.8.4.4 | 192.168.2.13 | 0x71ce | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:29.776829004 CET | 1.0.0.1 | 192.168.2.13 | 0x71ce | Name error (3) | none | none | 16 | IN (0x0001) | false |
System Behavior
Start time (UTC): | 00:53:25 |
Start date (UTC): | 14/03/2025 |
Path: | /tmp/sync.arm4.elf |
Arguments: | /tmp/sync.arm4.elf |
File size: | 4956856 bytes |
MD5 hash: | 5ebfcae4fe2471fcc5695c2394773ff1 |
Start time (UTC): | 00:53:25 |
Start date (UTC): | 14/03/2025 |
Path: | /tmp/sync.arm4.elf |
Arguments: | - |
File size: | 4956856 bytes |
MD5 hash: | 5ebfcae4fe2471fcc5695c2394773ff1 |
Start time (UTC): | 00:53:25 |
Start date (UTC): | 14/03/2025 |
Path: | /tmp/sync.arm4.elf |
Arguments: | - |
File size: | 4956856 bytes |
MD5 hash: | 5ebfcae4fe2471fcc5695c2394773ff1 |