Create Interactive Tour
Linux
Analysis Report
ot39on23Lg.elf
Overview
General Information
| Sample Name: | ot39on23Lg.elf |
| Original Sample Name: | 795c37f24fb9d8d3de04b84638e70045.elf |
| Analysis ID: | 838762 |
| MD5: | 795c37f24fb9d8d3de04b84638e70045 |
| SHA1: | 3d12a691ab3e041e2139de905d703fa0b38a8136 |
| SHA256: | d162fb8e891fbf43741c0e363b85707597d08c0a5a6d78ceb4ca47f29514e8b8 |
| Tags: | 32elfmiraimotorola |
| Infos: |  |
 | |
Detection
Mirai
| Score: | 92 |
| Range: | 0 - 100 |
| Whitelisted: | false |
Signatures
Yara detected Mirai
Multi AV Scanner detection for submitted file
Malicious sample detected (through community Yara rule)
Snort IDS alert for network traffic
Connects to many ports of the same IP (likely port scanning)
Uses known network protocols on non-standard ports
Sample tries to kill multiple processes (SIGKILL)
Yara signature match
Executes the "wget" command typically used for HTTP/S downloading
Uses the "uname" system call to query kernel version information (possible evasion)
Executes the "uname" command used to read OS and architecture name
Enumerates processes within the "proc" file system
Detected TCP or UDP traffic on non-standard ports
Sample tries to kill a process (SIGKILL)
Sample has stripped symbol table
HTTP GET or POST without a user agent
Executes the "rm" command used to delete files or directories
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable
Classification
Analysis Advice
| Some HTTP requests failed (404). It is likely that the sample will exhibit less behavior. |
| Static ELF header machine description suggests that the sample might not execute correctly on this machine. |
| Joe Sandbox Version: | 37.0.0 Beryl |
| Analysis ID: | 838762 |
| Start date and time: | 2023-03-31 13:34:30 +02:00 |
| Joe Sandbox Product: | CloudBasic |
| Overall analysis duration: | 0h 7m 23s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | defaultlinuxfilecookbook.jbs |
| Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
| Analysis Mode: | default |
| Sample file name: | ot39on23Lg.elf |
| Original Sample Name: | 795c37f24fb9d8d3de04b84638e70045.elf |
| Detection: | MAL |
| Classification: | mal92.spre.troj.linELF@0/3@0/0 |
- Report size exceeded maximum capacity and may have missing network information.
| Command: | /tmp/ot39on23Lg.elf |
| PID: | 6262 |
| Exit Code: | 0 |
| Exit Code Info: | |
| Killed: | False |
| Standard Output: | Infected By Cult |
| Standard Error: |
- system is lnxubuntu20
- python3.8 New Fork (PID: 6218, Parent: 6205)
- dash New Fork (PID: 6220, Parent: 6219)
- dash New Fork (PID: 6221, Parent: 6219)
- dash New Fork (PID: 6222, Parent: 6188)
- dash New Fork (PID: 6227, Parent: 6188)
- dash New Fork (PID: 6228, Parent: 6188)
- dash New Fork (PID: 6229, Parent: 6188)
- dash New Fork (PID: 6230, Parent: 6188)
- dash New Fork (PID: 6231, Parent: 6188)
- dash New Fork (PID: 6232, Parent: 6188)
- dash New Fork (PID: 6233, Parent: 6188)
- dash New Fork (PID: 6234, Parent: 6188)
- dash New Fork (PID: 6235, Parent: 6188)
- ot39on23Lg.elf New Fork (PID: 6264, Parent: 6262)
- ot39on23Lg.elf New Fork (PID: 6265, Parent: 6262)
- ot39on23Lg.elf New Fork (PID: 6267, Parent: 6262)
- ot39on23Lg.elf New Fork (PID: 6270, Parent: 6267)
- ot39on23Lg.elf New Fork (PID: 6271, Parent: 6267)
- ot39on23Lg.elf New Fork (PID: 6272, Parent: 6267)
- ot39on23Lg.elf New Fork (PID: 6273, Parent: 6267)
- ot39on23Lg.elf New Fork (PID: 6278, Parent: 6267)
- ot39on23Lg.elf New Fork (PID: 6279, Parent: 6267)
- cleanup
| Name | Description | Attribution | Blogpost URLs | Link |
|---|---|---|---|---|
| Mirai | Mirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world. | No Attribution |
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_Mirai_8 | Yara detected Mirai | Joe Security | ||
| Linux_Trojan_Gafgyt_28a2fe0c | unknown | unknown |
| |
| Linux_Trojan_Gafgyt_ea92cca8 | unknown | unknown |
|
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_Mirai_12 | Yara detected Mirai | Joe Security |
| Source | Rule | Description | Author | Strings |
|---|---|---|---|---|
| JoeSecurity_Mirai_8 | Yara detected Mirai | Joe Security | ||
| Linux_Trojan_Gafgyt_28a2fe0c | unknown | unknown |
| |
| Linux_Trojan_Gafgyt_ea92cca8 | unknown | unknown |
| |
| JoeSecurity_Mirai_8 | Yara detected Mirai | Joe Security | ||
| Linux_Trojan_Gafgyt_28a2fe0c | unknown | unknown |
| |
| Click to see the 40 entries | ||||
| Timestamp: | 192.168.2.2395.213.199.2032848802841377 03/31/23-13:36:41.561765 |
| SID: | 2841377 |
| Source Port: | 32848 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.213.121.21632944802841377 03/31/23-13:37:02.288210 |
| SID: | 2841377 |
| Source Port: | 32944 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.248.50.22055848802841377 03/31/23-13:37:51.665724 |
| SID: | 2841377 |
| Source Port: | 55848 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.219.241.16842674802841377 03/31/23-13:37:21.091260 |
| SID: | 2841377 |
| Source Port: | 42674 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.221.24.14160574802841377 03/31/23-13:37:56.185011 |
| SID: | 2841377 |
| Source Port: | 60574 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.216.33.9652034802841377 03/31/23-13:37:33.710897 |
| SID: | 2841377 |
| Source Port: | 52034 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.59.25435272802841377 03/31/23-13:36:01.118303 |
| SID: | 2841377 |
| Source Port: | 35272 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.63.540328802841377 03/31/23-13:36:29.402163 |
| SID: | 2841377 |
| Source Port: | 40328 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.83.104.8940536802841377 03/31/23-13:37:06.150010 |
| SID: | 2841377 |
| Source Port: | 40536 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.126.15357466802841377 03/31/23-13:37:35.768046 |
| SID: | 2841377 |
| Source Port: | 57466 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.216.217.436160802841377 03/31/23-13:36:43.481496 |
| SID: | 2841377 |
| Source Port: | 36160 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.166.221.22839210802841377 03/31/23-13:36:10.934399 |
| SID: | 2841377 |
| Source Port: | 39210 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.122.188.1546078802841377 03/31/23-13:36:41.608734 |
| SID: | 2841377 |
| Source Port: | 46078 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.167.204.4254536802841377 03/31/23-13:36:04.871612 |
| SID: | 2841377 |
| Source Port: | 54536 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.173.164.1860962802841377 03/31/23-13:35:17.363673 |
| SID: | 2841377 |
| Source Port: | 60962 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.216.142.11660218802841377 03/31/23-13:36:40.241613 |
| SID: | 2841377 |
| Source Port: | 60218 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.186.17341870802841377 03/31/23-13:35:40.242719 |
| SID: | 2841377 |
| Source Port: | 41870 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.137.14336598802841377 03/31/23-13:36:13.296298 |
| SID: | 2841377 |
| Source Port: | 36598 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.99.30.3939674802841377 03/31/23-13:37:43.517137 |
| SID: | 2841377 |
| Source Port: | 39674 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.228.3050534802841377 03/31/23-13:36:29.431312 |
| SID: | 2841377 |
| Source Port: | 50534 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.135.20.4634852802841377 03/31/23-13:35:58.947568 |
| SID: | 2841377 |
| Source Port: | 34852 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.86.115.542110802841377 03/31/23-13:35:27.298603 |
| SID: | 2841377 |
| Source Port: | 42110 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.203.254.24337752802841377 03/31/23-13:37:56.206421 |
| SID: | 2841377 |
| Source Port: | 37752 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.55.11554526802841377 03/31/23-13:37:28.782224 |
| SID: | 2841377 |
| Source Port: | 54526 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.86.124.22955556802841377 03/31/23-13:37:43.107724 |
| SID: | 2841377 |
| Source Port: | 55556 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.217.250.15055548802841377 03/31/23-13:35:30.889497 |
| SID: | 2841377 |
| Source Port: | 55548 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.54.138.13446364802841377 03/31/23-13:37:14.889557 |
| SID: | 2841377 |
| Source Port: | 46364 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.217.49.22950570802841377 03/31/23-13:37:20.551354 |
| SID: | 2841377 |
| Source Port: | 50570 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.43.96.16740790802841377 03/31/23-13:36:28.206425 |
| SID: | 2841377 |
| Source Port: | 40790 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.97.118.8348072802841377 03/31/23-13:35:19.611723 |
| SID: | 2841377 |
| Source Port: | 48072 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.198.94.650632802841377 03/31/23-13:36:43.424342 |
| SID: | 2841377 |
| Source Port: | 50632 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.175.8.20838320802841377 03/31/23-13:37:20.567261 |
| SID: | 2841377 |
| Source Port: | 38320 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.221.238.4456926802841377 03/31/23-13:37:33.451430 |
| SID: | 2841377 |
| Source Port: | 56926 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.216.69.10650408802841377 03/31/23-13:36:25.842183 |
| SID: | 2841377 |
| Source Port: | 50408 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.126.12745290802841377 03/31/23-13:37:51.583892 |
| SID: | 2841377 |
| Source Port: | 45290 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.165.90.22237920802841377 03/31/23-13:35:42.689732 |
| SID: | 2841377 |
| Source Port: | 37920 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.143.11450366802841377 03/31/23-13:35:52.460866 |
| SID: | 2841377 |
| Source Port: | 50366 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.138.169.18552556802841377 03/31/23-13:37:38.287621 |
| SID: | 2841377 |
| Source Port: | 52556 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.198.64.2460240802841377 03/31/23-13:36:13.276282 |
| SID: | 2841377 |
| Source Port: | 60240 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.197.58.4742270802841377 03/31/23-13:37:12.437660 |
| SID: | 2841377 |
| Source Port: | 42270 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.199.63.25255118802841377 03/31/23-13:38:03.729125 |
| SID: | 2841377 |
| Source Port: | 55118 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.59.48.23053968802841377 03/31/23-13:36:45.908774 |
| SID: | 2841377 |
| Source Port: | 53968 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.218.227.3745662802841377 03/31/23-13:37:53.779406 |
| SID: | 2841377 |
| Source Port: | 45662 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.161.24.9242886802841377 03/31/23-13:35:47.334633 |
| SID: | 2841377 |
| Source Port: | 42886 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.179.181.12257190802841377 03/31/23-13:36:28.163100 |
| SID: | 2841377 |
| Source Port: | 57190 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.252.21545354802841377 03/31/23-13:35:19.588530 |
| SID: | 2841377 |
| Source Port: | 45354 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.226.16843188802841377 03/31/23-13:35:43.955130 |
| SID: | 2841377 |
| Source Port: | 43188 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.227.23644184802841377 03/31/23-13:37:38.481550 |
| SID: | 2841377 |
| Source Port: | 44184 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.205.168.4359402802841377 03/31/23-13:36:52.887511 |
| SID: | 2841377 |
| Source Port: | 59402 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.179.236.25155114802841377 03/31/23-13:37:35.747977 |
| SID: | 2841377 |
| Source Port: | 55114 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.106.51.5540316802841377 03/31/23-13:35:47.887563 |
| SID: | 2841377 |
| Source Port: | 40316 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.217.2.19755142802841377 03/31/23-13:37:33.427463 |
| SID: | 2841377 |
| Source Port: | 55142 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.56.7446282802841377 03/31/23-13:36:43.470912 |
| SID: | 2841377 |
| Source Port: | 46282 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.19.127.4550208802841377 03/31/23-13:35:56.634014 |
| SID: | 2841377 |
| Source Port: | 50208 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.26.232.19552300802841377 03/31/23-13:35:43.655231 |
| SID: | 2841377 |
| Source Port: | 52300 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.68.48.9234934802841377 03/31/23-13:35:17.286320 |
| SID: | 2841377 |
| Source Port: | 34934 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.209.228.3045830802841377 03/31/23-13:35:52.398219 |
| SID: | 2841377 |
| Source Port: | 45830 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.103.118.3332926802841377 03/31/23-13:35:58.896825 |
| SID: | 2841377 |
| Source Port: | 32926 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.213.12438362802841377 03/31/23-13:36:41.545363 |
| SID: | 2841377 |
| Source Port: | 38362 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.48.174.2047670802841377 03/31/23-13:36:53.356391 |
| SID: | 2841377 |
| Source Port: | 47670 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.165.214.21049200802841377 03/31/23-13:37:18.123255 |
| SID: | 2841377 |
| Source Port: | 49200 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.21.5636882802841377 03/31/23-13:35:58.863344 |
| SID: | 2841377 |
| Source Port: | 36882 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.111.242.3251626802841377 03/31/23-13:36:31.888492 |
| SID: | 2841377 |
| Source Port: | 51626 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.184.110.8743142802841377 03/31/23-13:36:42.122059 |
| SID: | 2841377 |
| Source Port: | 43142 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.221.227.1246920802841377 03/31/23-13:35:32.520712 |
| SID: | 2841377 |
| Source Port: | 46920 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.175.85.23744888802841377 03/31/23-13:37:02.335471 |
| SID: | 2841377 |
| Source Port: | 44888 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.174.124.4352368802841377 03/31/23-13:36:29.513639 |
| SID: | 2841377 |
| Source Port: | 52368 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.216.96.13152620802841377 03/31/23-13:36:48.157037 |
| SID: | 2841377 |
| Source Port: | 52620 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.163.79.3837450802841377 03/31/23-13:37:53.876490 |
| SID: | 2841377 |
| Source Port: | 37450 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.216.64.16556780802841377 03/31/23-13:35:47.691792 |
| SID: | 2841377 |
| Source Port: | 56780 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.203.155.24243748802841377 03/31/23-13:36:49.598771 |
| SID: | 2841377 |
| Source Port: | 43748 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.163.125.7736956802841377 03/31/23-13:36:57.706849 |
| SID: | 2841377 |
| Source Port: | 36956 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.216.157.3544310802841377 03/31/23-13:35:52.472233 |
| SID: | 2841377 |
| Source Port: | 44310 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.99.123.11438666802841377 03/31/23-13:37:09.517120 |
| SID: | 2841377 |
| Source Port: | 38666 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.142.89.1843252802841377 03/31/23-13:36:01.229516 |
| SID: | 2841377 |
| Source Port: | 43252 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.142.71.8845914802841377 03/31/23-13:36:59.968534 |
| SID: | 2841377 |
| Source Port: | 45914 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.14.23139328802841377 03/31/23-13:36:25.857449 |
| SID: | 2841377 |
| Source Port: | 39328 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.220.250.4257004802841377 03/31/23-13:37:47.850734 |
| SID: | 2841377 |
| Source Port: | 57004 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.150.143.13855236802841377 03/31/23-13:35:32.520777 |
| SID: | 2841377 |
| Source Port: | 55236 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.216.77.1837024802841377 03/31/23-13:36:17.885622 |
| SID: | 2841377 |
| Source Port: | 37024 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.78.112.14354490802841377 03/31/23-13:37:06.121051 |
| SID: | 2841377 |
| Source Port: | 54490 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.131.48.18457736802841377 03/31/23-13:35:17.315060 |
| SID: | 2841377 |
| Source Port: | 57736 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.236.1455624802841377 03/31/23-13:37:11.858394 |
| SID: | 2841377 |
| Source Port: | 55624 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.167.245.4554890802841377 03/31/23-13:37:20.561709 |
| SID: | 2841377 |
| Source Port: | 54890 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.21.255.2043740802841377 03/31/23-13:35:17.354678 |
| SID: | 2841377 |
| Source Port: | 43740 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.187.23349296802841377 03/31/23-13:38:06.010232 |
| SID: | 2841377 |
| Source Port: | 49296 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.217.26.7443872802841377 03/31/23-13:35:17.322356 |
| SID: | 2841377 |
| Source Port: | 43872 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.87.72.9141952802841377 03/31/23-13:37:02.414306 |
| SID: | 2841377 |
| Source Port: | 41952 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.133.195.11048908802841377 03/31/23-13:37:09.221241 |
| SID: | 2841377 |
| Source Port: | 48908 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.228.21453956802841377 03/31/23-13:37:53.840051 |
| SID: | 2841377 |
| Source Port: | 53956 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.220.56.14859002802841377 03/31/23-13:36:20.765772 |
| SID: | 2841377 |
| Source Port: | 59002 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.87.220.10942662802841377 03/31/23-13:35:27.269868 |
| SID: | 2841377 |
| Source Port: | 42662 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.154.217.19547030802841377 03/31/23-13:35:27.258054 |
| SID: | 2841377 |
| Source Port: | 47030 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.99.168.19439892802841377 03/31/23-13:35:40.264050 |
| SID: | 2841377 |
| Source Port: | 39892 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.175.173.9139538802841377 03/31/23-13:36:25.857165 |
| SID: | 2841377 |
| Source Port: | 39538 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.151.183.6833724802841377 03/31/23-13:36:37.678344 |
| SID: | 2841377 |
| Source Port: | 33724 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.86.121.1850328802841377 03/31/23-13:35:42.707922 |
| SID: | 2841377 |
| Source Port: | 50328 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.248.144.24060012802841377 03/31/23-13:35:52.467177 |
| SID: | 2841377 |
| Source Port: | 60012 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.169.182.6633194802841377 03/31/23-13:36:31.892969 |
| SID: | 2841377 |
| Source Port: | 33194 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.217.183.20639700802841377 03/31/23-13:36:45.835743 |
| SID: | 2841377 |
| Source Port: | 39700 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.255.190.10640308802841377 03/31/23-13:36:09.617660 |
| SID: | 2841377 |
| Source Port: | 40308 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.58.99.23341932802841377 03/31/23-13:36:01.223156 |
| SID: | 2841377 |
| Source Port: | 41932 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.33.102.23932944802841377 03/31/23-13:37:38.468191 |
| SID: | 2841377 |
| Source Port: | 32944 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.216.216.13156818802841377 03/31/23-13:37:53.837994 |
| SID: | 2841377 |
| Source Port: | 56818 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.183.52.14850396802841377 03/31/23-13:35:22.022951 |
| SID: | 2841377 |
| Source Port: | 50396 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.85.56.19960068802841377 03/31/23-13:37:33.413424 |
| SID: | 2841377 |
| Source Port: | 60068 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.201.190.5040958802841377 03/31/23-13:38:01.836646 |
| SID: | 2841377 |
| Source Port: | 40958 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.223.57.3349504802841377 03/31/23-13:37:06.101439 |
| SID: | 2841377 |
| Source Port: | 49504 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.19.25452288802841377 03/31/23-13:37:18.051980 |
| SID: | 2841377 |
| Source Port: | 52288 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.97.29.24050574802841377 03/31/23-13:35:19.550809 |
| SID: | 2841377 |
| Source Port: | 50574 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.86.114.8160602802841377 03/31/23-13:38:03.845113 |
| SID: | 2841377 |
| Source Port: | 60602 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.221.30.24933040802841377 03/31/23-13:36:10.994525 |
| SID: | 2841377 |
| Source Port: | 33040 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.160.39.9839766802841377 03/31/23-13:36:31.879409 |
| SID: | 2841377 |
| Source Port: | 39766 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.221.164.11753728802841377 03/31/23-13:37:43.112669 |
| SID: | 2841377 |
| Source Port: | 53728 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.198.195.12341870802841377 03/31/23-13:37:21.809436 |
| SID: | 2841377 |
| Source Port: | 41870 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.121.162.24441536802841377 03/31/23-13:37:24.143006 |
| SID: | 2841377 |
| Source Port: | 41536 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.110.160.19049748802841377 03/31/23-13:37:33.381495 |
| SID: | 2841377 |
| Source Port: | 49748 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.56.152.13446352802841377 03/31/23-13:37:54.006831 |
| SID: | 2841377 |
| Source Port: | 46352 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.160.38.16153778802841377 03/31/23-13:35:36.029198 |
| SID: | 2841377 |
| Source Port: | 53778 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.213.126.7537262802841377 03/31/23-13:36:55.948613 |
| SID: | 2841377 |
| Source Port: | 37262 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.213.167.22640940802841377 03/31/23-13:36:25.858069 |
| SID: | 2841377 |
| Source Port: | 40940 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.128.148.658102802841377 03/31/23-13:36:41.537249 |
| SID: | 2841377 |
| Source Port: | 58102 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.173.9358644802841377 03/31/23-13:37:04.608415 |
| SID: | 2841377 |
| Source Port: | 58644 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.163.50.17855938802841377 03/31/23-13:36:01.160739 |
| SID: | 2841377 |
| Source Port: | 55938 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.196.167.13053360802841377 03/31/23-13:37:02.758427 |
| SID: | 2841377 |
| Source Port: | 53360 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.45.37.532832802841377 03/31/23-13:38:02.363403 |
| SID: | 2841377 |
| Source Port: | 32832 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.170.86.836226802841377 03/31/23-13:36:57.674978 |
| SID: | 2841377 |
| Source Port: | 36226 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.217.251.1056328802841377 03/31/23-13:36:25.841920 |
| SID: | 2841377 |
| Source Port: | 56328 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.203.155.24243744802841377 03/31/23-13:36:49.599116 |
| SID: | 2841377 |
| Source Port: | 43744 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.225.9150596802841377 03/31/23-13:37:38.281825 |
| SID: | 2841377 |
| Source Port: | 50596 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.216.115.9937888802841377 03/31/23-13:36:17.924027 |
| SID: | 2841377 |
| Source Port: | 37888 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.178.8860866802841377 03/31/23-13:36:43.443196 |
| SID: | 2841377 |
| Source Port: | 60866 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.208.13.18346198802841377 03/31/23-13:37:09.522894 |
| SID: | 2841377 |
| Source Port: | 46198 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.86.89.11237868802841377 03/31/23-13:37:38.324066 |
| SID: | 2841377 |
| Source Port: | 37868 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.217.12.4259110802841377 03/31/23-13:36:29.429230 |
| SID: | 2841377 |
| Source Port: | 59110 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.198.199.12546228802841377 03/31/23-13:37:50.258498 |
| SID: | 2841377 |
| Source Port: | 46228 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.19.142.11349098802841377 03/31/23-13:35:55.050553 |
| SID: | 2841377 |
| Source Port: | 49098 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.202.10849452802841377 03/31/23-13:37:38.471706 |
| SID: | 2841377 |
| Source Port: | 49452 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.65.24153820802841377 03/31/23-13:35:43.940209 |
| SID: | 2841377 |
| Source Port: | 53820 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.216.48.10137652802841377 03/31/23-13:36:40.242107 |
| SID: | 2841377 |
| Source Port: | 37652 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.80.200.25460276802841377 03/31/23-13:36:13.252562 |
| SID: | 2841377 |
| Source Port: | 60276 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.221.242.23639700802841377 03/31/23-13:37:43.282286 |
| SID: | 2841377 |
| Source Port: | 39700 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.197.164.9442044802841377 03/31/23-13:35:34.237978 |
| SID: | 2841377 |
| Source Port: | 42044 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.225.23059316802841377 03/31/23-13:37:14.848524 |
| SID: | 2841377 |
| Source Port: | 59316 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.140.235.4956586802841377 03/31/23-13:36:01.144731 |
| SID: | 2841377 |
| Source Port: | 56586 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.164.7149478802841377 03/31/23-13:37:33.547925 |
| SID: | 2841377 |
| Source Port: | 49478 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.52.158.042330802841377 03/31/23-13:36:23.916831 |
| SID: | 2841377 |
| Source Port: | 42330 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.223.183.8456080802841377 03/31/23-13:37:38.260119 |
| SID: | 2841377 |
| Source Port: | 56080 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.135.213.17749922802841377 03/31/23-13:36:53.069239 |
| SID: | 2841377 |
| Source Port: | 49922 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.43.223.11743716802841377 03/31/23-13:37:02.340029 |
| SID: | 2841377 |
| Source Port: | 43716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.197.94.840160802841377 03/31/23-13:37:20.585797 |
| SID: | 2841377 |
| Source Port: | 40160 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.56.21.152676802841377 03/31/23-13:37:04.692489 |
| SID: | 2841377 |
| Source Port: | 52676 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.80.170.4855338802841377 03/31/23-13:37:06.151577 |
| SID: | 2841377 |
| Source Port: | 55338 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.198.108.24146104802841377 03/31/23-13:35:19.533902 |
| SID: | 2841377 |
| Source Port: | 46104 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.81.125.17659432802841377 03/31/23-13:37:04.677403 |
| SID: | 2841377 |
| Source Port: | 59432 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.86.95.17155962802841377 03/31/23-13:37:38.324222 |
| SID: | 2841377 |
| Source Port: | 55962 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.132.224.15451088802841377 03/31/23-13:36:41.668541 |
| SID: | 2841377 |
| Source Port: | 51088 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.223.119.12550418802841377 03/31/23-13:35:42.669383 |
| SID: | 2841377 |
| Source Port: | 50418 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.230.65.15545272802841377 03/31/23-13:36:28.279646 |
| SID: | 2841377 |
| Source Port: | 45272 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.217.1444046802841377 03/31/23-13:36:25.855693 |
| SID: | 2841377 |
| Source Port: | 44046 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.186.69.18253150802841377 03/31/23-13:35:42.636879 |
| SID: | 2841377 |
| Source Port: | 53150 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.86.64.17641898802841377 03/31/23-13:36:13.298072 |
| SID: | 2841377 |
| Source Port: | 41898 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.59.182.10856772802841377 03/31/23-13:35:42.751021 |
| SID: | 2841377 |
| Source Port: | 56772 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.249.184.22737090802841377 03/31/23-13:37:53.829984 |
| SID: | 2841377 |
| Source Port: | 37090 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.184.29.9360016802841377 03/31/23-13:37:21.088825 |
| SID: | 2841377 |
| Source Port: | 60016 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.0.50.24640592802841377 03/31/23-13:38:03.779478 |
| SID: | 2841377 |
| Source Port: | 40592 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.12.91.4837340802841377 03/31/23-13:35:56.555857 |
| SID: | 2841377 |
| Source Port: | 37340 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.128.76.9744142802841377 03/31/23-13:36:17.914636 |
| SID: | 2841377 |
| Source Port: | 44142 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.243.16934308802841377 03/31/23-13:35:19.568583 |
| SID: | 2841377 |
| Source Port: | 34308 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.9.115.14845596802841377 03/31/23-13:37:40.722081 |
| SID: | 2841377 |
| Source Port: | 45596 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.12.91.4837334802841377 03/31/23-13:35:55.316571 |
| SID: | 2841377 |
| Source Port: | 37334 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.217.165.9634892802841377 03/31/23-13:37:53.838235 |
| SID: | 2841377 |
| Source Port: | 34892 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.227.138.3652614802841377 03/31/23-13:35:56.664147 |
| SID: | 2841377 |
| Source Port: | 52614 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.221.225.22847834802841377 03/31/23-13:37:00.033081 |
| SID: | 2841377 |
| Source Port: | 47834 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.215.185.2350078802841377 03/31/23-13:37:18.078583 |
| SID: | 2841377 |
| Source Port: | 50078 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.229.20239036802841377 03/31/23-13:37:56.200651 |
| SID: | 2841377 |
| Source Port: | 39036 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.215.15249704802841377 03/31/23-13:37:56.258479 |
| SID: | 2841377 |
| Source Port: | 49704 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.217.209.15048102802841377 03/31/23-13:36:28.155967 |
| SID: | 2841377 |
| Source Port: | 48102 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.141.119.8241218802841377 03/31/23-13:37:20.550234 |
| SID: | 2841377 |
| Source Port: | 41218 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.217.65.24133308802841377 03/31/23-13:35:40.261903 |
| SID: | 2841377 |
| Source Port: | 33308 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.171.186.23941828802841377 03/31/23-13:36:35.655750 |
| SID: | 2841377 |
| Source Port: | 41828 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.209.220.15643246802841377 03/31/23-13:35:30.894199 |
| SID: | 2841377 |
| Source Port: | 43246 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.171.232.21733970802841377 03/31/23-13:36:05.130621 |
| SID: | 2841377 |
| Source Port: | 33970 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.136.17933424802841377 03/31/23-13:36:40.265853 |
| SID: | 2841377 |
| Source Port: | 33424 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.110.159.2539228802841377 03/31/23-13:35:19.588242 |
| SID: | 2841377 |
| Source Port: | 39228 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.60.60.152124802841377 03/31/23-13:36:28.172947 |
| SID: | 2841377 |
| Source Port: | 52124 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.220.11448654802841377 03/31/23-13:36:17.933519 |
| SID: | 2841377 |
| Source Port: | 48654 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.183.8.7642198802841377 03/31/23-13:37:38.318674 |
| SID: | 2841377 |
| Source Port: | 42198 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.213.237.9046312802841377 03/31/23-13:35:52.403974 |
| SID: | 2841377 |
| Source Port: | 46312 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.203.103.20739846802841377 03/31/23-13:35:56.610344 |
| SID: | 2841377 |
| Source Port: | 39846 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.221.36.23548248802841377 03/31/23-13:35:38.163247 |
| SID: | 2841377 |
| Source Port: | 48248 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.213.22633084802841377 03/31/23-13:36:17.936028 |
| SID: | 2841377 |
| Source Port: | 33084 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.203.155.24243734802841377 03/31/23-13:36:49.597785 |
| SID: | 2841377 |
| Source Port: | 43734 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.47.5.20054516802841377 03/31/23-13:36:52.922819 |
| SID: | 2841377 |
| Source Port: | 54516 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.65.35.12436278802841377 03/31/23-13:37:35.769529 |
| SID: | 2841377 |
| Source Port: | 36278 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.65.29.7539184802841377 03/31/23-13:36:53.681514 |
| SID: | 2841377 |
| Source Port: | 39184 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.138.17.9837080802841377 03/31/23-13:36:04.888444 |
| SID: | 2841377 |
| Source Port: | 37080 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.86.81.4752228802841377 03/31/23-13:37:02.359488 |
| SID: | 2841377 |
| Source Port: | 52228 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.111.192.23936952802841377 03/31/23-13:37:33.505537 |
| SID: | 2841377 |
| Source Port: | 36952 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.133.244.4236750802841377 03/31/23-13:37:04.615010 |
| SID: | 2841377 |
| Source Port: | 36750 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.76.359000802841377 03/31/23-13:35:17.303077 |
| SID: | 2841377 |
| Source Port: | 59000 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.119.169.5258502802841377 03/31/23-13:36:37.603103 |
| SID: | 2841377 |
| Source Port: | 58502 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.225.1849542802841377 03/31/23-13:36:29.427484 |
| SID: | 2841377 |
| Source Port: | 49542 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.65.116.3750092802841377 03/31/23-13:35:17.332170 |
| SID: | 2841377 |
| Source Port: | 50092 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.216.221.6957914802841377 03/31/23-13:35:47.691959 |
| SID: | 2841377 |
| Source Port: | 57914 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.183.36.16253914802841377 03/31/23-13:37:11.864904 |
| SID: | 2841377 |
| Source Port: | 53914 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.149.212.19248914802841377 03/31/23-13:36:34.239610 |
| SID: | 2841377 |
| Source Port: | 48914 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.151.18.12133308802841377 03/31/23-13:37:14.816809 |
| SID: | 2841377 |
| Source Port: | 33308 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.213.155.22743716802841377 03/31/23-13:37:31.072254 |
| SID: | 2841377 |
| Source Port: | 43716 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.198.14.8845862802841377 03/31/23-13:35:52.363236 |
| SID: | 2841377 |
| Source Port: | 45862 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.198.112.3059794802841377 03/31/23-13:37:33.435493 |
| SID: | 2841377 |
| Source Port: | 59794 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.161.128.8839662802841377 03/31/23-13:36:31.867458 |
| SID: | 2841377 |
| Source Port: | 39662 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.43.241.24247232802841377 03/31/23-13:37:35.764628 |
| SID: | 2841377 |
| Source Port: | 47232 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.134.103.16650640802841377 03/31/23-13:35:27.310344 |
| SID: | 2841377 |
| Source Port: | 50640 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.199.95.4842710802841377 03/31/23-13:35:32.603021 |
| SID: | 2841377 |
| Source Port: | 42710 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.224.1.21637192802841377 03/31/23-13:36:48.096573 |
| SID: | 2841377 |
| Source Port: | 37192 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.86.115.19251706802841377 03/31/23-13:36:35.597957 |
| SID: | 2841377 |
| Source Port: | 51706 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.85.64.10255674802841377 03/31/23-13:38:03.705121 |
| SID: | 2841377 |
| Source Port: | 55674 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.48.174.2047668802841377 03/31/23-13:36:53.340433 |
| SID: | 2841377 |
| Source Port: | 47668 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.184.54.12457584802841377 03/31/23-13:37:09.029525 |
| SID: | 2841377 |
| Source Port: | 57584 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.128.177.1442600802841377 03/31/23-13:36:28.172725 |
| SID: | 2841377 |
| Source Port: | 42600 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.67.235.6038092802841377 03/31/23-13:37:02.358287 |
| SID: | 2841377 |
| Source Port: | 38092 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.178.178.2946164802841377 03/31/23-13:36:25.803700 |
| SID: | 2841377 |
| Source Port: | 46164 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.175.105.3454388802841377 03/31/23-13:36:55.997906 |
| SID: | 2841377 |
| Source Port: | 54388 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.84.228.1039130802841377 03/31/23-13:36:57.705216 |
| SID: | 2841377 |
| Source Port: | 39130 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.34.188.17646094802841377 03/31/23-13:35:50.249418 |
| SID: | 2841377 |
| Source Port: | 46094 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.216.14.1933330802841377 03/31/23-13:36:02.472236 |
| SID: | 2841377 |
| Source Port: | 33330 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.28.239.17436602802841377 03/31/23-13:36:25.261533 |
| SID: | 2841377 |
| Source Port: | 36602 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.175.114.17034536802841377 03/31/23-13:37:43.079893 |
| SID: | 2841377 |
| Source Port: | 34536 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.78.19554828802841377 03/31/23-13:37:04.593124 |
| SID: | 2841377 |
| Source Port: | 54828 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.179.246.14552850802841377 03/31/23-13:36:14.747529 |
| SID: | 2841377 |
| Source Port: | 52850 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.214.248.8842732802841377 03/31/23-13:37:11.980049 |
| SID: | 2841377 |
| Source Port: | 42732 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.216.27.1941174802841377 03/31/23-13:37:33.381642 |
| SID: | 2841377 |
| Source Port: | 41174 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.188.12734906802841377 03/31/23-13:36:59.994172 |
| SID: | 2841377 |
| Source Port: | 34906 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.215.84.13657814802841377 03/31/23-13:38:06.160452 |
| SID: | 2841377 |
| Source Port: | 57814 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.82.240.6739156802841377 03/31/23-13:35:28.646913 |
| SID: | 2841377 |
| Source Port: | 39156 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.166.127.1344054802841377 03/31/23-13:37:38.475668 |
| SID: | 2841377 |
| Source Port: | 44054 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.132.224.15450928802841377 03/31/23-13:36:35.721702 |
| SID: | 2841377 |
| Source Port: | 50928 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.217.234.5939840802841377 03/31/23-13:36:20.455289 |
| SID: | 2841377 |
| Source Port: | 39840 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.65.216.15335076802841377 03/31/23-13:36:31.880600 |
| SID: | 2841377 |
| Source Port: | 35076 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.80.130.7449982802841377 03/31/23-13:37:20.513261 |
| SID: | 2841377 |
| Source Port: | 49982 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.221.167.16660818802841377 03/31/23-13:37:21.821171 |
| SID: | 2841377 |
| Source Port: | 60818 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.217.203.7060998802841377 03/31/23-13:36:28.194521 |
| SID: | 2841377 |
| Source Port: | 60998 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.86.109.22843652802841377 03/31/23-13:37:31.108688 |
| SID: | 2841377 |
| Source Port: | 43652 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.38.249.25151058802841377 03/31/23-13:35:58.959112 |
| SID: | 2841377 |
| Source Port: | 51058 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.170.251.12859918802841377 03/31/23-13:35:32.191687 |
| SID: | 2841377 |
| Source Port: | 59918 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23197.2.207.21555290372152835222 03/31/23-13:37:05.234681 |
| SID: | 2835222 |
| Source Port: | 55290 |
| Destination Port: | 37215 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.2388.198.10.8350726802841377 03/31/23-13:35:52.339402 |
| SID: | 2841377 |
| Source Port: | 50726 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.154.194.12544744802841377 03/31/23-13:37:53.829837 |
| SID: | 2841377 |
| Source Port: | 44744 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.251.179.3259364802841377 03/31/23-13:37:33.502256 |
| SID: | 2841377 |
| Source Port: | 59364 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.17.250.1848522802841377 03/31/23-13:37:03.016212 |
| SID: | 2841377 |
| Source Port: | 48522 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.25.63.7860764802841377 03/31/23-13:36:40.205008 |
| SID: | 2841377 |
| Source Port: | 60764 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.57.143.9155290802841377 03/31/23-13:37:56.428853 |
| SID: | 2841377 |
| Source Port: | 55290 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.165.167.21560796802841377 03/31/23-13:37:18.068558 |
| SID: | 2841377 |
| Source Port: | 60796 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.201.185.15541432802841377 03/31/23-13:36:40.203597 |
| SID: | 2841377 |
| Source Port: | 41432 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.14.24856110802841377 03/31/23-13:37:38.476001 |
| SID: | 2841377 |
| Source Port: | 56110 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.86.230.9347216802841377 03/31/23-13:35:33.929860 |
| SID: | 2841377 |
| Source Port: | 47216 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.213.143.9456112802841377 03/31/23-13:37:06.518604 |
| SID: | 2841377 |
| Source Port: | 56112 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.58.113.18960514802841377 03/31/23-13:37:28.770995 |
| SID: | 2841377 |
| Source Port: | 60514 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.140.237.16133202802841377 03/31/23-13:37:53.800690 |
| SID: | 2841377 |
| Source Port: | 33202 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.217.200.25037198802841377 03/31/23-13:35:58.873337 |
| SID: | 2841377 |
| Source Port: | 37198 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.217.119.23560718802841377 03/31/23-13:37:35.759006 |
| SID: | 2841377 |
| Source Port: | 60718 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.99.235.22638114802841377 03/31/23-13:36:43.425439 |
| SID: | 2841377 |
| Source Port: | 38114 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.217.231.4340722802841377 03/31/23-13:37:18.051926 |
| SID: | 2841377 |
| Source Port: | 40722 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.57.107.10539092802841377 03/31/23-13:37:06.633403 |
| SID: | 2841377 |
| Source Port: | 39092 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.128.85.1750590802841377 03/31/23-13:37:06.431014 |
| SID: | 2841377 |
| Source Port: | 50590 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.67.28.5536844802841377 03/31/23-13:37:18.095951 |
| SID: | 2841377 |
| Source Port: | 36844 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.130.232.13841970802841377 03/31/23-13:37:47.839162 |
| SID: | 2841377 |
| Source Port: | 41970 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.48.151.24153820802841377 03/31/23-13:35:47.350285 |
| SID: | 2841377 |
| Source Port: | 53820 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.99.147.18235430802841377 03/31/23-13:35:32.484331 |
| SID: | 2841377 |
| Source Port: | 35430 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.132.224.15450856802841377 03/31/23-13:36:35.526762 |
| SID: | 2841377 |
| Source Port: | 50856 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23197.3.134.13549098372152835222 03/31/23-13:37:00.074465 |
| SID: | 2835222 |
| Source Port: | 49098 |
| Destination Port: | 37215 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.2388.80.191.7157858802841377 03/31/23-13:37:30.989111 |
| SID: | 2841377 |
| Source Port: | 57858 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.141.35.16638914802841377 03/31/23-13:35:58.856591 |
| SID: | 2841377 |
| Source Port: | 38914 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.48.151.24153818802841377 03/31/23-13:35:47.364580 |
| SID: | 2841377 |
| Source Port: | 53818 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.112.157.9254952802841377 03/31/23-13:36:40.243847 |
| SID: | 2841377 |
| Source Port: | 54952 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.179.250.12542006802841377 03/31/23-13:35:22.041933 |
| SID: | 2841377 |
| Source Port: | 42006 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.198.77.20943868802841377 03/31/23-13:37:51.600623 |
| SID: | 2841377 |
| Source Port: | 43868 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.166.254.7935980802841377 03/31/23-13:36:10.935236 |
| SID: | 2841377 |
| Source Port: | 35980 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.163.142.13238754802841377 03/31/23-13:36:40.258274 |
| SID: | 2841377 |
| Source Port: | 38754 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.34.244.17960470802841377 03/31/23-13:36:49.879220 |
| SID: | 2841377 |
| Source Port: | 60470 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.132.224.15451372802841377 03/31/23-13:36:50.798109 |
| SID: | 2841377 |
| Source Port: | 51372 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.57.249.11451254802841377 03/31/23-13:36:57.787735 |
| SID: | 2841377 |
| Source Port: | 51254 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.149.139.19440640802841377 03/31/23-13:37:06.478417 |
| SID: | 2841377 |
| Source Port: | 40640 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.86.117.5659888802841377 03/31/23-13:38:06.015050 |
| SID: | 2841377 |
| Source Port: | 59888 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.111.239.11443900802841377 03/31/23-13:38:06.008934 |
| SID: | 2841377 |
| Source Port: | 43900 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.183.54.4435020802841377 03/31/23-13:35:22.011495 |
| SID: | 2841377 |
| Source Port: | 35020 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.216.170.18434880802841377 03/31/23-13:37:38.440878 |
| SID: | 2841377 |
| Source Port: | 34880 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.249.206.7847526802841377 03/31/23-13:37:14.807681 |
| SID: | 2841377 |
| Source Port: | 47526 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.170.85.3360216802841377 03/31/23-13:37:31.015039 |
| SID: | 2841377 |
| Source Port: | 60216 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.120.243.11451144802841377 03/31/23-13:37:47.863125 |
| SID: | 2841377 |
| Source Port: | 51144 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.99.213.22237294802841377 03/31/23-13:35:46.036954 |
| SID: | 2841377 |
| Source Port: | 37294 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.1.25.11847750802841377 03/31/23-13:36:53.163308 |
| SID: | 2841377 |
| Source Port: | 47750 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.50.10640238802841377 03/31/23-13:36:02.398089 |
| SID: | 2841377 |
| Source Port: | 40238 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.212.178.4736798802841377 03/31/23-13:36:06.492765 |
| SID: | 2841377 |
| Source Port: | 36798 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.85.64.1943900802841377 03/31/23-13:37:06.127000 |
| SID: | 2841377 |
| Source Port: | 43900 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.221.47.6343116802841377 03/31/23-13:36:37.624234 |
| SID: | 2841377 |
| Source Port: | 43116 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.221.58.22941120802841377 03/31/23-13:36:43.424236 |
| SID: | 2841377 |
| Source Port: | 41120 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.128.134.21334958802841377 03/31/23-13:36:17.922543 |
| SID: | 2841377 |
| Source Port: | 34958 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.186.25.2148760802841377 03/31/23-13:36:49.554288 |
| SID: | 2841377 |
| Source Port: | 48760 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.58.103.2548702802841377 03/31/23-13:35:17.358105 |
| SID: | 2841377 |
| Source Port: | 48702 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.56.141.3941262802841377 03/31/23-13:36:13.344857 |
| SID: | 2841377 |
| Source Port: | 41262 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.198.66.6941834802841377 03/31/23-13:37:33.436731 |
| SID: | 2841377 |
| Source Port: | 41834 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.181.243.1956424802841377 03/31/23-13:35:42.770647 |
| SID: | 2841377 |
| Source Port: | 56424 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.47.52.15734896802841377 03/31/23-13:37:50.248264 |
| SID: | 2841377 |
| Source Port: | 34896 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.167.98.1352240802841377 03/31/23-13:36:52.903967 |
| SID: | 2841377 |
| Source Port: | 52240 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.179.147.14450310802841377 03/31/23-13:36:02.433894 |
| SID: | 2841377 |
| Source Port: | 50310 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.208.87.3541484802841377 03/31/23-13:36:34.212170 |
| SID: | 2841377 |
| Source Port: | 41484 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.203.155.24243754802841377 03/31/23-13:36:49.599262 |
| SID: | 2841377 |
| Source Port: | 43754 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.129.22.23940596802841377 03/31/23-13:35:23.126718 |
| SID: | 2841377 |
| Source Port: | 40596 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23197.234.43.10036856372152835222 03/31/23-13:35:42.658098 |
| SID: | 2835222 |
| Source Port: | 36856 |
| Destination Port: | 37215 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.23112.186.229.19443848802841377 03/31/23-13:36:42.124634 |
| SID: | 2841377 |
| Source Port: | 43848 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.99.125.12443524802841377 03/31/23-13:37:47.820058 |
| SID: | 2841377 |
| Source Port: | 43524 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.151.16646376802841377 03/31/23-13:36:55.967401 |
| SID: | 2841377 |
| Source Port: | 46376 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.213.169.1742638802841377 03/31/23-13:35:40.275446 |
| SID: | 2841377 |
| Source Port: | 42638 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.151.243.14549544802841377 03/31/23-13:36:16.584282 |
| SID: | 2841377 |
| Source Port: | 49544 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23197.234.54.22746320372152835222 03/31/23-13:37:16.405645 |
| SID: | 2835222 |
| Source Port: | 46320 |
| Destination Port: | 37215 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.2395.68.224.6759822802841377 03/31/23-13:37:40.715540 |
| SID: | 2841377 |
| Source Port: | 59822 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.47.11.10943658802841377 03/31/23-13:35:55.050788 |
| SID: | 2841377 |
| Source Port: | 43658 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.223.68.6248138802841377 03/31/23-13:37:06.102340 |
| SID: | 2841377 |
| Source Port: | 48138 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.172.169.14533966802841377 03/31/23-13:37:18.179044 |
| SID: | 2841377 |
| Source Port: | 33966 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.94.10760088802841377 03/31/23-13:38:06.017656 |
| SID: | 2841377 |
| Source Port: | 60088 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.173.178.19541908802841377 03/31/23-13:38:06.070426 |
| SID: | 2841377 |
| Source Port: | 41908 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.132.224.15450980802841377 03/31/23-13:36:37.749618 |
| SID: | 2841377 |
| Source Port: | 50980 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.53.192.15141404802841377 03/31/23-13:37:40.708450 |
| SID: | 2841377 |
| Source Port: | 41404 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.78.178.1148976802841377 03/31/23-13:35:32.121128 |
| SID: | 2841377 |
| Source Port: | 48976 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.84.189.17040448802841377 03/31/23-13:36:01.194261 |
| SID: | 2841377 |
| Source Port: | 40448 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.9.117.6036040802841377 03/31/23-13:37:31.037567 |
| SID: | 2841377 |
| Source Port: | 36040 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.203.155.24243742802841377 03/31/23-13:36:49.598459 |
| SID: | 2841377 |
| Source Port: | 43742 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.203.155.24243736802841377 03/31/23-13:36:49.598109 |
| SID: | 2841377 |
| Source Port: | 43736 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.181.134.15847282802841377 03/31/23-13:37:56.355134 |
| SID: | 2841377 |
| Source Port: | 47282 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.214.38.15243684802841377 03/31/23-13:37:09.493856 |
| SID: | 2841377 |
| Source Port: | 43684 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.101.189.4133122802841377 03/31/23-13:36:23.908791 |
| SID: | 2841377 |
| Source Port: | 33122 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.111.229.21158930802841377 03/31/23-13:37:18.075864 |
| SID: | 2841377 |
| Source Port: | 58930 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.99.213.5135106802841377 03/31/23-13:36:20.478742 |
| SID: | 2841377 |
| Source Port: | 35106 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.47.5.20054514802841377 03/31/23-13:36:52.917553 |
| SID: | 2841377 |
| Source Port: | 54514 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.46.80.636972802841377 03/31/23-13:35:52.620447 |
| SID: | 2841377 |
| Source Port: | 36972 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.198.93.2053346802841377 03/31/23-13:36:06.479956 |
| SID: | 2841377 |
| Source Port: | 53346 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.67.14.18959874802841377 03/31/23-13:36:01.150603 |
| SID: | 2841377 |
| Source Port: | 59874 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.200.176.16734808802841377 03/31/23-13:36:34.254245 |
| SID: | 2841377 |
| Source Port: | 34808 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.100.9.17850854802841377 03/31/23-13:37:02.323138 |
| SID: | 2841377 |
| Source Port: | 50854 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.216.155.19340546802841377 03/31/23-13:38:05.982689 |
| SID: | 2841377 |
| Source Port: | 40546 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.149.153.9860568802841377 03/31/23-13:36:06.456057 |
| SID: | 2841377 |
| Source Port: | 60568 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.214.193.13948184802841377 03/31/23-13:37:45.666963 |
| SID: | 2841377 |
| Source Port: | 48184 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.183.52.3137352802841377 03/31/23-13:36:28.129123 |
| SID: | 2841377 |
| Source Port: | 37352 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.217.86.937830802841377 03/31/23-13:36:28.194281 |
| SID: | 2841377 |
| Source Port: | 37830 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.2.252.15449870802841377 03/31/23-13:37:51.665115 |
| SID: | 2841377 |
| Source Port: | 49870 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.228.207.15257736802841377 03/31/23-13:37:21.850710 |
| SID: | 2841377 |
| Source Port: | 57736 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.150.167.21846788802841377 03/31/23-13:37:43.108381 |
| SID: | 2841377 |
| Source Port: | 46788 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.112.76.4741274802841377 03/31/23-13:38:06.092175 |
| SID: | 2841377 |
| Source Port: | 41274 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.198.12.8545708802841377 03/31/23-13:35:52.362415 |
| SID: | 2841377 |
| Source Port: | 45708 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.119.144.19938910802841377 03/31/23-13:35:40.306466 |
| SID: | 2841377 |
| Source Port: | 38910 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.86.70.1560936802841377 03/31/23-13:36:31.939030 |
| SID: | 2841377 |
| Source Port: | 60936 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.89.36.3343652802841377 03/31/23-13:36:02.469737 |
| SID: | 2841377 |
| Source Port: | 43652 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.181.218.11548468802841377 03/31/23-13:37:51.578667 |
| SID: | 2841377 |
| Source Port: | 48468 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23197.246.253.10848302372152835222 03/31/23-13:35:18.337715 |
| SID: | 2835222 |
| Source Port: | 48302 |
| Destination Port: | 37215 |
| Protocol: | TCP |
| Classtype: | A Network Trojan was detected |
| Timestamp: | 192.168.2.23112.163.47.8450640802841377 03/31/23-13:37:35.720986 |
| SID: | 2841377 |
| Source Port: | 50640 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.186.95.8250812802841377 03/31/23-13:37:21.083023 |
| SID: | 2841377 |
| Source Port: | 50812 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.163.53.10634862802841377 03/31/23-13:37:53.878081 |
| SID: | 2841377 |
| Source Port: | 34862 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.23112.72.145.1458110802841377 03/31/23-13:36:25.824518 |
| SID: | 2841377 |
| Source Port: | 58110 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.253.195.20453358802841377 03/31/23-13:35:27.286167 |
| SID: | 2841377 |
| Source Port: | 53358 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.156.226.8358290802841377 03/31/23-13:35:47.653527 |
| SID: | 2841377 |
| Source Port: | 58290 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2388.99.112.21353940802841377 03/31/23-13:37:45.690151 |
| SID: | 2841377 |
| Source Port: | 53940 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.68.213.8140942802841377 03/31/23-13:36:02.521119 |
| SID: | 2841377 |
| Source Port: | 40942 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
| Timestamp: | 192.168.2.2395.181.217.19638952802841377 03/31/23-13:36:23.895810 |
| SID: | 2841377 |
| Source Port: | 38952 |
| Destination Port: | 80 |
| Protocol: | TCP |
| Classtype: | Attempted Administrator Privilege Gain |
- • AV Detection
- • Networking
- • System Summary
- • Persistence and Installation Behavior
- • Hooking and other Techniques for Hiding and Protection
- • Malware Analysis System Evasion
- • Stealing of Sensitive Information
- • Remote Access Functionality
Click to jump to signature section
Show All Signature Results
AV Detection |   |
|---|
| Source: | ReversingLabs: | |||
| Source: | Virustotal: | Perma Link | ||
Networking | |
|---|
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | Snort IDS: | ||
| Source: | TCP traffic: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | Wget executable: | Jump to behavior | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | TCP traffic: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||
| Source: | HTTP traffic detected: | ||