Linux
Analysis Report
sync.superh.elf
Overview
General Information
Detection
Score: | 72 |
Range: | 0 - 100 |
Signatures
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1637906 |
Start date and time: | 2025-03-14 01:52:21 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 39s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | sync.superh.elf |
Detection: | MAL |
Classification: | mal72.evad.linELF@0/0@54/0 |
- VT rate limit hit for: dnsresolve.socialgains.cf
Command: | /tmp/sync.superh.elf |
PID: | 5524 |
Exit Code: | 1 |
Exit Code Info: | |
Killed: | False |
Standard Output: | Infect |
Standard Error: |
- system is lnxubuntu20
- sync.superh.elf New Fork (PID: 5527, Parent: 5524)
- sync.superh.elf New Fork (PID: 5529, Parent: 5527)
- cleanup
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-03-14T01:55:17.330024+0100 | 2013514 | 1 | A Network Trojan was detected | 192.168.2.14 | 59999 | 1.0.0.1 | 53 | UDP |
- • AV Detection
- • Networking
- • System Summary
- • Hooking and other Techniques for Hiding and Protection
- • Malware Analysis System Evasion
- • HIPS / PFW / Operating System Protection Evasion
Click to jump to signature section
AV Detection |
---|
Source: | Avira: |
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link |
Networking |
---|
Source: | Suricata IDS: |
Source: | TCP traffic: |
Source: | DNS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | .symtab present: |
Source: | Classification label: |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | File: | Jump to behavior |
Source: | Submission file: |
Source: | Sleeps longer then 60s: | Jump to behavior | ||
Source: | Sleeps longer then 60s: | Jump to behavior |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | Path Interception | 1 Virtualization/Sandbox Evasion | OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Obfuscated Files or Information | LSASS Memory | 1 Virtualization/Sandbox Evasion | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 File Deletion | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
58% | ReversingLabs | Linux.Backdoor.Gafgyt | ||
47% | Virustotal | Browse | ||
100% | Avira | ANDROID/AVE.Agent.naebh |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
dnsresolve.socialgains.cf | unknown | unknown | true | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.44.232.40 | unknown | Canada | 16276 | OVHFR | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
142.44.232.40 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
OVHFR | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | XWorm | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | CAPTCHA Scam ClickFix | Browse |
| ||
Get hash | malicious | HTMLPhisher, Invisible JS, Tycoon2FA | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
File type: | |
Entropy (8bit): | 6.945632866925954 |
TrID: |
|
File name: | sync.superh.elf |
File size: | 51'712 bytes |
MD5: | 5f6f71da1f465f8c684685ddc691f6d3 |
SHA1: | 0bb8456f215c175a45ee17f56ce895a2377cc92c |
SHA256: | 366683e23a9b0c5a053dabfeacc4576792cd12982599038c9199f8ae9a2282e9 |
SHA512: | d9577f7a7c6a95f8236301ef3c7a1661a4ff8e0ca7ce7684e1cdf9bb8d5a147a8ac451586a80cf1254f3d0d8c5876c3eb6847d1af175fa949006a37ce78a79fd |
SSDEEP: | 1536:tCTCAM0MNCwDbJLNOwoMwNu4dmXKZTQHSTWbCBSMsbz:UzM0MNCwDNLNOwoMwx7ZnTWbisb |
TLSH: | 63336B93CD195E48C4A4E8F1B5705BBEE7A3A8445A9F5FDA1522C22ED493E8DF0013F0 |
File Content Preview: | .ELF..............*.......@.4...p.......4. ...(...............@...@.<...<...............@...@.A.@.A.................Q.td............................././"O.n........#.*@........#.*@l....o&O.n...l..............................././.../.a"O.!...n...a.b("...q. |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 51312 |
Section Header Size: | 40 |
Number of Section Headers: | 10 |
Header String Table Index: | 9 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x400094 | 0x94 | 0x30 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.text | PROGBITS | 0x4000e0 | 0xe0 | 0xa880 | 0x0 | 0x6 | AX | 0 | 0 | 32 |
.fini | PROGBITS | 0x40a960 | 0xa960 | 0x24 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.rodata | PROGBITS | 0x40a984 | 0xa984 | 0x1ab8 | 0x0 | 0x2 | A | 0 | 0 | 4 |
.ctors | PROGBITS | 0x41c440 | 0xc440 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x41c448 | 0xc448 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x41c454 | 0xc454 | 0x3dc | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.bss | NOBITS | 0x41c830 | 0xc830 | 0xa2ac | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.shstrtab | STRTAB | 0x0 | 0xc830 | 0x3e | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x400000 | 0x400000 | 0xc43c | 0xc43c | 7.0029 | 0x5 | R E | 0x10000 | .init .text .fini .rodata | |
LOAD | 0xc440 | 0x41c440 | 0x41c440 | 0x3f0 | 0xa69c | 3.5917 | 0x6 | RW | 0x10000 | .ctors .dtors .data .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x7 | RWE | 0x4 |
Download Network PCAP: filtered – full
Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-03-14T01:55:17.330024+0100 | 2013514 | ET MALWARE Potential DNS Command and Control via TXT queries | 1 | 192.168.2.14 | 59999 | 1.0.0.1 | 53 | UDP |
- Total Packets: 66
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 14, 2025 01:53:37.324213028 CET | 33836 | 61003 | 192.168.2.14 | 142.44.232.40 |
Mar 14, 2025 01:53:37.328962088 CET | 61003 | 33836 | 142.44.232.40 | 192.168.2.14 |
Mar 14, 2025 01:53:37.329041004 CET | 33836 | 61003 | 192.168.2.14 | 142.44.232.40 |
Mar 14, 2025 01:53:37.329339027 CET | 33836 | 61003 | 192.168.2.14 | 142.44.232.40 |
Mar 14, 2025 01:53:37.333988905 CET | 61003 | 33836 | 142.44.232.40 | 192.168.2.14 |
Mar 14, 2025 01:53:58.701467991 CET | 61003 | 33836 | 142.44.232.40 | 192.168.2.14 |
Mar 14, 2025 01:53:58.701837063 CET | 33836 | 61003 | 192.168.2.14 | 142.44.232.40 |
Mar 14, 2025 01:53:58.706494093 CET | 61003 | 33836 | 142.44.232.40 | 192.168.2.14 |
Mar 14, 2025 01:54:16.011075020 CET | 33838 | 61003 | 192.168.2.14 | 142.44.232.40 |
Mar 14, 2025 01:54:16.015819073 CET | 61003 | 33838 | 142.44.232.40 | 192.168.2.14 |
Mar 14, 2025 01:54:16.015887976 CET | 33838 | 61003 | 192.168.2.14 | 142.44.232.40 |
Mar 14, 2025 01:54:16.015979052 CET | 33838 | 61003 | 192.168.2.14 | 142.44.232.40 |
Mar 14, 2025 01:54:16.020634890 CET | 61003 | 33838 | 142.44.232.40 | 192.168.2.14 |
Mar 14, 2025 01:54:37.401585102 CET | 61003 | 33838 | 142.44.232.40 | 192.168.2.14 |
Mar 14, 2025 01:54:37.401921988 CET | 33838 | 61003 | 192.168.2.14 | 142.44.232.40 |
Mar 14, 2025 01:54:37.408018112 CET | 61003 | 33838 | 142.44.232.40 | 192.168.2.14 |
Mar 14, 2025 01:54:53.919357061 CET | 33840 | 61003 | 192.168.2.14 | 142.44.232.40 |
Mar 14, 2025 01:54:53.925760984 CET | 61003 | 33840 | 142.44.232.40 | 192.168.2.14 |
Mar 14, 2025 01:54:53.925862074 CET | 33840 | 61003 | 192.168.2.14 | 142.44.232.40 |
Mar 14, 2025 01:54:53.925884008 CET | 33840 | 61003 | 192.168.2.14 | 142.44.232.40 |
Mar 14, 2025 01:54:53.932285070 CET | 61003 | 33840 | 142.44.232.40 | 192.168.2.14 |
Mar 14, 2025 01:55:15.310339928 CET | 61003 | 33840 | 142.44.232.40 | 192.168.2.14 |
Mar 14, 2025 01:55:15.310848951 CET | 33840 | 61003 | 192.168.2.14 | 142.44.232.40 |
Mar 14, 2025 01:55:15.316032887 CET | 61003 | 33840 | 142.44.232.40 | 192.168.2.14 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 14, 2025 01:53:21.380075932 CET | 59886 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:53:21.395092010 CET | 53 | 59886 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:53:22.398698092 CET | 55929 | 53 | 192.168.2.14 | 1.1.1.1 |
Mar 14, 2025 01:53:22.423857927 CET | 53 | 55929 | 1.1.1.1 | 192.168.2.14 |
Mar 14, 2025 01:53:23.426206112 CET | 51118 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:53:23.565437078 CET | 53 | 51118 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:53:24.567433119 CET | 41443 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:53:24.582112074 CET | 53 | 41443 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:53:25.584233046 CET | 55076 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:53:25.600987911 CET | 53 | 55076 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:53:26.603141069 CET | 53084 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:53:26.627774954 CET | 53 | 53084 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:53:27.630481958 CET | 32982 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:53:27.735908985 CET | 53 | 32982 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:53:28.738529921 CET | 43143 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:53:28.856276035 CET | 53 | 43143 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:53:29.858675003 CET | 37325 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:53:29.873209953 CET | 53 | 37325 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:53:30.875555992 CET | 41509 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:53:30.904021025 CET | 53 | 41509 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:53:31.906703949 CET | 55445 | 53 | 192.168.2.14 | 1.1.1.1 |
Mar 14, 2025 01:53:31.931338072 CET | 53 | 55445 | 1.1.1.1 | 192.168.2.14 |
Mar 14, 2025 01:53:32.934010983 CET | 49338 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:53:32.948672056 CET | 53 | 49338 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:53:33.951344013 CET | 60708 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:53:34.070207119 CET | 53 | 60708 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:53:35.075413942 CET | 34417 | 53 | 192.168.2.14 | 1.1.1.1 |
Mar 14, 2025 01:53:35.180656910 CET | 53 | 34417 | 1.1.1.1 | 192.168.2.14 |
Mar 14, 2025 01:53:36.183821917 CET | 40450 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:53:36.321192026 CET | 53 | 40450 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:53:59.704225063 CET | 42137 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:53:59.855555058 CET | 53 | 42137 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:54:00.858397007 CET | 58062 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:54:00.965310097 CET | 53 | 58062 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:54:01.968288898 CET | 54629 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:54:01.984245062 CET | 53 | 54629 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:54:02.987181902 CET | 59738 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:54:03.040541887 CET | 53 | 59738 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:54:04.043394089 CET | 54548 | 53 | 192.168.2.14 | 8.8.4.4 |
Mar 14, 2025 01:54:04.059254885 CET | 53 | 54548 | 8.8.4.4 | 192.168.2.14 |
Mar 14, 2025 01:54:05.061691046 CET | 52057 | 53 | 192.168.2.14 | 1.1.1.1 |
Mar 14, 2025 01:54:05.202028036 CET | 53 | 52057 | 1.1.1.1 | 192.168.2.14 |
Mar 14, 2025 01:54:06.205482006 CET | 55083 | 53 | 192.168.2.14 | 8.8.4.4 |
Mar 14, 2025 01:54:06.220789909 CET | 53 | 55083 | 8.8.4.4 | 192.168.2.14 |
Mar 14, 2025 01:54:07.223804951 CET | 55000 | 53 | 192.168.2.14 | 1.1.1.1 |
Mar 14, 2025 01:54:07.343388081 CET | 53 | 55000 | 1.1.1.1 | 192.168.2.14 |
Mar 14, 2025 01:54:08.347120047 CET | 42689 | 53 | 192.168.2.14 | 1.1.1.1 |
Mar 14, 2025 01:54:08.541569948 CET | 53 | 42689 | 1.1.1.1 | 192.168.2.14 |
Mar 14, 2025 01:54:09.544915915 CET | 41643 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:54:09.681058884 CET | 53 | 41643 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:54:10.684438944 CET | 35313 | 53 | 192.168.2.14 | 8.8.4.4 |
Mar 14, 2025 01:54:10.700704098 CET | 53 | 35313 | 8.8.4.4 | 192.168.2.14 |
Mar 14, 2025 01:54:11.703140020 CET | 53366 | 53 | 192.168.2.14 | 8.8.4.4 |
Mar 14, 2025 01:54:11.718799114 CET | 53 | 53366 | 8.8.4.4 | 192.168.2.14 |
Mar 14, 2025 01:54:12.721250057 CET | 37353 | 53 | 192.168.2.14 | 1.1.1.1 |
Mar 14, 2025 01:54:12.839554071 CET | 53 | 37353 | 1.1.1.1 | 192.168.2.14 |
Mar 14, 2025 01:54:13.842577934 CET | 50686 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:54:13.868520021 CET | 53 | 50686 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:54:14.871603966 CET | 43198 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:54:15.008785963 CET | 53 | 43198 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:54:38.404297113 CET | 33256 | 53 | 192.168.2.14 | 1.1.1.1 |
Mar 14, 2025 01:54:38.528558969 CET | 53 | 33256 | 1.1.1.1 | 192.168.2.14 |
Mar 14, 2025 01:54:39.531083107 CET | 48633 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:54:39.550637960 CET | 53 | 48633 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:54:40.552375078 CET | 50440 | 53 | 192.168.2.14 | 8.8.4.4 |
Mar 14, 2025 01:54:40.567526102 CET | 53 | 50440 | 8.8.4.4 | 192.168.2.14 |
Mar 14, 2025 01:54:41.569325924 CET | 57868 | 53 | 192.168.2.14 | 8.8.4.4 |
Mar 14, 2025 01:54:41.584301949 CET | 53 | 57868 | 8.8.4.4 | 192.168.2.14 |
Mar 14, 2025 01:54:42.586031914 CET | 44306 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:54:42.614736080 CET | 53 | 44306 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:54:43.616276026 CET | 38278 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:54:43.631459951 CET | 53 | 38278 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:54:44.633119106 CET | 47769 | 53 | 192.168.2.14 | 8.8.4.4 |
Mar 14, 2025 01:54:44.659812927 CET | 53 | 47769 | 8.8.4.4 | 192.168.2.14 |
Mar 14, 2025 01:54:45.661477089 CET | 58240 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:54:45.677278042 CET | 53 | 58240 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:54:46.679526091 CET | 35233 | 53 | 192.168.2.14 | 8.8.4.4 |
Mar 14, 2025 01:54:46.694724083 CET | 53 | 35233 | 8.8.4.4 | 192.168.2.14 |
Mar 14, 2025 01:54:47.696664095 CET | 32839 | 53 | 192.168.2.14 | 1.1.1.1 |
Mar 14, 2025 01:54:47.810695887 CET | 53 | 32839 | 1.1.1.1 | 192.168.2.14 |
Mar 14, 2025 01:54:48.812896013 CET | 51975 | 53 | 192.168.2.14 | 8.8.4.4 |
Mar 14, 2025 01:54:48.828206062 CET | 53 | 51975 | 8.8.4.4 | 192.168.2.14 |
Mar 14, 2025 01:54:49.830478907 CET | 56925 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:54:49.857266903 CET | 53 | 56925 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:54:50.858732939 CET | 40244 | 53 | 192.168.2.14 | 1.1.1.1 |
Mar 14, 2025 01:54:50.882963896 CET | 53 | 40244 | 1.1.1.1 | 192.168.2.14 |
Mar 14, 2025 01:54:51.885272026 CET | 40521 | 53 | 192.168.2.14 | 8.8.4.4 |
Mar 14, 2025 01:54:51.900676966 CET | 53 | 40521 | 8.8.4.4 | 192.168.2.14 |
Mar 14, 2025 01:54:52.903361082 CET | 51083 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:54:52.917946100 CET | 53 | 51083 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:55:16.313604116 CET | 46020 | 53 | 192.168.2.14 | 8.8.4.4 |
Mar 14, 2025 01:55:16.328387976 CET | 53 | 46020 | 8.8.4.4 | 192.168.2.14 |
Mar 14, 2025 01:55:17.330024004 CET | 59999 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:55:17.363945007 CET | 53 | 59999 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:55:18.366225958 CET | 40214 | 53 | 192.168.2.14 | 1.1.1.1 |
Mar 14, 2025 01:55:18.468888044 CET | 53 | 40214 | 1.1.1.1 | 192.168.2.14 |
Mar 14, 2025 01:55:19.471915960 CET | 57750 | 53 | 192.168.2.14 | 8.8.8.8 |
Mar 14, 2025 01:55:19.486377954 CET | 53 | 57750 | 8.8.8.8 | 192.168.2.14 |
Mar 14, 2025 01:55:20.489074945 CET | 48365 | 53 | 192.168.2.14 | 1.1.1.1 |
Mar 14, 2025 01:55:20.513789892 CET | 53 | 48365 | 1.1.1.1 | 192.168.2.14 |
Mar 14, 2025 01:55:21.515450954 CET | 35854 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:55:21.621546984 CET | 53 | 35854 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:55:22.624021053 CET | 57266 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:55:22.744898081 CET | 53 | 57266 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:55:23.747024059 CET | 44861 | 53 | 192.168.2.14 | 1.0.0.1 |
Mar 14, 2025 01:55:23.771178961 CET | 53 | 44861 | 1.0.0.1 | 192.168.2.14 |
Mar 14, 2025 01:55:24.773988008 CET | 33745 | 53 | 192.168.2.14 | 8.8.4.4 |
Mar 14, 2025 01:55:24.790051937 CET | 53 | 33745 | 8.8.4.4 | 192.168.2.14 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 14, 2025 01:53:21.380075932 CET | 192.168.2.14 | 8.8.8.8 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:22.398698092 CET | 192.168.2.14 | 1.1.1.1 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:23.426206112 CET | 192.168.2.14 | 1.0.0.1 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:24.567433119 CET | 192.168.2.14 | 8.8.8.8 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:25.584233046 CET | 192.168.2.14 | 8.8.8.8 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:26.603141069 CET | 192.168.2.14 | 1.0.0.1 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:27.630481958 CET | 192.168.2.14 | 1.0.0.1 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:28.738529921 CET | 192.168.2.14 | 1.0.0.1 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:29.858675003 CET | 192.168.2.14 | 8.8.8.8 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:30.875555992 CET | 192.168.2.14 | 8.8.8.8 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:31.906703949 CET | 192.168.2.14 | 1.1.1.1 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:32.934010983 CET | 192.168.2.14 | 8.8.8.8 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:33.951344013 CET | 192.168.2.14 | 1.0.0.1 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:35.075413942 CET | 192.168.2.14 | 1.1.1.1 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:36.183821917 CET | 192.168.2.14 | 1.0.0.1 | 0x48b9 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:59.704225063 CET | 192.168.2.14 | 8.8.8.8 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:00.858397007 CET | 192.168.2.14 | 1.0.0.1 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:01.968288898 CET | 192.168.2.14 | 8.8.8.8 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:02.987181902 CET | 192.168.2.14 | 1.0.0.1 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:04.043394089 CET | 192.168.2.14 | 8.8.4.4 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:05.061691046 CET | 192.168.2.14 | 1.1.1.1 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:06.205482006 CET | 192.168.2.14 | 8.8.4.4 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:07.223804951 CET | 192.168.2.14 | 1.1.1.1 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:08.347120047 CET | 192.168.2.14 | 1.1.1.1 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:09.544915915 CET | 192.168.2.14 | 1.0.0.1 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:10.684438944 CET | 192.168.2.14 | 8.8.4.4 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:11.703140020 CET | 192.168.2.14 | 8.8.4.4 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:12.721250057 CET | 192.168.2.14 | 1.1.1.1 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:13.842577934 CET | 192.168.2.14 | 1.0.0.1 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:14.871603966 CET | 192.168.2.14 | 1.0.0.1 | 0x2b55 | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:38.404297113 CET | 192.168.2.14 | 1.1.1.1 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:39.531083107 CET | 192.168.2.14 | 8.8.8.8 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:40.552375078 CET | 192.168.2.14 | 8.8.4.4 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:41.569325924 CET | 192.168.2.14 | 8.8.4.4 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:42.586031914 CET | 192.168.2.14 | 8.8.8.8 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:43.616276026 CET | 192.168.2.14 | 8.8.8.8 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:44.633119106 CET | 192.168.2.14 | 8.8.4.4 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:45.661477089 CET | 192.168.2.14 | 8.8.8.8 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:46.679526091 CET | 192.168.2.14 | 8.8.4.4 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:47.696664095 CET | 192.168.2.14 | 1.1.1.1 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:48.812896013 CET | 192.168.2.14 | 8.8.4.4 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:49.830478907 CET | 192.168.2.14 | 8.8.8.8 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:50.858732939 CET | 192.168.2.14 | 1.1.1.1 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:51.885272026 CET | 192.168.2.14 | 8.8.4.4 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:52.903361082 CET | 192.168.2.14 | 8.8.8.8 | 0xca4f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:16.313604116 CET | 192.168.2.14 | 8.8.4.4 | 0x525f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:17.330024004 CET | 192.168.2.14 | 1.0.0.1 | 0x525f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:18.366225958 CET | 192.168.2.14 | 1.1.1.1 | 0x525f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:19.471915960 CET | 192.168.2.14 | 8.8.8.8 | 0x525f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:20.489074945 CET | 192.168.2.14 | 1.1.1.1 | 0x525f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:21.515450954 CET | 192.168.2.14 | 1.0.0.1 | 0x525f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:22.624021053 CET | 192.168.2.14 | 1.0.0.1 | 0x525f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:23.747024059 CET | 192.168.2.14 | 1.0.0.1 | 0x525f | Standard query (0) | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:24.773988008 CET | 192.168.2.14 | 8.8.4.4 | 0x525f | Standard query (0) | 16 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 14, 2025 01:53:21.395092010 CET | 8.8.8.8 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:22.423857927 CET | 1.1.1.1 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:23.565437078 CET | 1.0.0.1 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:24.582112074 CET | 8.8.8.8 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:25.600987911 CET | 8.8.8.8 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:26.627774954 CET | 1.0.0.1 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:27.735908985 CET | 1.0.0.1 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:28.856276035 CET | 1.0.0.1 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:29.873209953 CET | 8.8.8.8 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:30.904021025 CET | 8.8.8.8 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:31.931338072 CET | 1.1.1.1 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:32.948672056 CET | 8.8.8.8 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:34.070207119 CET | 1.0.0.1 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:35.180656910 CET | 1.1.1.1 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:36.321192026 CET | 1.0.0.1 | 192.168.2.14 | 0x48b9 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:53:59.855555058 CET | 8.8.8.8 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:00.965310097 CET | 1.0.0.1 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:01.984245062 CET | 8.8.8.8 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:03.040541887 CET | 1.0.0.1 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:04.059254885 CET | 8.8.4.4 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:05.202028036 CET | 1.1.1.1 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:06.220789909 CET | 8.8.4.4 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:07.343388081 CET | 1.1.1.1 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:08.541569948 CET | 1.1.1.1 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:09.681058884 CET | 1.0.0.1 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:10.700704098 CET | 8.8.4.4 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:11.718799114 CET | 8.8.4.4 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:12.839554071 CET | 1.1.1.1 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:13.868520021 CET | 1.0.0.1 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:15.008785963 CET | 1.0.0.1 | 192.168.2.14 | 0x2b55 | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:38.528558969 CET | 1.1.1.1 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:39.550637960 CET | 8.8.8.8 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:40.567526102 CET | 8.8.4.4 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:41.584301949 CET | 8.8.4.4 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:42.614736080 CET | 8.8.8.8 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:43.631459951 CET | 8.8.8.8 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:44.659812927 CET | 8.8.4.4 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:45.677278042 CET | 8.8.8.8 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:46.694724083 CET | 8.8.4.4 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:47.810695887 CET | 1.1.1.1 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:48.828206062 CET | 8.8.4.4 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:49.857266903 CET | 8.8.8.8 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:50.882963896 CET | 1.1.1.1 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:51.900676966 CET | 8.8.4.4 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:54:52.917946100 CET | 8.8.8.8 | 192.168.2.14 | 0xca4f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:16.328387976 CET | 8.8.4.4 | 192.168.2.14 | 0x525f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:17.363945007 CET | 1.0.0.1 | 192.168.2.14 | 0x525f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:18.468888044 CET | 1.1.1.1 | 192.168.2.14 | 0x525f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:19.486377954 CET | 8.8.8.8 | 192.168.2.14 | 0x525f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:20.513789892 CET | 1.1.1.1 | 192.168.2.14 | 0x525f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:21.621546984 CET | 1.0.0.1 | 192.168.2.14 | 0x525f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:22.744898081 CET | 1.0.0.1 | 192.168.2.14 | 0x525f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:23.771178961 CET | 1.0.0.1 | 192.168.2.14 | 0x525f | Name error (3) | none | none | 16 | IN (0x0001) | false | |
Mar 14, 2025 01:55:24.790051937 CET | 8.8.4.4 | 192.168.2.14 | 0x525f | Name error (3) | none | none | 16 | IN (0x0001) | false |
System Behavior
Start time (UTC): | 00:53:20 |
Start date (UTC): | 14/03/2025 |
Path: | /tmp/sync.superh.elf |
Arguments: | /tmp/sync.superh.elf |
File size: | 4139976 bytes |
MD5 hash: | 8943e5f8f8c280467b4472c15ae93ba9 |
Start time (UTC): | 00:53:20 |
Start date (UTC): | 14/03/2025 |
Path: | /tmp/sync.superh.elf |
Arguments: | - |
File size: | 4139976 bytes |
MD5 hash: | 8943e5f8f8c280467b4472c15ae93ba9 |
Start time (UTC): | 00:53:20 |
Start date (UTC): | 14/03/2025 |
Path: | /tmp/sync.superh.elf |
Arguments: | - |
File size: | 4139976 bytes |
MD5 hash: | 8943e5f8f8c280467b4472c15ae93ba9 |