Linux
Analysis Report
IdpLihor52.elf
Overview
General Information
Sample name: | IdpLihor52.elfrenamed because original name is a hash value |
Original sample name: | 815b74947d3a78a1b7d2aece43596ddc0ffc264e26092f1f9b6409c62e1437d6.elf |
Analysis ID: | 1654374 |
MD5: | db85cb255d2e559ce9388349cf626618 |
SHA1: | b92a02f1b1b1cd86ff13eb13f8bbb08eef315acb |
SHA256: | 815b74947d3a78a1b7d2aece43596ddc0ffc264e26092f1f9b6409c62e1437d6 |
Tags: | AutoColorelfLinuxuser-KodaDr |
Infos: | |
Detection
Score: | 76 |
Range: | 0 - 100 |
Signatures
Classification
Joe Sandbox version: | 42.0.0 Malachite |
Analysis ID: | 1654374 |
Start date and time: | 2025-04-02 10:13:50 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 10m 41s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | IdpLihor52.elfrenamed because original name is a hash value |
Original Sample Name: | 815b74947d3a78a1b7d2aece43596ddc0ffc264e26092f1f9b6409c62e1437d6.elf |
Detection: | MAL |
Classification: | mal76.troj.evad.linELF@0/4@1/0 |
Cookbook Comments: |
|
- VT rate limit hit for: check.linux-kernel.xyz
Command: | /tmp/IdpLihor52.elf |
PID: | 6231 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | #install... #install ok #install... #install ok |
Standard Error: |
- system is lnxubuntu20
- IdpLihor52.elf New Fork (PID: 6232, Parent: 6231)
- IdpLihor52.elf New Fork (PID: 6233, Parent: 6232)
- dash New Fork (PID: 6294, Parent: 4331)
- dash New Fork (PID: 6295, Parent: 4331)
- cleanup
- • AV Detection
- • Networking
- • System Summary
- • Persistence and Installation Behavior
- • Malware Analysis System Evasion
- • HIPS / PFW / Operating System Protection Evasion
Click to jump to signature section
AV Detection |
---|
Source: | Avira: |
Source: | Avira: |
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link |
Networking |
---|
Source: | DNS query: |
Source: | Reads hosts file: | Jump to behavior |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | ELF static info symbol of dropped file: | ||
Source: | ELF static info symbol of dropped file: |
Source: | .symtab present: |
Source: | Classification label: |
Persistence and Installation Behavior |
---|
Source: | Created: | Jump to behavior |
Source: | Rm executable: | Jump to behavior | ||
Source: | Rm executable: | Jump to behavior |
Source: | File written: | Jump to dropped file | ||
Source: | File written: | Jump to dropped file |
Source: | Symbol name: |
Source: | Truncated file: | Jump to behavior | ||
Source: | Truncated file: | Jump to behavior |
Source: | Queries kernel information via 'uname': | Jump to behavior |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | Deletion: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | Path Interception | 1 Process Injection | 1 Masquerading | OS Credential Dumping | 1 Security Software Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Exploitation for Defense Evasion | LSASS Memory | 1 Virtualization/Sandbox Evasion | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 Virtualization/Sandbox Evasion | Security Account Manager | 1 File and Directory Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 2 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 Process Injection | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | Protocol Impersonation | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 1 Indicator Removal | LSA Secrets | Internet Connection Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 File Deletion | Cached Domain Credentials | Wi-Fi Discovery | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
31% | ReversingLabs | Linux.Trojan.Generic | ||
32% | Virustotal | Browse | ||
100% | Avira | LINUX/AVA.Filecoder.dtesp |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira | LINUX/AVA.Filecoder.dtesp | ||
31% | ReversingLabs | Linux.Trojan.Generic |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
check.linux-kernel.xyz | 18.167.12.195 | true | true | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
34.249.145.219 | unknown | United States | 16509 | AMAZON-02US | false | |
18.167.12.195 | check.linux-kernel.xyz | United States | 16509 | AMAZON-02US | true | |
109.202.202.202 | unknown | Switzerland | 13030 | INIT7CH | false | |
91.189.91.43 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false | |
91.189.91.42 | unknown | United Kingdom | 41231 | CANONICAL-ASGB | false |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
34.249.145.219 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Gafgyt, Mirai | Browse | |||
Get hash | malicious | Gafgyt, Mirai | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Prometei | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
109.202.202.202 | Get hash | malicious | Unknown | Browse |
| |
91.189.91.43 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Mirai | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Gafgyt, Mirai | Browse | |||
Get hash | malicious | Gafgyt, Mirai | Browse | |||
Get hash | malicious | Gafgyt, Mirai | Browse | |||
Get hash | malicious | Prometei | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
INIT7CH | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Gafgyt, Mirai | Browse |
| ||
Get hash | malicious | Prometei | Browse |
| ||
AMAZON-02US | Get hash | malicious | FormBook | Browse |
| |
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | CryptOne, LummaC Stealer | Browse |
| ||
AMAZON-02US | Get hash | malicious | FormBook | Browse |
| |
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | CryptOne, LummaC Stealer | Browse |
|
Process: | /tmp/IdpLihor52.elf |
File Type: | |
Category: | dropped |
Size (bytes): | 34 |
Entropy (8bit): | 4.175123135113461 |
Encrypted: | false |
SSDEEP: | 3:/qdR63SMjLNj:/qdY/3Nj |
MD5: | 3667162F824C13B03C42749611D389C8 |
SHA1: | 3B0C29FD2079CEFD1FF13F9260D2A9C311DC5AD5 |
SHA-256: | B8B975818566332FA0E12460516FA18BA4666FABC605CB4B1819096E591CD47D |
SHA-512: | 1EBA85FF3AB8A8A7E2BEFDCF01D5CF336C49670D00059B72AE6CC1A502743C3EDCDAF1687D8A84A70CDC4C458A0B3D80D6FFBFE7756A63000731F85E5D297B61 |
Malicious: | true |
Reputation: | low |
Preview: |
Process: | /tmp/IdpLihor52.elf |
File Type: | |
Category: | dropped |
Size (bytes): | 35176 |
Entropy (8bit): | 4.807101699118741 |
Encrypted: | false |
SSDEEP: | 768:f4RVXHfXvn/3PHfXvn/3PHfayqC6SKiayqC6SKiaqekmkcN/odCkHaFkuwXY:f42N/UHJ |
MD5: | 1451ED5B4AC7070F08BBE9B60E12A7B4 |
SHA1: | A9FF6EB1174C8902E178B07CA3FD0CDE660197E7 |
SHA-256: | D4A1186387072207607684A016AF05804A9F1CE90C987C80827B2D5223BDDC9E |
SHA-512: | 5F49A542722BC5D7825C825EDA68A2844C98F90FDCA1A5045E7530D4D5CFBE05297896C77E0B3C11F74DF9D2917D71AA4A1CFA3B013D27CC1F92C6D1BA129B05 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | /tmp/IdpLihor52.elf |
File Type: | |
Category: | dropped |
Size (bytes): | 8 |
Entropy (8bit): | 1.75 |
Encrypted: | false |
SSDEEP: | 3:aJS/:aJi |
MD5: | 8CA63731B1A6A2A33C71354429F577B9 |
SHA1: | EF84B5087D8C21C5BCC108860F89278FCCFE5BCA |
SHA-256: | C1635A9F1819F1A99A68615456CA6DE6A6885F6D711624172FED9CAA87886CD2 |
SHA-512: | B4041B206BA9B5663FDB9F607CE91366627CCE16709B341C8199E689035917304CBC5A66D3594A4018A2D8B0936E0D838CBE60EADDF7EF73532C92B41A52C522 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | /tmp/IdpLihor52.elf |
File Type: | |
Category: | dropped |
Size (bytes): | 216872 |
Entropy (8bit): | 5.575882078455821 |
Encrypted: | false |
SSDEEP: | 3072:+9EyjkLT4IIeLeKt/VIuCp0hZPV9eFxaXyQpcGIULNCD4wMHJmYH7imVAH:+9EnkKlZkxmIUA9MHJmYH7ZAH |
MD5: | DB85CB255D2E559CE9388349CF626618 |
SHA1: | B92A02F1B1B1CD86FF13EB13F8BBB08EEF315ACB |
SHA-256: | 815B74947D3A78A1B7D2AECE43596DDC0FFC264E26092F1F9B6409C62E1437D6 |
SHA-512: | 285641559E40B96F176D126388BFCA398EC8F4F5911D0268BF4081732A4553BB57197263FE7776B5D0880B1A17400019CC7CBF76801B6FE7CFAC6A86EB741BC4 |
Malicious: | true |
Antivirus: |
|
Reputation: | low |
Preview: |
File type: | |
Entropy (8bit): | 5.575882078455821 |
TrID: |
|
File name: | IdpLihor52.elf |
File size: | 216'872 bytes |
MD5: | db85cb255d2e559ce9388349cf626618 |
SHA1: | b92a02f1b1b1cd86ff13eb13f8bbb08eef315acb |
SHA256: | 815b74947d3a78a1b7d2aece43596ddc0ffc264e26092f1f9b6409c62e1437d6 |
SHA512: | 285641559e40b96f176d126388bfca398ec8f4f5911d0268bf4081732a4553bb57197263fe7776b5d0880b1a17400019cc7cbf76801b6fe7cfac6a86eb741bc4 |
SSDEEP: | 3072:+9EyjkLT4IIeLeKt/VIuCp0hZPV9eFxaXyQpcGIULNCD4wMHJmYH7imVAH:+9EnkKlZkxmIUA9MHJmYH7ZAH |
TLSH: | 8624F71BB2B199BDD09AF4348A8FD2A26870F0F42332752F37829D772D57D850BA8751 |
File Content Preview: | .ELF..............>......b......@........F..........@.8...@.".!.........@.......@.......@.......................................P.......P.......P................................................................A.......A.......................P.......P..... |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 64 |
Program Header Offset: | 64 |
Program Header Size: | 56 |
Number of Program Headers: | 14 |
Section Header Offset: | 214696 |
Section Header Size: | 64 |
Number of Section Headers: | 34 |
Header String Table Index: | 33 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.interp | PROGBITS | 0x350 | 0x350 | 0x1c | 0x0 | 0x2 | A | 0 | 0 | 1 |
.note.gnu.property | NOTE | 0x370 | 0x370 | 0x20 | 0x0 | 0x2 | A | 0 | 0 | 8 |
.note.gnu.build-id | NOTE | 0x390 | 0x390 | 0x24 | 0x0 | 0x2 | A | 0 | 0 | 4 |
.note.ABI-tag | NOTE | 0x3b4 | 0x3b4 | 0x20 | 0x0 | 0x2 | A | 0 | 0 | 4 |
.gnu.hash | GNU_HASH | 0x3d8 | 0x3d8 | 0x38 | 0x0 | 0x2 | A | 6 | 0 | 8 |
.dynsym | DYNSYM | 0x410 | 0x410 | 0xbd0 | 0x18 | 0x2 | A | 7 | 1 | 8 |
.dynstr | STRTAB | 0xfe0 | 0xfe0 | 0x555 | 0x0 | 0x2 | A | 0 | 0 | 1 |
.gnu.version | VERSYM | 0x1536 | 0x1536 | 0xfc | 0x2 | 0x2 | A | 6 | 0 | 2 |
.gnu.version_r | VERNEED | 0x1638 | 0x1638 | 0xb0 | 0x0 | 0x2 | A | 7 | 4 | 8 |
.rela.dyn | RELA | 0x16e8 | 0x16e8 | 0x2058 | 0x18 | 0x2 | A | 6 | 0 | 8 |
.rela.plt | RELA | 0x3740 | 0x3740 | 0xab0 | 0x18 | 0x42 | AI | 6 | 28 | 8 |
.init | PROGBITS | 0x5000 | 0x5000 | 0x1b | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.plt | PROGBITS | 0x5020 | 0x5020 | 0x730 | 0x10 | 0x6 | AX | 0 | 0 | 16 |
.plt.got | PROGBITS | 0x5750 | 0x5750 | 0x20 | 0x10 | 0x6 | AX | 0 | 0 | 16 |
.plt.sec | PROGBITS | 0x5770 | 0x5770 | 0x720 | 0x10 | 0x6 | AX | 0 | 0 | 16 |
.text | PROGBITS | 0x5e90 | 0x5e90 | 0x1bfa4 | 0x0 | 0x6 | AX | 0 | 0 | 16 |
.fini | PROGBITS | 0x21e34 | 0x21e34 | 0xd | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.rodata | PROGBITS | 0x22000 | 0x22000 | 0xa740 | 0x0 | 0x2 | A | 0 | 0 | 32 |
.stapsdt.base | PROGBITS | 0x2c740 | 0x2c740 | 0x1 | 0x0 | 0x2 | A | 0 | 0 | 1 |
.eh_frame_hdr | PROGBITS | 0x2c744 | 0x2c744 | 0xd7c | 0x0 | 0x2 | A | 0 | 0 | 4 |
.eh_frame | PROGBITS | 0x2d4c0 | 0x2d4c0 | 0x4060 | 0x0 | 0x2 | A | 0 | 0 | 8 |
.gcc_except_table | PROGBITS | 0x31520 | 0x31520 | 0x535 | 0x0 | 0x2 | A | 0 | 0 | 4 |
.tbss | NOBITS | 0x33928 | 0x32928 | 0x10 | 0x0 | 0x403 | WAT | 0 | 0 | 8 |
.init_array | INIT_ARRAY | 0x33928 | 0x32928 | 0x10 | 0x8 | 0x3 | WA | 0 | 0 | 8 |
.fini_array | FINI_ARRAY | 0x33938 | 0x32938 | 0x8 | 0x8 | 0x3 | WA | 0 | 0 | 8 |
.data.rel.ro | PROGBITS | 0x33940 | 0x32940 | 0x10a8 | 0x0 | 0x3 | WA | 0 | 0 | 32 |
.dynamic | DYNAMIC | 0x349e8 | 0x339e8 | 0x220 | 0x10 | 0x3 | WA | 7 | 0 | 8 |
.got | PROGBITS | 0x34c08 | 0x33c08 | 0x3e8 | 0x8 | 0x3 | WA | 0 | 0 | 8 |
.data | PROGBITS | 0x35000 | 0x34000 | 0x448 | 0x0 | 0x3 | WA | 0 | 0 | 32 |
.bss | NOBITS | 0x35460 | 0x34448 | 0x12c0 | 0x0 | 0x3 | WA | 0 | 0 | 32 |
.comment | PROGBITS | 0x0 | 0x34448 | 0x2a | 0x1 | 0x30 | MS | 0 | 0 | 1 |
.note.stapsdt | NOTE | 0x0 | 0x34474 | 0xe8 | 0x0 | 0x0 | 0 | 0 | 4 | |
.shstrtab | STRTAB | 0x0 | 0x3455c | 0x14b | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
PHDR | 0x40 | 0x40 | 0x40 | 0x310 | 0x310 | 1.8556 | 0x4 | R | 0x8 | ||
INTERP | 0x350 | 0x350 | 0x350 | 0x1c | 0x1c | 3.9408 | 0x4 | R | 0x1 | /lib64/ld-linux-x86-64.so.2 | .interp |
LOAD | 0x0 | 0x0 | 0x0 | 0x41f0 | 0x41f0 | 2.7236 | 0x4 | R | 0x1000 | .interp .note.gnu.property .note.gnu.build-id .note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt | |
LOAD | 0x5000 | 0x5000 | 0x5000 | 0x1ce41 | 0x1ce41 | 6.0652 | 0x5 | R E | 0x1000 | .init .plt .plt.got .plt.sec .text .fini | |
LOAD | 0x22000 | 0x22000 | 0x22000 | 0xfa55 | 0xfa55 | 5.4342 | 0x4 | R | 0x1000 | .rodata .stapsdt.base .eh_frame_hdr .eh_frame .gcc_except_table | |
LOAD | 0x32928 | 0x33928 | 0x33928 | 0x1b20 | 0x2df8 | 2.2376 | 0x6 | RW | 0x1000 | .tbss .init_array .fini_array .data.rel.ro .dynamic .got .data .bss | |
DYNAMIC | 0x339e8 | 0x349e8 | 0x349e8 | 0x220 | 0x220 | 1.6087 | 0x6 | RW | 0x8 | .dynamic | |
NOTE | 0x370 | 0x370 | 0x370 | 0x20 | 0x20 | 1.8716 | 0x4 | R | 0x8 | .note.gnu.property | |
NOTE | 0x390 | 0x390 | 0x390 | 0x44 | 0x44 | 3.3267 | 0x4 | R | 0x4 | .note.gnu.build-id .note.ABI-tag | |
TLS | 0x32928 | 0x33928 | 0x33928 | 0x0 | 0x10 | 0.0000 | 0x4 | R | 0x8 | .tbss | |
GNU_PROPERTY | 0x370 | 0x370 | 0x370 | 0x20 | 0x20 | 1.8716 | 0x4 | R | 0x8 | .note.gnu.property | |
GNU_EH_FRAME | 0x2c744 | 0x2c744 | 0x2c744 | 0xd7c | 0xd7c | 5.4174 | 0x4 | R | 0x4 | .eh_frame_hdr | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x10 | ||
GNU_RELRO | 0x32928 | 0x33928 | 0x33928 | 0x16d8 | 0x16d8 | 2.3268 | 0x4 | R | 0x1 | .tbss .init_array .fini_array .data.rel.ro .dynamic .got |
Type | Meta | Value | Tag |
---|---|---|---|
DT_NEEDED | sharedlib | libpthread.so.0 | 0x1 |
DT_NEEDED | sharedlib | libdl.so.2 | 0x1 |
DT_NEEDED | sharedlib | libc.so.6 | 0x1 |
DT_NEEDED | sharedlib | ld-linux-x86-64.so.2 | 0x1 |
DT_INIT | value | 0x5000 | 0xc |
DT_FINI | value | 0x21e34 | 0xd |
DT_INIT_ARRAY | value | 0x33928 | 0x19 |
DT_INIT_ARRAYSZ | bytes | 16 | 0x1b |
DT_FINI_ARRAY | value | 0x33938 | 0x1a |
DT_FINI_ARRAYSZ | bytes | 8 | 0x1c |
DT_GNU_HASH | value | 0x3d8 | 0x6ffffef5 |
DT_STRTAB | value | 0xfe0 | 0x5 |
DT_SYMTAB | value | 0x410 | 0x6 |
DT_STRSZ | bytes | 1365 | 0xa |
DT_SYMENT | bytes | 24 | 0xb |
DT_DEBUG | value | 0x0 | 0x15 |
DT_PLTGOT | value | 0x34c08 | 0x3 |
DT_PLTRELSZ | bytes | 2736 | 0x2 |
DT_PLTREL | pltrel | DT_RELA | 0x14 |
DT_JMPREL | value | 0x3740 | 0x17 |
DT_RELA | value | 0x16e8 | 0x7 |
DT_RELASZ | bytes | 8280 | 0x8 |
DT_RELAENT | bytes | 24 | 0x9 |
DT_FLAGS | value | 0x8 | 0x1e |
DT_FLAGS_1 | value | 0x8000001 | 0x6ffffffb |
DT_VERNEED | value | 0x1638 | 0x6ffffffe |
DT_VERNEEDNUM | value | 4 | 0x6fffffff |
DT_VERSYM | value | 0x1536 | 0x6ffffff0 |
DT_RELACOUNT | value | 336 | 0x6ffffff9 |
DT_NULL | value | 0x0 | 0x0 |
Name | Version Info Name | Version Info File Name | Section Name | Value | Size | Symbol Type | Symbol Bind | Symbol Visibility | Ndx |
---|---|---|---|---|---|---|---|---|---|
.dynsym | 0x0 | 0 | NOTYPE | <unknown> | DEFAULT | SHN_UNDEF | |||
_ITM_deregisterTMCloneTable | .dynsym | 0x0 | 0 | NOTYPE | <unknown> | DEFAULT | SHN_UNDEF | ||
_ITM_registerTMCloneTable | .dynsym | 0x0 | 0 | NOTYPE | <unknown> | DEFAULT | SHN_UNDEF | ||
__cxa_finalize | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__environ | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x35460 | 8 | OBJECT | <unknown> | DEFAULT | 30 |
__errno_location | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__gmon_start__ | .dynsym | 0x0 | 0 | NOTYPE | <unknown> | DEFAULT | SHN_UNDEF | ||
__libc_start_main | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__pthread_key_create | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__sprintf_chk | GLIBC_2.3.4 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__stack_chk_fail | GLIBC_2.4 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__tls_get_addr | GLIBC_2.3 | ld-linux-x86-64.so.2 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__xstat | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_environ | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x35460 | 8 | OBJECT | <unknown> | DEFAULT | 30 |
abort | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
accept | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
access | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
atoi | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
bind | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
chdir | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
close | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
closedir | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
connect | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
dl_iterate_phdr | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
dladdr | GLIBC_2.2.5 | libdl.so.2 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
dlopen | GLIBC_2.2.5 | libdl.so.2 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
dlsym | GLIBC_2.2.5 | libdl.so.2 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
dup2 | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
environ | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x35460 | 8 | OBJECT | <unknown> | DEFAULT | 30 |
execve | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
exit | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fcntl | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
flock | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fork | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fputc | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fputs | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fread | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
free | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fwrite | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
get_nprocs_conf | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
getdtablesize | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
geteuid | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
gethostbyname | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
gethostname | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
getpeername | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
getpgid | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
getpid | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
getpwuid | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
getsockname | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
getsockopt | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
gettimeofday | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
htonl | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
htons | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
inet_ntoa | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
kill | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
listen | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
localtime | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
lseek | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
malloc | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
mallopt | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
memcmp | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
memcpy | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
memset | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
mkdir | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
ntohl | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
ntohs | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
open | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
opendir | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pclose | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pipe | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
popen | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
printf | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_attr_destroy | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_attr_init | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_attr_setdetachstate | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_attr_setstacksize | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_cond_destroy | GLIBC_2.3.2 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_cond_init | GLIBC_2.3.2 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_cond_signal | GLIBC_2.3.2 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_cond_timedwait | GLIBC_2.3.2 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_cond_wait | GLIBC_2.3.2 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_create | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_join | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_mutex_destroy | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_mutex_init | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_mutex_lock | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_mutex_unlock | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_mutexattr_destroy | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_mutexattr_init | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_mutexattr_settype | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_once | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
puts | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
read | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
readdir | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
readlink | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
realloc | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
recv | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
recvfrom | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
remove | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
rename | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
select | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
send | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
sendto | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
setsid | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
setsockopt | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
shmat | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
shmget | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
snprintf | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
socket | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
sprintf | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
statfs | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
stderr | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | OBJECT | <unknown> | DEFAULT | SHN_UNDEF |
strcasecmp | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strcat | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strcmp | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strcpy | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strerror | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strlen | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strncasecmp | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strtol | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
syscall | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
time | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
umask | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
usleep | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
waitpid | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
write | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 0 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
Download Network PCAP: filtered – full
- Total Packets: 126
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 2, 2025 10:14:36.952414036 CEST | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Apr 2, 2025 10:14:37.736655951 CEST | 41900 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:14:38.059732914 CEST | 5353 | 41900 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:14:42.076524019 CEST | 41902 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:14:42.327797890 CEST | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Apr 2, 2025 10:14:42.389566898 CEST | 5353 | 41902 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:14:43.863657951 CEST | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Apr 2, 2025 10:14:46.402718067 CEST | 41904 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:14:46.724173069 CEST | 5353 | 41904 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:14:50.738101006 CEST | 41906 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:14:51.050956964 CEST | 5353 | 41906 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:14:55.067051888 CEST | 41908 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:14:55.375917912 CEST | 5353 | 41908 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:14:57.941477060 CEST | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Apr 2, 2025 10:14:58.339015961 CEST | 39258 | 443 | 192.168.2.23 | 34.249.145.219 |
Apr 2, 2025 10:14:58.339061975 CEST | 443 | 39258 | 34.249.145.219 | 192.168.2.23 |
Apr 2, 2025 10:14:58.339150906 CEST | 39258 | 443 | 192.168.2.23 | 34.249.145.219 |
Apr 2, 2025 10:14:58.339792967 CEST | 39258 | 443 | 192.168.2.23 | 34.249.145.219 |
Apr 2, 2025 10:14:58.339806080 CEST | 443 | 39258 | 34.249.145.219 | 192.168.2.23 |
Apr 2, 2025 10:14:59.387406111 CEST | 41912 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:14:59.696358919 CEST | 5353 | 41912 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:15:03.709484100 CEST | 41914 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:15:04.017190933 CEST | 5353 | 41914 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:15:08.038084984 CEST | 41916 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:15:08.180027008 CEST | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Apr 2, 2025 10:15:08.356614113 CEST | 5353 | 41916 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:15:12.369074106 CEST | 41918 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:15:12.684931040 CEST | 5353 | 41918 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:15:14.323167086 CEST | 42516 | 80 | 192.168.2.23 | 109.202.202.202 |
Apr 2, 2025 10:15:16.701630116 CEST | 41920 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:15:17.012861967 CEST | 5353 | 41920 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:15:21.029769897 CEST | 41922 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:15:21.338325024 CEST | 5353 | 41922 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:15:25.351371050 CEST | 41924 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:15:25.665859938 CEST | 5353 | 41924 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:15:29.678582907 CEST | 41926 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:15:29.992975950 CEST | 5353 | 41926 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:15:34.006987095 CEST | 41928 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:15:34.320763111 CEST | 5353 | 41928 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:15:38.337178946 CEST | 41930 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:15:38.652415991 CEST | 5353 | 41930 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:15:38.895677090 CEST | 43928 | 443 | 192.168.2.23 | 91.189.91.42 |
Apr 2, 2025 10:15:42.667947054 CEST | 41932 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:15:42.974477053 CEST | 5353 | 41932 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:15:46.988985062 CEST | 41934 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:15:47.299674988 CEST | 5353 | 41934 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:15:51.312290907 CEST | 41936 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:15:51.621603966 CEST | 5353 | 41936 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:15:55.650603056 CEST | 41938 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:15:55.959903002 CEST | 5353 | 41938 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:15:58.331088066 CEST | 39258 | 443 | 192.168.2.23 | 34.249.145.219 |
Apr 2, 2025 10:15:58.376322031 CEST | 443 | 39258 | 34.249.145.219 | 192.168.2.23 |
Apr 2, 2025 10:15:59.372668028 CEST | 42836 | 443 | 192.168.2.23 | 91.189.91.43 |
Apr 2, 2025 10:15:59.990549088 CEST | 41940 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:16:00.302437067 CEST | 5353 | 41940 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:16:04.316804886 CEST | 41942 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:16:04.627589941 CEST | 5353 | 41942 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:16:08.641017914 CEST | 41944 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:16:08.953211069 CEST | 5353 | 41944 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:16:12.969630957 CEST | 41946 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:16:13.282816887 CEST | 5353 | 41946 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:16:17.307140112 CEST | 41948 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:16:17.615207911 CEST | 5353 | 41948 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:16:21.653465986 CEST | 41950 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:16:21.962518930 CEST | 5353 | 41950 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:16:26.004919052 CEST | 41952 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:16:26.314913034 CEST | 5353 | 41952 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:16:30.359895945 CEST | 41954 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:16:30.666311979 CEST | 5353 | 41954 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:16:34.689626932 CEST | 41956 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:16:35.001086950 CEST | 5353 | 41956 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:16:39.017637968 CEST | 41958 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:16:39.331289053 CEST | 5353 | 41958 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:16:43.389234066 CEST | 41960 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:16:43.703190088 CEST | 5353 | 41960 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:16:47.756519079 CEST | 41962 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:16:48.068412066 CEST | 5353 | 41962 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:16:52.103882074 CEST | 41964 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:16:52.413959980 CEST | 5353 | 41964 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:16:56.439549923 CEST | 41966 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:16:56.748045921 CEST | 5353 | 41966 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:17:00.764482975 CEST | 41968 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:17:01.078543901 CEST | 5353 | 41968 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:17:05.093790054 CEST | 41970 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:17:05.404474020 CEST | 5353 | 41970 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:17:09.426455975 CEST | 41972 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:17:09.741403103 CEST | 5353 | 41972 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:17:13.772568941 CEST | 41974 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:17:14.087766886 CEST | 5353 | 41974 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:17:18.116452932 CEST | 41976 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:17:18.428430080 CEST | 5353 | 41976 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:17:22.506757021 CEST | 41978 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:17:22.819618940 CEST | 5353 | 41978 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:17:26.940499067 CEST | 41980 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:17:27.249777079 CEST | 5353 | 41980 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:17:31.262799978 CEST | 41982 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:17:31.574240923 CEST | 5353 | 41982 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:17:35.615418911 CEST | 41984 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:17:35.935755014 CEST | 5353 | 41984 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:17:39.952816010 CEST | 41986 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:17:40.265177011 CEST | 5353 | 41986 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:17:44.284878016 CEST | 41988 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:17:44.596421003 CEST | 5353 | 41988 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:17:48.623640060 CEST | 41990 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:17:48.936783075 CEST | 5353 | 41990 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:17:52.952917099 CEST | 41992 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:17:53.261688948 CEST | 5353 | 41992 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:17:57.273355007 CEST | 41994 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:17:57.580063105 CEST | 5353 | 41994 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:18:01.630572081 CEST | 41996 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:18:01.942364931 CEST | 5353 | 41996 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:18:05.962517977 CEST | 41998 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:18:06.275791883 CEST | 5353 | 41998 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:18:10.293570995 CEST | 42000 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:18:10.606024981 CEST | 5353 | 42000 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:18:14.621436119 CEST | 42002 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:18:14.947444916 CEST | 5353 | 42002 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:18:18.962826967 CEST | 42004 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:18:19.273925066 CEST | 5353 | 42004 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:18:23.312836885 CEST | 42006 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:18:23.619990110 CEST | 5353 | 42006 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:18:27.652067900 CEST | 42008 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:18:27.959321022 CEST | 5353 | 42008 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:18:31.972630024 CEST | 42010 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:18:32.282866001 CEST | 5353 | 42010 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:18:36.304913998 CEST | 42012 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:18:36.621391058 CEST | 5353 | 42012 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:18:40.638207912 CEST | 42014 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:18:40.954113960 CEST | 5353 | 42014 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:18:44.971760035 CEST | 42016 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:18:45.287988901 CEST | 5353 | 42016 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:18:49.312581062 CEST | 42018 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:18:49.629542112 CEST | 5353 | 42018 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:18:53.656112909 CEST | 42020 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:18:53.963119030 CEST | 5353 | 42020 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:18:57.983922005 CEST | 42022 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:18:58.293030024 CEST | 5353 | 42022 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:19:02.318941116 CEST | 42024 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:19:02.626975060 CEST | 5353 | 42024 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:19:06.647387028 CEST | 42026 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:19:06.959849119 CEST | 5353 | 42026 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:19:11.008224010 CEST | 42028 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:19:11.321376085 CEST | 5353 | 42028 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:19:15.386707067 CEST | 42030 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:19:15.698549032 CEST | 5353 | 42030 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:19:19.715924025 CEST | 42032 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:19:20.028939009 CEST | 5353 | 42032 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:19:24.079004049 CEST | 42034 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:19:24.390043974 CEST | 5353 | 42034 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:19:28.405971050 CEST | 42036 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:19:28.715857029 CEST | 5353 | 42036 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:19:32.739279985 CEST | 42038 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:19:33.047534943 CEST | 5353 | 42038 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:19:37.060944080 CEST | 42040 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:19:37.373469114 CEST | 5353 | 42040 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:19:41.393729925 CEST | 42042 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:19:41.700622082 CEST | 5353 | 42042 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:19:45.723942995 CEST | 42044 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:19:46.035358906 CEST | 5353 | 42044 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:19:50.052654028 CEST | 42046 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:19:50.365058899 CEST | 5353 | 42046 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:19:54.389532089 CEST | 42048 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:19:54.697244883 CEST | 5353 | 42048 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:19:58.720366001 CEST | 42050 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:19:59.030370951 CEST | 5353 | 42050 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:20:03.051285982 CEST | 42052 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:20:03.363147020 CEST | 5353 | 42052 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:20:07.377835035 CEST | 42054 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:20:07.689791918 CEST | 5353 | 42054 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:20:11.709330082 CEST | 42056 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:20:12.028477907 CEST | 5353 | 42056 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:20:16.054928064 CEST | 42058 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:20:16.366508961 CEST | 5353 | 42058 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:20:20.411374092 CEST | 42060 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:20:20.722012997 CEST | 5353 | 42060 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:20:24.745095015 CEST | 42062 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:20:25.054327011 CEST | 5353 | 42062 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:20:29.075098991 CEST | 42064 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:20:29.400012970 CEST | 5353 | 42064 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:20:33.428639889 CEST | 42066 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:20:33.735671043 CEST | 5353 | 42066 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:20:37.753803015 CEST | 42068 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:20:38.756690979 CEST | 42068 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:20:39.067909956 CEST | 5353 | 42068 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:20:43.083420992 CEST | 42070 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:20:43.395519972 CEST | 5353 | 42070 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:20:47.407146931 CEST | 42072 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:20:47.719717979 CEST | 5353 | 42072 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:20:51.735667944 CEST | 42074 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:20:52.046399117 CEST | 5353 | 42074 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:20:56.063050032 CEST | 42076 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:20:56.372376919 CEST | 5353 | 42076 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:21:00.385559082 CEST | 42078 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:21:00.700613022 CEST | 5353 | 42078 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:21:04.716134071 CEST | 42080 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:21:05.022735119 CEST | 5353 | 42080 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:21:09.034903049 CEST | 42082 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:21:09.344002962 CEST | 5353 | 42082 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:21:13.360308886 CEST | 42084 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:21:13.679776907 CEST | 5353 | 42084 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:21:17.695676088 CEST | 42086 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:21:18.007987976 CEST | 5353 | 42086 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:21:22.021996975 CEST | 42088 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:21:22.334268093 CEST | 5353 | 42088 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:21:26.349641085 CEST | 42090 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:21:26.664474964 CEST | 5353 | 42090 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:21:30.677453041 CEST | 42092 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:21:30.986371994 CEST | 5353 | 42092 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:21:35.004587889 CEST | 42094 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:21:35.325359106 CEST | 5353 | 42094 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:21:39.337435007 CEST | 42096 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:21:39.645119905 CEST | 5353 | 42096 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:21:43.658837080 CEST | 42098 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:21:43.966949940 CEST | 5353 | 42098 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:21:47.978071928 CEST | 42100 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:21:48.290224075 CEST | 5353 | 42100 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:21:52.306179047 CEST | 42102 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:21:52.619309902 CEST | 5353 | 42102 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:21:56.632729053 CEST | 42104 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:21:56.944206953 CEST | 5353 | 42104 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:22:00.956440926 CEST | 42106 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:22:01.274765015 CEST | 5353 | 42106 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:22:05.286277056 CEST | 42108 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:22:05.593575001 CEST | 5353 | 42108 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:22:09.612512112 CEST | 42110 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:22:09.919843912 CEST | 5353 | 42110 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:22:13.934859991 CEST | 42112 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:22:14.241786003 CEST | 5353 | 42112 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:22:18.254693031 CEST | 42114 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:22:18.562319994 CEST | 5353 | 42114 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:22:22.579864025 CEST | 42116 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:22:22.892448902 CEST | 5353 | 42116 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:22:26.906470060 CEST | 42118 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:22:27.217952013 CEST | 5353 | 42118 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:22:31.231905937 CEST | 42120 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:22:31.544441938 CEST | 5353 | 42120 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:22:35.570961952 CEST | 42122 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:22:35.882189035 CEST | 5353 | 42122 | 18.167.12.195 | 192.168.2.23 |
Apr 2, 2025 10:22:39.898097038 CEST | 42124 | 5353 | 192.168.2.23 | 18.167.12.195 |
Apr 2, 2025 10:22:40.205548048 CEST | 5353 | 42124 | 18.167.12.195 | 192.168.2.23 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 2, 2025 10:14:37.567222118 CEST | 50409 | 53 | 192.168.2.23 | 1.1.1.1 |
Apr 2, 2025 10:14:37.735455036 CEST | 53 | 50409 | 1.1.1.1 | 192.168.2.23 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 2, 2025 10:14:37.567222118 CEST | 192.168.2.23 | 1.1.1.1 | 0x8ed2 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 2, 2025 10:14:37.735455036 CEST | 1.1.1.1 | 192.168.2.23 | 0x8ed2 | No error (0) | 18.167.12.195 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 08:14:36 |
Start date (UTC): | 02/04/2025 |
Path: | /tmp/IdpLihor52.elf |
Arguments: | /tmp/IdpLihor52.elf |
File size: | 216872 bytes |
MD5 hash: | db85cb255d2e559ce9388349cf626618 |
Start time (UTC): | 08:14:36 |
Start date (UTC): | 02/04/2025 |
Path: | /tmp/IdpLihor52.elf |
Arguments: | - |
File size: | 216872 bytes |
MD5 hash: | db85cb255d2e559ce9388349cf626618 |
Start time (UTC): | 08:14:36 |
Start date (UTC): | 02/04/2025 |
Path: | /tmp/IdpLihor52.elf |
Arguments: | - |
File size: | 216872 bytes |
MD5 hash: | db85cb255d2e559ce9388349cf626618 |
Start time (UTC): | 08:15:57 |
Start date (UTC): | 02/04/2025 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:15:57 |
Start date (UTC): | 02/04/2025 |
Path: | /usr/bin/rm |
Arguments: | rm -f /tmp/tmp.nEIL30cwr8 /tmp/tmp.rCZmIxfk9m /tmp/tmp.yNQ3b3XGSF |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |
Start time (UTC): | 08:15:57 |
Start date (UTC): | 02/04/2025 |
Path: | /usr/bin/dash |
Arguments: | - |
File size: | 129816 bytes |
MD5 hash: | 1e6b1c887c59a315edb7eb9a315fc84c |
Start time (UTC): | 08:15:57 |
Start date (UTC): | 02/04/2025 |
Path: | /usr/bin/rm |
Arguments: | rm -f /tmp/tmp.nEIL30cwr8 /tmp/tmp.rCZmIxfk9m /tmp/tmp.yNQ3b3XGSF |
File size: | 72056 bytes |
MD5 hash: | aa2b5496fdbfd88e38791ab81f90b95b |