Windows
Analysis Report
ORDER 517-2025.xla.xlsx
Overview
General Information
Detection
Score: | 48 |
Range: | 0 - 100 |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
EXCEL.EXE (PID: 6192 cmdline:
"C:\Progra m Files (x 86)\Micros oft Office \Root\Offi ce16\EXCEL .EXE" /aut omation -E mbedding MD5: 4A871771235598812032C822E6F68F19) splwow64.exe (PID: 6724 cmdline:
C:\Windows \splwow64. exe 12288 MD5: 77DE7761B037061C7C112FD3C5B91E73)
EXCEL.EXE (PID: 5736 cmdline:
"C:\Progra m Files (x 86)\Micros oft Office \Root\Offi ce16\EXCEL .EXE" "C:\ Users\user \Desktop\O RDER 517-2 025.xla.xl sx" MD5: 4A871771235598812032C822E6F68F19)
- cleanup
Source: | Author: Christopher Peacock '@securepeacock', SCYTHE '@scythe_io', Florian Roth '@Neo23x0", Tim Shelton: |
Source: | Author: X__Junior (Nextron Systems): |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-03-26T14:08:56.593919+0100 | 2028371 | 3 | Unknown Traffic | 192.168.2.12 | 49759 | 13.107.246.40 | 443 | TCP |
2025-03-26T14:09:04.312411+0100 | 2028371 | 3 | Unknown Traffic | 192.168.2.12 | 49760 | 13.107.246.40 | 443 | TCP |
2025-03-26T14:09:04.327093+0100 | 2028371 | 3 | Unknown Traffic | 192.168.2.12 | 49761 | 13.107.246.40 | 443 | TCP |
- • AV Detection
- • Compliance
- • Software Vulnerabilities
- • Networking
- • System Summary
- • Hooking and other Techniques for Hiding and Protection
- • Malware Analysis System Evasion
Click to jump to signature section
AV Detection |
---|
Source: | Virustotal: | Perma Link |
Source: | File opened: | Jump to behavior |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | DNS query: | ||
Source: | DNS query: | ||
Source: | DNS query: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | IP Address: | ||
Source: | IP Address: | ||
Source: | IP Address: |
Source: | JA3 fingerprint: | ||
Source: | JA3 fingerprint: |
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | OLE indicator, VBA macros: |
Source: | Stream path 'MBD00EB272B/\x1Ole' : |
Source: | Window title found: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | OLE indicator, Workbook stream: |
Source: | File read: | Jump to behavior |
Source: | Virustotal: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Window detected: |
Source: | Key opened: | Jump to behavior |
Source: | Static file information: |
Source: | File opened: | Jump to behavior |
Source: | Initial sample: |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Source: | Stream path 'MBD00EB272A/Package' entropy: | ||
Source: | Stream path 'Workbook' entropy: |
Source: | Window / User API: | Jump to behavior |
Source: | Last function: | ||
Source: | Last function: |
Source: | Thread delayed: | Jump to behavior | ||
Source: | Thread delayed: | Jump to behavior |
Source: | Process information queried: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | 3 Exploitation for Client Execution | 1 Scripting | 1 Process Injection | 2 Masquerading | OS Credential Dumping | 1 Process Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Virtualization/Sandbox Evasion | LSASS Memory | 1 Virtualization/Sandbox Evasion | Remote Desktop Protocol | Data from Removable Media | 3 Ingress Tool Transfer | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 Process Injection | Security Account Manager | 1 Application Window Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 Obfuscated Files or Information | NTDS | 1 File and Directory Discovery | Distributed Component Object Model | Input Capture | 14 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | Software Packing | LSA Secrets | 1 System Information Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
22% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Avira URL Cloud | safe | ||
0% | Avira URL Cloud | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
s-part-0010.t-0009.t-msedge.net | 13.107.246.38 | true | false | high | |
s-part-0012.t-0009.t-msedge.net | 13.107.246.40 | true | false | high | |
agr.my | 147.79.86.93 | true | false | high | |
s-0005.dual-s-msedge.net | 52.123.128.14 | true | false | high | |
otelrules.svc.static.microsoft | unknown | unknown | false | high |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | high | ||
false |
| unknown | |
false |
| unknown | |
false | high | ||
false | high |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
147.79.86.93 | agr.my | United States | 208485 | EKSENBILISIMTR | false | |
13.107.246.40 | s-part-0012.t-0009.t-msedge.net | United States | 8068 | MICROSOFT-CORP-MSN-AS-BLOCKUS | false |
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1649092 |
Start date and time: | 2025-03-26 14:05:52 +01:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 55s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultwindowsofficecookbook.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 134, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 11 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | ORDER 517-2025.xla.xlsx |
Detection: | MAL |
Classification: | mal48.winXLSX@4/4@3/2 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis
(whitelisted): MpCmdRun.exe, d llhost.exe, sppsvc.exe, WMIADA P.exe, conhost.exe, svchost.ex e - Excluded IPs from analysis (wh
itelisted): 52.109.32.97, 52.1 09.8.36, 184.31.69.3, 20.42.65 .90, 20.42.73.26, 52.149.20.21 2, 52.123.128.14, 40.126.24.82 - Excluded domains from analysis
(whitelisted): slscr.update.m icrosoft.com, onedscolprdeus14 .eastus.cloudapp.azure.com, fs -wildcard.microsoft.com.edgeke y.net, fs-wildcard.microsoft.c om.edgekey.net.globalredir.aka dns.net, e16604.dscf.akamaiedg e.net, mobile.events.data.micr osoft.com, roaming.officeapps. live.com, osiprod-cus-buff-azs c-000.centralus.cloudapp.azure .com, dual-s-0005-office.confi g.skype.com, login.live.com, o nedscolprdeus09.eastus.cloudap p.azure.com, officeclient.micr osoft.com, ukw-azsc-config.off iceapps.live.com, prod.fs.micr osoft.com.akadns.net, c.pki.go og, ecs.office.com, self-event s-data.trafficmanager.net, fs. microsoft.com, prod.configsvc1 .live.com.akadns.net, self.eve nts.data.microsoft.com, ctldl. windowsupdate.com, prod.roamin g1.live.com.akadns.net, cus-az sc-000.roaming.officeapps.live .com, fe3cr.delivery.mp.micros oft.com, us1.roaming1.live.com .akadns.net, config.officeapps .live.com, ecs.office.trafficm anager.net, europe.configsvc1. live.com.akadns.net, mobile.ev ents.data.trafficmanager.net - Not all processes where analyz
ed, report is missing behavior information - Report size getting too big, t
oo many NtCreateKey calls foun d. - Report size getting too big, t
oo many NtQueryAttributesFile calls found. - Report size getting too big, t
oo many NtQueryValueKey calls found. - Report size getting too big, t
oo many NtReadVirtualMemory ca lls found. - Some HTTPS proxied raw data pa
ckets have been limited to 10 per session. Please view the P CAPs for the complete data.
Time | Type | Description |
---|---|---|
09:08:50 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
147.79.86.93 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
13.107.246.40 | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
s-0005.dual-s-msedge.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Gabagool | Browse |
| ||
s-part-0010.t-0009.t-msedge.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | AsyncRAT, PureLog Stealer, XWorm | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher, Invisible JS, Tycoon2FA | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
agr.my | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
s-part-0012.t-0009.t-msedge.net | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
EKSENBILISIMTR | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
MICROSOFT-CORP-MSN-AS-BLOCKUS | Get hash | malicious | Invisible JS, Tycoon2FA | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
6271f898ce5be7dd52b0fc260d0662b3 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
a0e9f5d64349fb13191bc781f81f42e1 | Get hash | malicious | LummaC Stealer | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 118 |
Entropy (8bit): | 3.5700810731231707 |
Encrypted: | false |
SSDEEP: | 3:QaklTlAlXMLLmHlIlFLlmIK/5lTn84vlJlhlXlDHlA6l3l6Als:QFulcLk04/5p8GVz6QRq |
MD5: | 573220372DA4ED487441611079B623CD |
SHA1: | 8F9D967AC6EF34640F1F0845214FBC6994C0CB80 |
SHA-256: | BE84B842025E4241BFE0C9F7B8F86A322E4396D893EF87EA1E29C74F47B6A22D |
SHA-512: | F19FA3583668C3AF92A9CEF7010BD6ECEC7285F9C8665F2E9528DBA606F105D9AF9B1DB0CF6E7F77EF2E395943DC0D5CB37149E773319078688979E4024F9DD7 |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 784 |
Entropy (8bit): | 2.7137690747287806 |
Encrypted: | false |
SSDEEP: | 12:YIrxA3rOpKmA4RP7EcJBSiGl6s8ACn2QYKrn2GpQPZRprw+25WHWspMSp:YIrcSpKmNRwcfHGF8A8iWxKZR++2IHWI |
MD5: | 96F26AC9D00AF170C209932485A93F1B |
SHA1: | E103D165A1E529CA08D98391E050175C4492BB92 |
SHA-256: | A370505E61C2FB7827705A4875890DBB0DB3A232514AA75FE99E5A637602D230 |
SHA-512: | FF680B0C42CC7918DB73ED715841F9AC1DAB27EF10E44101A3ED63A61A03725CF86F02D06A39BB0BA7C4F5EF5635EAB4D0B60F2A1538781D7A94112C9AF2674E |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 512 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:: |
MD5: | BF619EAC0CDF3F68D496EA9344137E8B |
SHA1: | 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5 |
SHA-256: | 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560 |
SHA-512: | DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE |
Malicious: | false |
Reputation: | high, very likely benign file |
Preview: |
Process: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 165 |
Entropy (8bit): | 1.4377382811115937 |
Encrypted: | false |
SSDEEP: | 3:BJbFFFjpQl2fV:/bFFFNQlS |
MD5: | 037948E5945313159DC8146EB7973386 |
SHA1: | 4CEF8EE5AF61A21ADB398F6C296F48242158A1AA |
SHA-256: | E63CBDD61699DD98D41777B269B57916B6E67F51E457D71BF62E8BD56D1362E4 |
SHA-512: | E2D94EEDAD02B0D8B478DA100F753608C6A3A49E37FB53E11815CEA7806DF045DF96D5C53E41A4AD9B772A63FDF180FFEB2F49078334AB3C267FAC26E3B21F01 |
Malicious: | true |
Preview: |
File type: | |
Entropy (8bit): | 7.9729841023173265 |
TrID: |
|
File name: | ORDER 517-2025.xla.xlsx |
File size: | 1'247'744 bytes |
MD5: | 307073b336245bffd54f68919948a0aa |
SHA1: | eb2877643dfacc68c121e9588ff2774e6e7a80f0 |
SHA256: | 13107d3ff9000f73a501043bb4cdca50408dacb5c0cfcd3c1a0b3e9cdd455c43 |
SHA512: | 351494bea7f8af1a5902a858f496efa4a1ac5b755252485e1604ed1439787d4bc2fb599d6632c5d666bc20a3cda0dde26021eb648d963b0de6241616354d3926 |
SSDEEP: | 24576:tv2A6lUE6UzfYti5u0s38xN4XZs4z84W9Gtyct8mDubxhz6u2+wTQw:h2AIUE6KfYtGo38xuX+2WUtyct5D6dPL |
TLSH: | C0452359B9989F17D5CDD97C1CC28BF7022C6D01B683D5AB2B50B31DBAB87A012C60BD |
File Content Preview: | ........................>...................................B...................................................................E.......g.......i.............................................................................................................. |
Icon Hash: | 35e58a8c0c8a85b9 |
Document Type: | OLE |
Number of OLE Files: | 1 |
Has Summary Info: | |
Application Name: | Microsoft Excel |
Encrypted Document: | True |
Contains Word Document Stream: | False |
Contains Workbook/Book Stream: | True |
Contains PowerPoint Document Stream: | False |
Contains Visio Document Stream: | False |
Contains ObjectPool Stream: | False |
Flash Objects Count: | 0 |
Contains VBA Macros: | True |
Code Page: | 1252 |
Author: | |
Last Saved By: | |
Create Time: | 2006-09-16 00:00:00 |
Last Saved Time: | 2025-03-26 06:26:02 |
Creating Application: | |
Security: | 1 |
Document Code Page: | 1252 |
Thumbnail Scaling Desired: | False |
Contains Dirty Links: | False |
Shared Document: | False |
Changed Hyperlinks: | False |
Application Version: | 786432 |
General | |
Stream Path: | _VBA_PROJECT_CUR/VBA/Sheet1 |
VBA File Name: | Sheet1.cls |
Stream Size: | 977 |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 z f . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . ( . . . . . S L . . . . S . . . . . S . . . . . < . . . . . . . . . . N . 0 . { . 0 . 0 . 0 . 2 . 0 . 8 . 2 . 0 . - |
Data Raw: | 01 16 01 00 00 f0 00 00 00 c4 02 00 00 d4 00 00 00 00 02 00 00 ff ff ff ff cb 02 00 00 1f 03 00 00 00 00 00 00 01 00 00 00 31 7a 66 85 00 00 ff ff 23 01 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
|
General | |
Stream Path: | _VBA_PROJECT_CUR/VBA/Sheet2 |
VBA File Name: | Sheet2.cls |
Stream Size: | 977 |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 z . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . ( . . . . . S L . . . . S . . . . . S . . . . . < . . . . . . . . . . N . 0 . { . 0 . 0 . 0 . 2 . 0 . 8 . 2 . 0 . - . |
Data Raw: | 01 16 01 00 00 f0 00 00 00 c4 02 00 00 d4 00 00 00 00 02 00 00 ff ff ff ff cb 02 00 00 1f 03 00 00 00 00 00 00 01 00 00 00 31 7a b5 dc 00 00 ff ff 23 01 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
|
General | |
Stream Path: | _VBA_PROJECT_CUR/VBA/Sheet3 |
VBA File Name: | Sheet3.cls |
Stream Size: | 977 |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 z < . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . ( . . . . . S L . . . . S . . . . . S . . . . . < . . . . . . . . . . N . 0 . { . 0 . 0 . 0 . 2 . 0 . 8 . 2 . 0 . - |
Data Raw: | 01 16 01 00 00 f0 00 00 00 c4 02 00 00 d4 00 00 00 00 02 00 00 ff ff ff ff cb 02 00 00 1f 03 00 00 00 00 00 00 01 00 00 00 31 7a c6 3c 00 00 ff ff 23 01 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
|
General | |
Stream Path: | _VBA_PROJECT_CUR/VBA/ThisWorkbook |
VBA File Name: | ThisWorkbook.cls |
Stream Size: | 985 |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 z . . . . # . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M E . . . . . . . . . . . . . . . . . . . . . . . ( . . . . . S L . . . . S . . . . . S . . . . . < . . . . . . . . . . N . 0 . { . 0 . 0 . 0 . 2 . 0 . 8 . 1 . 9 . |
Data Raw: | 01 16 01 00 00 f0 00 00 00 c4 02 00 00 d4 00 00 00 00 02 00 00 ff ff ff ff cb 02 00 00 1f 03 00 00 00 00 00 00 01 00 00 00 31 7a 0f 0f 00 00 ff ff 23 01 00 00 88 00 00 00 b6 00 ff ff 01 01 00 00 00 00 ff ff ff ff 00 00 00 00 ff ff ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
|
General | |
Stream Path: | \x1CompObj |
CLSID: | |
File Type: | data |
Stream Size: | 114 |
Entropy: | 4.25248375192737 |
Base64 Encoded: | True |
Data ASCII: | . . . . . . . . . . . . . . . . . . . F & . . . M i c r o s o f t O f f i c e E x c e l 2 0 0 3 W o r k s h e e t . . . . . B i f f 8 . . . . . E x c e l . S h e e t . 8 . 9 q . . . . . . . . . . . . |
Data Raw: | 01 00 fe ff 03 0a 00 00 ff ff ff ff 20 08 02 00 00 00 00 00 c0 00 00 00 00 00 00 46 26 00 00 00 4d 69 63 72 6f 73 6f 66 74 20 4f 66 66 69 63 65 20 45 78 63 65 6c 20 32 30 30 33 20 57 6f 72 6b 73 68 65 65 74 00 06 00 00 00 42 69 66 66 38 00 0e 00 00 00 45 78 63 65 6c 2e 53 68 65 65 74 2e 38 00 f4 39 b2 71 00 00 00 00 00 00 00 00 00 00 00 00 |
General | |
Stream Path: | \x5DocumentSummaryInformation |
CLSID: | |
File Type: | data |
Stream Size: | 244 |
Entropy: | 2.889430592781307 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + , 0 . . . . . . . . . . . . . . H . . . . . . . P . . . . . . . X . . . . . . . ` . . . . . . . h . . . . . . . p . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . S h e e t 1 . . . . . S h e e t 2 . . . . . S h e e t 3 . . . . . . . . . . . . . . . . . W o r k s h e e t s . . . . . . . . . |
Data Raw: | fe ff 00 00 06 02 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 d5 cd d5 9c 2e 1b 10 93 97 08 00 2b 2c f9 ae 30 00 00 00 c4 00 00 00 08 00 00 00 01 00 00 00 48 00 00 00 17 00 00 00 50 00 00 00 0b 00 00 00 58 00 00 00 10 00 00 00 60 00 00 00 13 00 00 00 68 00 00 00 16 00 00 00 70 00 00 00 0d 00 00 00 78 00 00 00 0c 00 00 00 a1 00 00 00 02 00 00 00 e4 04 00 00 |
General | |
Stream Path: | \x5SummaryInformation |
CLSID: | |
File Type: | data |
Stream Size: | 200 |
Entropy: | 3.226575879994164 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . O h . . . + ' 0 . . . . . . . . . . . . . . @ . . . . . . . H . . . . . . . T . . . . . . . ` . . . . . . . x . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . M i c r o s o f t E x c e l . @ . . . . | . # . @ . . . . . . . . . . . . . . . |
Data Raw: | fe ff 00 00 06 02 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 e0 85 9f f2 f9 4f 68 10 ab 91 08 00 2b 27 b3 d9 30 00 00 00 98 00 00 00 07 00 00 00 01 00 00 00 40 00 00 00 04 00 00 00 48 00 00 00 08 00 00 00 54 00 00 00 12 00 00 00 60 00 00 00 0c 00 00 00 78 00 00 00 0d 00 00 00 84 00 00 00 13 00 00 00 90 00 00 00 02 00 00 00 e4 04 00 00 1e 00 00 00 04 00 00 00 |
General | |
Stream Path: | MBD00EB272A/\x1CompObj |
CLSID: | |
File Type: | data |
Stream Size: | 99 |
Entropy: | 3.631242196770981 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . ! . . . M i c r o s o f t O f f i c e E x c e l W o r k s h e e t . . . . . E x c e l M L 1 2 . . . . . 9 q . . . . . . . . . . . . |
Data Raw: | 01 00 fe ff 03 0a 00 00 ff ff ff ff 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 21 00 00 00 4d 69 63 72 6f 73 6f 66 74 20 4f 66 66 69 63 65 20 45 78 63 65 6c 20 57 6f 72 6b 73 68 65 65 74 00 0a 00 00 00 45 78 63 65 6c 4d 4c 31 32 00 00 00 00 00 f4 39 b2 71 00 00 00 00 00 00 00 00 00 00 00 00 |
General | |
Stream Path: | MBD00EB272A/Package |
CLSID: | |
File Type: | Microsoft Excel 2007+ |
Stream Size: | 812455 |
Entropy: | 7.972532718200243 |
Base64 Encoded: | True |
Data ASCII: | P K . . . . . . . . . . ! . . B . . . . . . . . . [ C o n t e n t _ T y p e s ] . x m l . ( . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | 50 4b 03 04 14 00 06 00 08 00 00 00 21 00 03 94 9d 42 d0 01 00 00 d2 07 00 00 13 00 ce 01 5b 43 6f 6e 74 65 6e 74 5f 54 79 70 65 73 5d 2e 78 6d 6c 20 a2 ca 01 28 a0 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
General | |
Stream Path: | MBD00EB272B/\x1Ole |
CLSID: | |
File Type: | data |
Stream Size: | 818 |
Entropy: | 5.621553867169569 |
Base64 Encoded: | False |
Data ASCII: | . . . . Z . D . . . . . . . . . . . . . . . . y . . . K . . . . . h . t . t . p . s . : . / . / . a . g . r . . . m . y . / . k . V . T . C . H . C . ? . & . t . h . a . n . k . s . . . l \\ % i 7 L . . 2 0 , G & K R . m s ` R a . . . H . D . . . . d % . < = . . & . } B Y B . ; ` ` I . a 2 . . / N . . y K 8 : I - * . % y H . _ 9 > ^ - } % . P ` . ' ? [ . W . p u . o . \\ . < h B o A # O . A ~ 5 . < [ C . O ` ~ . 6 a 0 < . . . . . . . . . . . . . . . . . . . C . L . 4 . 9 . F . y . T . K . p . D . U . m . q . |
Data Raw: | 01 00 00 02 8d e8 bb 5a b3 bc 1a 44 00 00 00 00 00 00 00 00 00 00 00 00 1e 01 00 00 e0 c9 ea 79 f9 ba ce 11 8c 82 00 aa 00 4b a9 0b 1a 01 00 00 68 00 74 00 74 00 70 00 73 00 3a 00 2f 00 2f 00 61 00 67 00 72 00 2e 00 6d 00 79 00 2f 00 6b 00 56 00 54 00 43 00 48 00 43 00 3f 00 26 00 74 00 68 00 61 00 6e 00 6b 00 73 00 00 00 fa 6c 5c 25 f4 69 f7 92 37 ec 4c 07 b7 db 9a 32 8b f0 e3 ac |
General | |
Stream Path: | Workbook |
CLSID: | |
File Type: | Applesoft BASIC program data, first line number 16 |
Stream Size: | 410625 |
Entropy: | 7.998983668897979 |
Base64 Encoded: | True |
Data ASCII: | . . . . . . . . . . . . . . . . . / . 6 . . . . . . . * m j 4 u ( O X D b . . v ~ F . . J . . g 0 5 . . . . . . . . . . . . . . \\ . p . x ! p * . - . n | \\ y . . . ' . & b . x o _ i . k { A | e ] . . h . Y . . . | . G . 6 = C . . W . G . s ^ 5 . ? . < i . . B . . . { a . . . 5 . . . . = . . . 3 b . k O . . . Q , Q z . + . . . . l . . . . . . . . . h . . . . . . . c . . . c = . . . . M ~ . L J * $ V p @ . . . . . . . " . . . y , . . . . & . . . . . . . 1 . . . . 9 . > D O o ^ r 0 . . . . x z p . M 1 . . . q |
Data Raw: | 09 08 10 00 00 06 05 00 ab 1f cd 07 c1 00 01 00 06 04 00 00 2f 00 36 00 01 00 01 00 01 00 2a 6d d5 6a e0 34 75 28 df 4f 58 44 ed 62 d5 af 1d 8f a3 76 7e 46 e8 c0 ee b0 00 eb e6 0d 9d 4a fa 1f 0e 67 30 35 87 fe 9e ef fa 05 b6 cd c7 fb 87 00 00 00 e1 00 02 00 b0 04 c1 00 02 00 f4 ce e2 00 00 00 5c 00 70 00 ae c3 78 21 70 2a 16 b1 2d cc f6 c8 1b 9e 6e 8b 7c 5c a9 79 02 97 e1 06 1b f6 |
General | |
Stream Path: | _VBA_PROJECT_CUR/PROJECT |
CLSID: | |
File Type: | ASCII text, with CRLF line terminators |
Stream Size: | 527 |
Entropy: | 5.277318566589271 |
Base64 Encoded: | True |
Data ASCII: | I D = " { 0 1 7 1 1 C 5 2 - E 6 E 5 - 4 9 F C - 8 3 A E - D E 4 A 9 E B D 1 D F 7 } " . . D o c u m e n t = T h i s W o r k b o o k / & H 0 0 0 0 0 0 0 0 . . D o c u m e n t = S h e e t 1 / & H 0 0 0 0 0 0 0 0 . . D o c u m e n t = S h e e t 2 / & H 0 0 0 0 0 0 0 0 . . D o c u m e n t = S h e e t 3 / & H 0 0 0 0 0 0 0 0 . . N a m e = " V B A P r o j e c t " . . H e l p C o n t e x t I D = " 0 " . . V e r s i o n C o m p a t i b l e 3 2 = " 3 9 3 2 2 2 0 0 0 " . . C M G = " F 8 F A D 8 1 E D C 1 E D C 1 E D |
Data Raw: | 49 44 3d 22 7b 30 31 37 31 31 43 35 32 2d 45 36 45 35 2d 34 39 46 43 2d 38 33 41 45 2d 44 45 34 41 39 45 42 44 31 44 46 37 7d 22 0d 0a 44 6f 63 75 6d 65 6e 74 3d 54 68 69 73 57 6f 72 6b 62 6f 6f 6b 2f 26 48 30 30 30 30 30 30 30 30 0d 0a 44 6f 63 75 6d 65 6e 74 3d 53 68 65 65 74 31 2f 26 48 30 30 30 30 30 30 30 30 0d 0a 44 6f 63 75 6d 65 6e 74 3d 53 68 65 65 74 32 2f 26 48 30 30 30 |
General | |
Stream Path: | _VBA_PROJECT_CUR/PROJECTwm |
CLSID: | |
File Type: | data |
Stream Size: | 104 |
Entropy: | 3.0488640812019017 |
Base64 Encoded: | False |
Data ASCII: | T h i s W o r k b o o k . T . h . i . s . W . o . r . k . b . o . o . k . . . S h e e t 1 . S . h . e . e . t . 1 . . . S h e e t 2 . S . h . e . e . t . 2 . . . S h e e t 3 . S . h . e . e . t . 3 . . . . . |
Data Raw: | 54 68 69 73 57 6f 72 6b 62 6f 6f 6b 00 54 00 68 00 69 00 73 00 57 00 6f 00 72 00 6b 00 62 00 6f 00 6f 00 6b 00 00 00 53 68 65 65 74 31 00 53 00 68 00 65 00 65 00 74 00 31 00 00 00 53 68 65 65 74 32 00 53 00 68 00 65 00 65 00 74 00 32 00 00 00 53 68 65 65 74 33 00 53 00 68 00 65 00 65 00 74 00 33 00 00 00 00 00 |
General | |
Stream Path: | _VBA_PROJECT_CUR/VBA/_VBA_PROJECT |
CLSID: | |
File Type: | data |
Stream Size: | 2644 |
Entropy: | 3.9905096282794155 |
Base64 Encoded: | False |
Data ASCII: | a . . . . . @ . . . . . . . . . . . . . . . . . . . . . . . . * . \\ . G . { . 0 . 0 . 0 . 2 . 0 . 4 . E . F . - . 0 . 0 . 0 . 0 . - . 0 . 0 . 0 . 0 . - . C . 0 . 0 . 0 . - . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 0 . 4 . 6 . } . # . 4 . . . 0 . # . 9 . # . C . : . \\ . P . R . O . G . R . A . ~ . 2 . \\ . C . O . M . M . O . N . ~ . 1 . \\ . M . I . C . R . O . S . ~ . 1 . \\ . V . B . A . \\ . V . B . A . 6 . \\ . V . B . E . 6 . . . D . L . L . # . V . i . s . u . a . l . . B . a . s . i . c . . F . o . r . |
Data Raw: | cc 61 88 00 00 01 00 ff 09 40 00 00 09 04 00 00 e4 04 01 00 00 00 00 00 00 00 00 00 01 00 04 00 02 00 fa 00 2a 00 5c 00 47 00 7b 00 30 00 30 00 30 00 32 00 30 00 34 00 45 00 46 00 2d 00 30 00 30 00 30 00 30 00 2d 00 30 00 30 00 30 00 30 00 2d 00 43 00 30 00 30 00 30 00 2d 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 30 00 34 00 36 00 7d 00 23 00 34 00 2e 00 30 00 23 00 |
General | |
Stream Path: | _VBA_PROJECT_CUR/VBA/dir |
CLSID: | |
File Type: | data |
Stream Size: | 553 |
Entropy: | 6.372676054338537 |
Base64 Encoded: | True |
Data ASCII: | . % . . . . . . . . 0 * . . . . p . . H . . . . d . . . . . . . V B A P r o j e c t . . 4 . . @ . . j . . . = . . . . r . . . . . . . . . 5 , i . . . . J < . . . . . r s t d o l e > . . . s . t . d . o . l . e . . . h . % . ^ . . * \\ G { 0 0 0 2 0 4 3 0 - . . . . . C . . . . . . 0 0 4 . 6 } # 2 . 0 # 0 . # C : \\ W i n d . o w s \\ S y s W O W 6 4 \\ . e 2 . . t l b # O L E . A u t o m a t i . o n . ` . . E O f f D i c E O . f . i . c E . . E . 2 D F 8 D 0 4 C . - 5 B F A - 1 0 1 B - B D E 5 E A A C 4 . 2 |
Data Raw: | 01 25 b2 80 01 00 04 00 00 00 01 00 30 2a 02 02 90 09 00 70 14 06 48 03 00 82 02 00 64 e4 04 04 00 0a 00 1c 00 56 42 41 50 72 6f 6a 65 88 63 74 05 00 34 00 00 40 02 14 6a 06 02 0a 3d 02 0a 07 02 72 01 14 08 05 06 12 09 02 12 35 2c fb 69 0d 94 00 0c 02 4a 3c 02 0a 16 00 01 72 80 73 74 64 6f 6c 65 3e 02 19 00 73 00 74 00 64 00 6f 00 80 6c 00 65 00 0d 00 68 00 25 02 5e 00 03 2a 5c 47 |
Download Network PCAP: filtered – full
Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
---|---|---|---|---|---|---|---|---|
2025-03-26T14:08:56.593919+0100 | 2028371 | ET JA3 Hash - Possible Malware - Fake Firefox Font Update | 3 | 192.168.2.12 | 49759 | 13.107.246.40 | 443 | TCP |
2025-03-26T14:09:04.312411+0100 | 2028371 | ET JA3 Hash - Possible Malware - Fake Firefox Font Update | 3 | 192.168.2.12 | 49760 | 13.107.246.40 | 443 | TCP |
2025-03-26T14:09:04.327093+0100 | 2028371 | ET JA3 Hash - Possible Malware - Fake Firefox Font Update | 3 | 192.168.2.12 | 49761 | 13.107.246.40 | 443 | TCP |
- Total Packets: 233
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 26, 2025 14:08:41.321743011 CET | 49757 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:41.321804047 CET | 443 | 49757 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:41.321881056 CET | 49757 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:41.322211027 CET | 49757 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:41.322225094 CET | 443 | 49757 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:41.775887966 CET | 443 | 49757 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:41.776057005 CET | 49757 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:41.780563116 CET | 49757 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:41.780613899 CET | 443 | 49757 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:41.780972958 CET | 443 | 49757 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:41.781047106 CET | 49757 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:41.781527042 CET | 49757 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:41.824273109 CET | 443 | 49757 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:42.244370937 CET | 443 | 49757 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:42.244472027 CET | 443 | 49757 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:42.244501114 CET | 49757 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:42.244537115 CET | 49757 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:42.250432014 CET | 49757 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:42.250452042 CET | 443 | 49757 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:42.254797935 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:42.254823923 CET | 443 | 49758 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:42.254893064 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:42.255139112 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:42.255147934 CET | 443 | 49758 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:42.696952105 CET | 443 | 49758 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:42.697246075 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:42.702869892 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:42.702887058 CET | 443 | 49758 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:42.703327894 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:42.703335047 CET | 443 | 49758 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:43.172992945 CET | 443 | 49758 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:43.173085928 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:43.173360109 CET | 443 | 49758 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:43.173418045 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:43.173770905 CET | 443 | 49758 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:43.173820019 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:43.173827887 CET | 443 | 49758 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:43.173862934 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:43.173867941 CET | 443 | 49758 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:43.173897028 CET | 443 | 49758 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:43.173903942 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:43.173934937 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:43.175008059 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:43.175020933 CET | 443 | 49758 | 147.79.86.93 | 192.168.2.12 |
Mar 26, 2025 14:08:43.175031900 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:43.175062895 CET | 49758 | 443 | 192.168.2.12 | 147.79.86.93 |
Mar 26, 2025 14:08:56.309520960 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:56.309551954 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.310190916 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:56.310627937 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:56.310641050 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.593838930 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.593919039 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:56.595313072 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:56.595328093 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.595591068 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.596940994 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:56.640269041 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.892405987 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.892432928 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.892494917 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.892508984 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:56.892537117 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.892558098 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:56.892584085 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:56.921533108 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.921555996 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.921603918 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:56.921618938 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.921648026 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:56.921660900 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:56.991276026 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.991303921 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.991439104 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:56.991455078 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:56.991631985 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.008390903 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.008419037 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.008480072 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.008502960 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.008553028 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.008553028 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.035748959 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.035768032 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.036278963 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.036297083 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.036910057 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.094863892 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.094891071 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.094990015 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.094990015 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.095005989 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.095159054 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.123769999 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.123800993 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.123898983 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.123898983 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.123919010 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.124150038 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.150572062 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.150603056 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.150742054 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.150742054 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.150753021 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.150840998 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.191656113 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.191684008 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.191773891 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.191786051 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.192003965 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.192004919 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.221643925 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.221676111 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.223136902 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.223138094 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.223150015 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.224145889 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.245114088 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.245151997 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.245218992 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.245235920 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.245254993 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.246164083 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.287853956 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.287888050 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.287961006 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.287990093 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.288016081 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.288297892 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.314629078 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.314661980 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.314719915 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.314749002 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.314766884 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.318684101 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.342367887 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.342403889 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.342538118 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.342538118 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.342556000 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.342813015 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.371337891 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.371367931 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.371695042 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.371722937 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.371803999 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.401597023 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.401623964 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.401746035 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.401746035 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.401761055 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.402348995 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.429095984 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.429131031 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.429331064 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.429332018 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.429362059 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.429461002 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.454108953 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.454144001 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.454225063 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.454245090 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.454276085 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.454339027 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.487746000 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.487780094 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.487973928 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.488007069 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.488276005 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.508110046 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.508142948 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.508212090 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.508227110 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.508349895 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.508553028 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.536398888 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.536429882 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.536644936 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.536644936 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.536662102 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.536715984 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.564805031 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.564838886 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.564960003 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.564960003 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.564974070 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.565135956 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.591130018 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.591156006 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.591298103 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.591311932 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.591645956 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.614146948 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.614177942 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.614403009 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.614403963 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.614423037 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.614767075 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.636616945 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.636646032 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.636710882 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.636727095 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.636759043 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.636776924 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.664283037 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.664321899 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.664479971 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.664479971 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.664511919 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.664864063 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.689043045 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.689088106 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.689178944 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.689193964 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.689207077 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.689444065 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.710683107 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.710717916 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.711186886 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.711186886 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.711215973 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.711277008 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.735239029 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.735271931 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.735389948 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.735419989 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.735461950 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.735496998 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.757194042 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.757227898 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.758028984 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.758028984 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.758058071 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.758399010 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.780679941 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.780710936 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.780821085 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.780821085 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.780853033 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.780992985 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.806862116 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.806895018 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.807099104 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.807099104 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.807116032 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.807233095 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.819307089 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.819346905 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.819555044 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.819571972 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.819873095 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.851680040 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.851716995 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.852281094 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.852319956 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.852662086 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.982247114 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.982278109 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.982342005 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.982388973 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.982397079 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.982418060 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.982434034 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.982443094 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.982522011 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.982522011 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:57.982522964 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.982537031 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.982547998 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:57.982664108 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.008884907 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.008919954 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.009011984 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.009011984 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.009033918 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.009078979 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.032952070 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.032989025 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.033122063 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.033122063 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.033142090 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.033354044 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.061621904 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.061647892 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.061722994 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.061741114 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.061774015 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.061852932 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.100029945 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.100075006 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.100137949 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.100153923 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.100183964 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.100311995 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.129575968 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.129630089 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.129668951 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.129686117 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.129724979 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.129724979 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.166414022 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.166445971 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.166536093 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.166536093 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.166559935 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.166615009 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.180124998 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.180160046 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.180238008 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.180238008 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.180275917 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.180342913 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.220204115 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.220244884 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.220292091 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.220314026 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.220344067 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.220344067 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.256127119 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.256156921 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.256268024 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.256268024 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.256293058 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.256436110 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.279145002 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.279177904 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.279248953 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.279266119 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.279289961 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.279304981 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.306889057 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.306925058 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.306968927 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.306984901 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.307017088 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.307056904 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.330204010 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.330230951 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.330287933 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.330311060 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.330348015 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.330363035 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.362492085 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.362557888 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.362674952 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.362674952 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.362689018 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.366336107 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.386842966 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.386872053 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.386946917 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.386960983 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.386997938 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.386997938 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.414134026 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.414167881 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.414324999 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.414334059 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.414558887 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.446549892 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.446619034 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.446666002 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.446677923 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.446708918 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.446732998 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.470596075 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.470628023 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.470724106 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.470724106 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.470736027 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.470828056 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.491240978 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.491276026 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.491338015 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.491347075 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.491395950 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.491395950 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.519774914 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.519807100 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.519983053 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.519996881 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.520279884 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.552052021 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.552083969 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.552200079 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.552223921 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.552323103 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.571708918 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.571733952 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.571790934 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.571800947 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.571882963 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.600930929 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.600953102 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.601003885 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.601015091 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.601073027 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.633128881 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.633168936 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.633276939 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.633296013 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.633310080 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.633548021 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.657716990 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.657752991 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.657917976 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.657917976 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.657941103 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.658042908 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.674983025 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.675014019 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.675085068 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.675103903 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.675144911 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.675144911 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.706065893 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.706094980 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.706198931 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.706218004 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.706267118 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.706267118 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.736108065 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.736131907 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.736223936 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.736223936 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.736238956 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.736725092 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.762414932 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.762444973 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.762557983 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.762574911 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.762840986 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.786449909 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.786478043 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.786513090 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.786566973 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.786566973 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.786578894 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.786591053 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.786709070 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.786792994 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.786813974 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:08:58.786823034 CET | 49759 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:08:58.786828041 CET | 443 | 49759 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.024874926 CET | 49761 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.024924040 CET | 443 | 49761 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.024981022 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.024998903 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.025039911 CET | 49761 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.025280952 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.027806997 CET | 49761 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.027817965 CET | 443 | 49761 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.028040886 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.028050900 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.305918932 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.306071043 CET | 443 | 49761 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.312411070 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.312436104 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.326355934 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.326366901 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.327092886 CET | 49761 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.327119112 CET | 443 | 49761 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.347237110 CET | 49761 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.347265959 CET | 443 | 49761 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.488301992 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.488331079 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.488486052 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.488502979 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.488630056 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.488785028 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.488796949 CET | 443 | 49761 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.489346981 CET | 443 | 49761 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.492270947 CET | 49760 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.492290020 CET | 443 | 49760 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.492537975 CET | 49761 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.522165060 CET | 49761 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.522165060 CET | 49761 | 443 | 192.168.2.12 | 13.107.246.40 |
Mar 26, 2025 14:09:04.522208929 CET | 443 | 49761 | 13.107.246.40 | 192.168.2.12 |
Mar 26, 2025 14:09:04.522222042 CET | 443 | 49761 | 13.107.246.40 | 192.168.2.12 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Mar 26, 2025 14:07:28.201853991 CET | 56487 | 53 | 192.168.2.12 | 1.1.1.1 |
Mar 26, 2025 14:07:28.299495935 CET | 53 | 56487 | 1.1.1.1 | 192.168.2.12 |
Mar 26, 2025 14:08:41.207173109 CET | 53337 | 53 | 192.168.2.12 | 1.1.1.1 |
Mar 26, 2025 14:08:41.320658922 CET | 53 | 53337 | 1.1.1.1 | 192.168.2.12 |
Mar 26, 2025 14:08:56.188347101 CET | 64137 | 53 | 192.168.2.12 | 1.1.1.1 |
Mar 26, 2025 14:08:56.308496952 CET | 53 | 64137 | 1.1.1.1 | 192.168.2.12 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Mar 26, 2025 14:07:28.201853991 CET | 192.168.2.12 | 1.1.1.1 | 0x7e4e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 26, 2025 14:08:41.207173109 CET | 192.168.2.12 | 1.1.1.1 | 0xce95 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Mar 26, 2025 14:08:56.188347101 CET | 192.168.2.12 | 1.1.1.1 | 0xcea1 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Mar 26, 2025 14:07:28.299495935 CET | 1.1.1.1 | 192.168.2.12 | 0x7e4e | No error (0) | otelrules-bzhndjfje8dvh5fd.z01.azurefd.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 26, 2025 14:07:28.299495935 CET | 1.1.1.1 | 192.168.2.12 | 0x7e4e | No error (0) | star-azurefd-prod.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 26, 2025 14:07:28.299495935 CET | 1.1.1.1 | 192.168.2.12 | 0x7e4e | No error (0) | shed.dual-low.s-part-0010.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 26, 2025 14:07:28.299495935 CET | 1.1.1.1 | 192.168.2.12 | 0x7e4e | No error (0) | s-part-0010.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 26, 2025 14:07:28.299495935 CET | 1.1.1.1 | 192.168.2.12 | 0x7e4e | No error (0) | 13.107.246.38 | A (IP address) | IN (0x0001) | false | ||
Mar 26, 2025 14:07:52.019475937 CET | 1.1.1.1 | 192.168.2.12 | 0xc1e4 | No error (0) | s-0005.dual-s-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 26, 2025 14:07:52.019475937 CET | 1.1.1.1 | 192.168.2.12 | 0xc1e4 | No error (0) | 52.123.128.14 | A (IP address) | IN (0x0001) | false | ||
Mar 26, 2025 14:07:52.019475937 CET | 1.1.1.1 | 192.168.2.12 | 0xc1e4 | No error (0) | 52.123.129.14 | A (IP address) | IN (0x0001) | false | ||
Mar 26, 2025 14:08:41.320658922 CET | 1.1.1.1 | 192.168.2.12 | 0xce95 | No error (0) | 147.79.86.93 | A (IP address) | IN (0x0001) | false | ||
Mar 26, 2025 14:08:56.308496952 CET | 1.1.1.1 | 192.168.2.12 | 0xcea1 | No error (0) | otelrules-bzhndjfje8dvh5fd.z01.azurefd.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 26, 2025 14:08:56.308496952 CET | 1.1.1.1 | 192.168.2.12 | 0xcea1 | No error (0) | star-azurefd-prod.trafficmanager.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 26, 2025 14:08:56.308496952 CET | 1.1.1.1 | 192.168.2.12 | 0xcea1 | No error (0) | shed.dual-low.s-part-0012.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 26, 2025 14:08:56.308496952 CET | 1.1.1.1 | 192.168.2.12 | 0xcea1 | No error (0) | s-part-0012.t-0009.t-msedge.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Mar 26, 2025 14:08:56.308496952 CET | 1.1.1.1 | 192.168.2.12 | 0xcea1 | No error (0) | 13.107.246.40 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.12 | 49757 | 147.79.86.93 | 443 | 6192 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-03-26 13:08:41 UTC | 198 | OUT | |
2025-03-26 13:08:42 UTC | 397 | IN | |
2025-03-26 13:08:42 UTC | 38 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.12 | 49758 | 147.79.86.93 | 443 | 6192 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-03-26 13:08:42 UTC | 187 | OUT | |
2025-03-26 13:08:43 UTC | 454 | IN | |
2025-03-26 13:08:43 UTC | 2372 | IN | |
2025-03-26 13:08:43 UTC | 1724 | IN | |
2025-03-26 13:08:43 UTC | 557 | IN | |
2025-03-26 13:08:43 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.12 | 49759 | 13.107.246.40 | 443 | 6192 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-03-26 13:08:56 UTC | 226 | OUT | |
2025-03-26 13:08:56 UTC | 472 | IN | |
2025-03-26 13:08:56 UTC | 15912 | IN | |
2025-03-26 13:08:56 UTC | 16384 | IN | |
2025-03-26 13:08:56 UTC | 16384 | IN | |
2025-03-26 13:08:57 UTC | 16384 | IN | |
2025-03-26 13:08:57 UTC | 16384 | IN | |
2025-03-26 13:08:57 UTC | 16384 | IN | |
2025-03-26 13:08:57 UTC | 16384 | IN | |
2025-03-26 13:08:57 UTC | 16384 | IN | |
2025-03-26 13:08:57 UTC | 16384 | IN | |
2025-03-26 13:08:57 UTC | 16384 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.12 | 49760 | 13.107.246.40 | 443 | 6192 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-03-26 13:09:04 UTC | 214 | OUT | |
2025-03-26 13:09:04 UTC | 494 | IN | |
2025-03-26 13:09:04 UTC | 2128 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.12 | 49761 | 13.107.246.40 | 443 | 6192 | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2025-03-26 13:09:04 UTC | 214 | OUT | |
2025-03-26 13:09:04 UTC | 470 | IN | |
2025-03-26 13:09:04 UTC | 204 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 09:07:46 |
Start date: | 26/03/2025 |
Path: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0xee0000 |
File size: | 53'161'064 bytes |
MD5 hash: | 4A871771235598812032C822E6F68F19 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |
Target ID: | 6 |
Start time: | 09:08:50 |
Start date: | 26/03/2025 |
Path: | C:\Windows\splwow64.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff76ed70000 |
File size: | 163'840 bytes |
MD5 hash: | 77DE7761B037061C7C112FD3C5B91E73 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | false |
Target ID: | 9 |
Start time: | 09:09:00 |
Start date: | 26/03/2025 |
Path: | C:\Program Files (x86)\Microsoft Office\root\Office16\EXCEL.EXE |
Wow64 process (32bit): | true |
Commandline: | |
Imagebase: | 0xee0000 |
File size: | 53'161'064 bytes |
MD5 hash: | 4A871771235598812032C822E6F68F19 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Has exited: | true |
Call Graph
Graph
- Entrypoint
- Decryption Function
- Executed
- Not Executed
- Show Help
Module: Sheet1
Declaration
Line | Content |
---|---|
1 | Attribute VB_Name = "Sheet1" |
2 | Attribute VB_Base = "0{00020820-0000-0000-C000-000000000046}" |
3 | Attribute VB_GlobalNameSpace = False |
4 | Attribute VB_Creatable = False |
5 | Attribute VB_PredeclaredId = True |
6 | Attribute VB_Exposed = True |
7 | Attribute VB_TemplateDerived = False |
8 | Attribute VB_Customizable = True |
Module: Sheet2
Declaration
Line | Content |
---|---|
1 | Attribute VB_Name = "Sheet2" |
2 | Attribute VB_Base = "0{00020820-0000-0000-C000-000000000046}" |
3 | Attribute VB_GlobalNameSpace = False |
4 | Attribute VB_Creatable = False |
5 | Attribute VB_PredeclaredId = True |
6 | Attribute VB_Exposed = True |
7 | Attribute VB_TemplateDerived = False |
8 | Attribute VB_Customizable = True |
Module: Sheet3
Declaration
Line | Content |
---|---|
1 | Attribute VB_Name = "Sheet3" |
2 | Attribute VB_Base = "0{00020820-0000-0000-C000-000000000046}" |
3 | Attribute VB_GlobalNameSpace = False |
4 | Attribute VB_Creatable = False |
5 | Attribute VB_PredeclaredId = True |
6 | Attribute VB_Exposed = True |
7 | Attribute VB_TemplateDerived = False |
8 | Attribute VB_Customizable = True |
Module: ThisWorkbook
Declaration
Line | Content |
---|---|
1 | Attribute VB_Name = "ThisWorkbook" |
2 | Attribute VB_Base = "0{00020819-0000-0000-C000-000000000046}" |
3 | Attribute VB_GlobalNameSpace = False |
4 | Attribute VB_Creatable = False |
5 | Attribute VB_PredeclaredId = True |
6 | Attribute VB_Exposed = True |
7 | Attribute VB_TemplateDerived = False |
8 | Attribute VB_Customizable = True |