Linux
Analysis Report
BalLH8Tvtr.elf
Overview
General Information
Sample Name: | BalLH8Tvtr.elf |
Original Sample Name: | 23d5dee68671bcbb92978a84dc089da1.elf |
Analysis ID: | 881255 |
MD5: | 23d5dee68671bcbb92978a84dc089da1 |
SHA1: | bd417e2d3536ffb9a1943a0779d3d898dd218ea9 |
SHA256: | 22c50299692e7fa9c8a7d83b0d500dd08a274e16e837e698b33281559169ea7a |
Tags: | 32armelfmirai |
Infos: |
Detection
Mirai
Score: | 92 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Antivirus / Scanner detection for submitted sample
Yara detected Mirai
Multi AV Scanner detection for submitted file
Malicious sample detected (through community Yara rule)
Snort IDS alert for network traffic
Connects to many ports of the same IP (likely port scanning)
Uses known network protocols on non-standard ports
Sample tries to kill multiple processes (SIGKILL)
Yara signature match
Uses the "uname" system call to query kernel version information (possible evasion)
Enumerates processes within the "proc" file system
Detected TCP or UDP traffic on non-standard ports
Sample listens on a socket
Sample tries to kill a process (SIGKILL)
Sample has stripped symbol table
HTTP GET or POST without a user agent
Sample contains strings indicative of BusyBox which embeds multiple Unix commands in a single executable
Classification
Analysis Advice
Some HTTP requests failed (404). It is likely that the sample will exhibit less behavior. |
Static ELF header machine description suggests that the sample might not execute correctly on this machine. |
Static ELF header machine description suggests that the sample might only run correctly on MIPS or ARM architectures. |
Joe Sandbox Version: | 37.1.0 Beryl |
Analysis ID: | 881255 |
Start date and time: | 2023-06-03 22:00:43 +02:00 |
Joe Sandbox Product: | CloudBasic |
Overall analysis duration: | 0h 7m 31s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample file name: | BalLH8Tvtr.elf |
Original Sample Name: | 23d5dee68671bcbb92978a84dc089da1.elf |
Detection: | MAL |
Classification: | mal92.spre.troj.linELF@0/0@0/0 |
- Report size exceeded maximum capacity and may have missing network information.
Command: | /tmp/BalLH8Tvtr.elf |
PID: | 6227 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | Infected By Cult |
Standard Error: |
- system is lnxubuntu20
- BalLH8Tvtr.elf New Fork (PID: 6229, Parent: 6227)
- BalLH8Tvtr.elf New Fork (PID: 6230, Parent: 6227)
- BalLH8Tvtr.elf New Fork (PID: 6231, Parent: 6227)
- BalLH8Tvtr.elf New Fork (PID: 6235, Parent: 6231)
- BalLH8Tvtr.elf New Fork (PID: 6236, Parent: 6231)
- BalLH8Tvtr.elf New Fork (PID: 6241, Parent: 6231)
- BalLH8Tvtr.elf New Fork (PID: 6243, Parent: 6231)
- BalLH8Tvtr.elf New Fork (PID: 6245, Parent: 6231)
- BalLH8Tvtr.elf New Fork (PID: 6247, Parent: 6231)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
Mirai | Mirai is one of the first significant botnets targeting exposed networking devices running Linux. Found in August 2016 by MalwareMustDie, its name means "future" in Japanese. Nowadays it targets a wide range of networked embedded devices such as IP cameras, home routers (many vendors involved), and other IoT devices. Since the source code was published on "Hack Forums" many variants of the Mirai family appeared, infecting mostly home networks all around the world. | No Attribution |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
MAL_ELF_LNX_Mirai_Oct10_1 | Detects ELF Mirai variant | Florian Roth (Nextron Systems) |
|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_Mirai_12 | Yara detected Mirai | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
MAL_ELF_LNX_Mirai_Oct10_1 | Detects ELF Mirai variant | Florian Roth (Nextron Systems) |
| |
MAL_ELF_LNX_Mirai_Oct10_1 | Detects ELF Mirai variant | Florian Roth (Nextron Systems) |
| |
MAL_ELF_LNX_Mirai_Oct10_1 | Detects ELF Mirai variant | Florian Roth (Nextron Systems) |
| |
MAL_ELF_LNX_Mirai_Oct10_1 | Detects ELF Mirai variant | Florian Roth (Nextron Systems) |
| |
MAL_ELF_LNX_Mirai_Oct10_1 | Detects ELF Mirai variant | Florian Roth (Nextron Systems) |
| |
Click to see the 4 entries |
Timestamp: | 192.168.2.2388.198.151.19948756802839471 06/03/23-22:03:51.065815 |
SID: | 2839471 |
Source Port: | 48756 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.119.224.8139982802839471 06/03/23-22:02:55.516354 |
SID: | 2839471 |
Source Port: | 39982 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.198.71.11651894802839471 06/03/23-22:04:13.608666 |
SID: | 2839471 |
Source Port: | 51894 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.101.169.16554314802839471 06/03/23-22:02:29.697313 |
SID: | 2839471 |
Source Port: | 54314 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.128.151.3435674802839471 06/03/23-22:01:38.139444 |
SID: | 2839471 |
Source Port: | 35674 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.216.38.9858576802839471 06/03/23-22:01:44.648708 |
SID: | 2839471 |
Source Port: | 58576 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.247.165.18653394802839471 06/03/23-22:02:02.476383 |
SID: | 2839471 |
Source Port: | 53394 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.218.191.9059792802839471 06/03/23-22:03:27.678627 |
SID: | 2839471 |
Source Port: | 59792 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.181.63.25340036802839471 06/03/23-22:03:55.986319 |
SID: | 2839471 |
Source Port: | 40036 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.86.30.9255130802839471 06/03/23-22:04:04.047177 |
SID: | 2839471 |
Source Port: | 55130 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.26.250.12342050802839471 06/03/23-22:02:32.073612 |
SID: | 2839471 |
Source Port: | 42050 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.213.92.8938462802839471 06/03/23-22:01:52.918739 |
SID: | 2839471 |
Source Port: | 38462 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.208.252.13837166802839471 06/03/23-22:02:39.986233 |
SID: | 2839471 |
Source Port: | 37166 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.163.4.14059336802839471 06/03/23-22:03:43.002493 |
SID: | 2839471 |
Source Port: | 59336 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.203.128.16236490802839471 06/03/23-22:02:32.045538 |
SID: | 2839471 |
Source Port: | 36490 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.130.19559960802839471 06/03/23-22:02:02.623395 |
SID: | 2839471 |
Source Port: | 59960 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.216.71.23256444802839471 06/03/23-22:01:56.502283 |
SID: | 2839471 |
Source Port: | 56444 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.179.164.6053200802839471 06/03/23-22:01:50.692865 |
SID: | 2839471 |
Source Port: | 53200 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.217.55.13057242802839471 06/03/23-22:01:56.540207 |
SID: | 2839471 |
Source Port: | 57242 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.247.217.21350514802839471 06/03/23-22:02:00.111743 |
SID: | 2839471 |
Source Port: | 50514 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.86.127.10233504802839471 06/03/23-22:02:29.735799 |
SID: | 2839471 |
Source Port: | 33504 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.103.118.15637196802839471 06/03/23-22:02:47.392436 |
SID: | 2839471 |
Source Port: | 37196 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.247.225.9248176802839471 06/03/23-22:03:48.522465 |
SID: | 2839471 |
Source Port: | 48176 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.85.41.21548314802839471 06/03/23-22:02:42.131909 |
SID: | 2839471 |
Source Port: | 48314 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.233.129.2142094802839471 06/03/23-22:02:36.864688 |
SID: | 2839471 |
Source Port: | 42094 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.224.139.21846688802839471 06/03/23-22:02:12.750825 |
SID: | 2839471 |
Source Port: | 46688 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.173.40.17660126802839471 06/03/23-22:02:31.999630 |
SID: | 2839471 |
Source Port: | 60126 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.216.195.10039082802839471 06/03/23-22:03:58.163374 |
SID: | 2839471 |
Source Port: | 39082 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.221.13550168802839471 06/03/23-22:03:27.667553 |
SID: | 2839471 |
Source Port: | 50168 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.99.130.18137956802839471 06/03/23-22:02:18.723982 |
SID: | 2839471 |
Source Port: | 37956 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.168.222.5836694802839471 06/03/23-22:03:00.446064 |
SID: | 2839471 |
Source Port: | 36694 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.91.49.18041786802839471 06/03/23-22:03:13.117356 |
SID: | 2839471 |
Source Port: | 41786 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.216.184.2956116802839471 06/03/23-22:03:29.817744 |
SID: | 2839471 |
Source Port: | 56116 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23157.119.20.4760306372152835222 06/03/23-22:02:18.056456 |
SID: | 2835222 |
Source Port: | 60306 |
Destination Port: | 37215 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.2395.86.108.14760652802839471 06/03/23-22:03:08.593779 |
SID: | 2839471 |
Source Port: | 60652 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.101.202.3034978802839471 06/03/23-22:03:58.143402 |
SID: | 2839471 |
Source Port: | 34978 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.42.208.6239660802839471 06/03/23-22:03:58.206666 |
SID: | 2839471 |
Source Port: | 39660 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.116.43.10234766802839471 06/03/23-22:02:16.991934 |
SID: | 2839471 |
Source Port: | 34766 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.130.121.5558414802839471 06/03/23-22:03:00.726698 |
SID: | 2839471 |
Source Port: | 58414 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.150.167.21259036802839471 06/03/23-22:01:31.366289 |
SID: | 2839471 |
Source Port: | 59036 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.137.248.3237122802839471 06/03/23-22:02:58.262665 |
SID: | 2839471 |
Source Port: | 37122 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.78.112.19355672802839471 06/03/23-22:03:16.558935 |
SID: | 2839471 |
Source Port: | 55672 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.78.169.2836030802839471 06/03/23-22:01:46.933227 |
SID: | 2839471 |
Source Port: | 36030 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.130.204.10133364802839471 06/03/23-22:02:55.988462 |
SID: | 2839471 |
Source Port: | 33364 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.213.86.15756724802839471 06/03/23-22:03:31.232487 |
SID: | 2839471 |
Source Port: | 56724 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.101.145.13547046802839471 06/03/23-22:03:58.159498 |
SID: | 2839471 |
Source Port: | 47046 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.201.11735970802839471 06/03/23-22:02:32.037362 |
SID: | 2839471 |
Source Port: | 35970 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.60.19855128802839471 06/03/23-22:03:58.154166 |
SID: | 2839471 |
Source Port: | 55128 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.97.114.13948562802839471 06/03/23-22:03:21.597632 |
SID: | 2839471 |
Source Port: | 48562 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.226.3935052802839471 06/03/23-22:02:08.257585 |
SID: | 2839471 |
Source Port: | 35052 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.190.193.15436424802839471 06/03/23-22:03:00.478087 |
SID: | 2839471 |
Source Port: | 36424 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.99.206.24747698802839471 06/03/23-22:02:02.340770 |
SID: | 2839471 |
Source Port: | 47698 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.99.193.5038608802839471 06/03/23-22:04:00.348136 |
SID: | 2839471 |
Source Port: | 38608 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.140.155.14341176802839471 06/03/23-22:03:55.854794 |
SID: | 2839471 |
Source Port: | 41176 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.81.82.16356966802839471 06/03/23-22:04:01.652667 |
SID: | 2839471 |
Source Port: | 56966 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.198.69.4543304802839471 06/03/23-22:02:15.372581 |
SID: | 2839471 |
Source Port: | 43304 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.182.236.10452348802839471 06/03/23-22:02:53.183132 |
SID: | 2839471 |
Source Port: | 52348 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.183.11.16048806802839471 06/03/23-22:04:08.829784 |
SID: | 2839471 |
Source Port: | 48806 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.99.21.13834774802839471 06/03/23-22:03:00.717644 |
SID: | 2839471 |
Source Port: | 34774 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.6.98.16156564802839471 06/03/23-22:01:56.592895 |
SID: | 2839471 |
Source Port: | 56564 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.165.156.19744226802839471 06/03/23-22:02:24.114363 |
SID: | 2839471 |
Source Port: | 44226 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.55.133.14435480802839471 06/03/23-22:03:00.483830 |
SID: | 2839471 |
Source Port: | 35480 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.184.73.20736736802839471 06/03/23-22:03:19.258974 |
SID: | 2839471 |
Source Port: | 36736 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.184.59.10455782802839471 06/03/23-22:02:51.387957 |
SID: | 2839471 |
Source Port: | 55782 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.86.111.3850562802839471 06/03/23-22:01:58.160390 |
SID: | 2839471 |
Source Port: | 50562 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.250.4247278802839471 06/03/23-22:03:48.649676 |
SID: | 2839471 |
Source Port: | 47278 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.101.193.4747940802839471 06/03/23-22:03:39.886686 |
SID: | 2839471 |
Source Port: | 47940 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.107.132.11660234802839471 06/03/23-22:01:50.730785 |
SID: | 2839471 |
Source Port: | 60234 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.87.80.14340724802839471 06/03/23-22:03:40.056538 |
SID: | 2839471 |
Source Port: | 40724 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.123.11333376802839471 06/03/23-22:02:04.827221 |
SID: | 2839471 |
Source Port: | 33376 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.216.246.15952134802839471 06/03/23-22:02:24.096355 |
SID: | 2839471 |
Source Port: | 52134 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.216.172.4635322802839471 06/03/23-22:02:58.131787 |
SID: | 2839471 |
Source Port: | 35322 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.213.224.1347294802839471 06/03/23-22:02:58.188842 |
SID: | 2839471 |
Source Port: | 47294 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.202.218.21143278802839471 06/03/23-22:04:15.860502 |
SID: | 2839471 |
Source Port: | 43278 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.216.223.14153522802839471 06/03/23-22:03:00.722386 |
SID: | 2839471 |
Source Port: | 53522 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.81.106.21755526802839471 06/03/23-22:02:29.833466 |
SID: | 2839471 |
Source Port: | 55526 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.46.116.25254782802839471 06/03/23-22:02:36.310760 |
SID: | 2839471 |
Source Port: | 54782 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.97.49.8433058802839471 06/03/23-22:02:02.407402 |
SID: | 2839471 |
Source Port: | 33058 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.68.27.18048500802839471 06/03/23-22:04:01.657453 |
SID: | 2839471 |
Source Port: | 48500 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.197.122.20454350802839471 06/03/23-22:04:08.811216 |
SID: | 2839471 |
Source Port: | 54350 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.208.227.5854570802839471 06/03/23-22:02:18.734837 |
SID: | 2839471 |
Source Port: | 54570 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.221.100.4534974802839471 06/03/23-22:02:52.921705 |
SID: | 2839471 |
Source Port: | 34974 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.197.130.13354336802839471 06/03/23-22:02:29.662562 |
SID: | 2839471 |
Source Port: | 54336 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.83.201.15945632802839471 06/03/23-22:02:48.849926 |
SID: | 2839471 |
Source Port: | 45632 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.79.73.22259316802839471 06/03/23-22:02:09.826988 |
SID: | 2839471 |
Source Port: | 59316 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.216.94.19446932802839471 06/03/23-22:02:55.718258 |
SID: | 2839471 |
Source Port: | 46932 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.128.42.7950402802839471 06/03/23-22:03:48.511457 |
SID: | 2839471 |
Source Port: | 50402 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.67.14.12246026802839471 06/03/23-22:04:01.695673 |
SID: | 2839471 |
Source Port: | 46026 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.215.88.6145288802839471 06/03/23-22:04:09.218775 |
SID: | 2839471 |
Source Port: | 45288 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.198.80.7752958802839471 06/03/23-22:02:28.296909 |
SID: | 2839471 |
Source Port: | 52958 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.242.11860038802839471 06/03/23-22:03:10.860643 |
SID: | 2839471 |
Source Port: | 60038 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.186.226.20248716802839471 06/03/23-22:03:51.113566 |
SID: | 2839471 |
Source Port: | 48716 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2341.239.112.14151422372152835222 06/03/23-22:03:51.669628 |
SID: | 2835222 |
Source Port: | 51422 |
Destination Port: | 37215 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.23112.167.246.22550614802839471 06/03/23-22:01:58.086797 |
SID: | 2839471 |
Source Port: | 50614 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.215.185.15746520802839471 06/03/23-22:03:55.814124 |
SID: | 2839471 |
Source Port: | 46520 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.216.169.21533566802839471 06/03/23-22:02:36.272250 |
SID: | 2839471 |
Source Port: | 33566 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.250.245.23339068802839471 06/03/23-22:03:16.912631 |
SID: | 2839471 |
Source Port: | 39068 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.198.144.18737308802839471 06/03/23-22:01:44.659482 |
SID: | 2839471 |
Source Port: | 37308 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.198.193.14737004802839471 06/03/23-22:02:16.976481 |
SID: | 2839471 |
Source Port: | 37004 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.172.8.4238410802839471 06/03/23-22:02:29.690391 |
SID: | 2839471 |
Source Port: | 38410 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.10.22542526802839471 06/03/23-22:03:08.692305 |
SID: | 2839471 |
Source Port: | 42526 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.205.74.9260182802839471 06/03/23-22:03:02.857544 |
SID: | 2839471 |
Source Port: | 60182 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2341.35.80.12345768372152835222 06/03/23-22:02:39.404656 |
SID: | 2835222 |
Source Port: | 45768 |
Destination Port: | 37215 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.2395.128.46.21159674802839471 06/03/23-22:03:02.812719 |
SID: | 2839471 |
Source Port: | 59674 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.55.208.22359180802839471 06/03/23-22:04:15.744024 |
SID: | 2839471 |
Source Port: | 59180 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.169.27.2941254802839471 06/03/23-22:01:58.249847 |
SID: | 2839471 |
Source Port: | 41254 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.86.104.6448920802839471 06/03/23-22:03:19.285526 |
SID: | 2839471 |
Source Port: | 48920 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.86.214.4634214802839471 06/03/23-22:01:31.418396 |
SID: | 2839471 |
Source Port: | 34214 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.87.115.5945166802839471 06/03/23-22:03:06.482830 |
SID: | 2839471 |
Source Port: | 45166 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.101.58.7739964802839471 06/03/23-22:02:51.402413 |
SID: | 2839471 |
Source Port: | 39964 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.154.247.19736370802839471 06/03/23-22:02:29.690932 |
SID: | 2839471 |
Source Port: | 36370 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.56.20.21459146802839471 06/03/23-22:03:39.972311 |
SID: | 2839471 |
Source Port: | 59146 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.11.163.4346556802839471 06/03/23-22:04:01.686930 |
SID: | 2839471 |
Source Port: | 46556 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.198.652670802839471 06/03/23-22:01:44.666981 |
SID: | 2839471 |
Source Port: | 52670 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.218.158.12541680802839471 06/03/23-22:03:48.553800 |
SID: | 2839471 |
Source Port: | 41680 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.211.247.13243432802839471 06/03/23-22:04:01.662037 |
SID: | 2839471 |
Source Port: | 43432 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.4.13235166802839471 06/03/23-22:01:32.796745 |
SID: | 2839471 |
Source Port: | 35166 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.197.204.19357220802839471 06/03/23-22:03:42.999658 |
SID: | 2839471 |
Source Port: | 57220 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.126.74.7059794802839471 06/03/23-22:03:40.307898 |
SID: | 2839471 |
Source Port: | 59794 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.178.216.22739644802839471 06/03/23-22:03:09.059577 |
SID: | 2839471 |
Source Port: | 39644 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.84.7.21154092802839471 06/03/23-22:03:21.615169 |
SID: | 2839471 |
Source Port: | 54092 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.223.161.8542082802839471 06/03/23-22:03:31.427295 |
SID: | 2839471 |
Source Port: | 42082 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.88.173.7045102802839471 06/03/23-22:01:56.533307 |
SID: | 2839471 |
Source Port: | 45102 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.185.54.12654190802839471 06/03/23-22:03:25.294360 |
SID: | 2839471 |
Source Port: | 54190 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.250.15836568802839471 06/03/23-22:01:51.327139 |
SID: | 2839471 |
Source Port: | 36568 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.170.92.18537970802839471 06/03/23-22:02:16.998068 |
SID: | 2839471 |
Source Port: | 37970 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.181.195.17236364802839471 06/03/23-22:03:08.569090 |
SID: | 2839471 |
Source Port: | 36364 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.255.79.20054490802839471 06/03/23-22:02:00.110629 |
SID: | 2839471 |
Source Port: | 54490 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.212.241.6149798802839471 06/03/23-22:03:13.180024 |
SID: | 2839471 |
Source Port: | 49798 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.56.150.19541492802839471 06/03/23-22:01:56.692341 |
SID: | 2839471 |
Source Port: | 41492 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.119.137.19753046802839471 06/03/23-22:02:58.093293 |
SID: | 2839471 |
Source Port: | 53046 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2341.45.31.16344438372152835222 06/03/23-22:03:17.114362 |
SID: | 2835222 |
Source Port: | 44438 |
Destination Port: | 37215 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.2395.126.86.960996802839471 06/03/23-22:03:43.729641 |
SID: | 2839471 |
Source Port: | 60996 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.217.189.25446210802839471 06/03/23-22:02:36.272139 |
SID: | 2839471 |
Source Port: | 46210 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.183.53.9456574802839471 06/03/23-22:03:29.798141 |
SID: | 2839471 |
Source Port: | 56574 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.198.102.5044026802839471 06/03/23-22:04:00.325690 |
SID: | 2839471 |
Source Port: | 44026 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.217.11856322802839471 06/03/23-22:02:29.844875 |
SID: | 2839471 |
Source Port: | 56322 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.154.197.14037292802839471 06/03/23-22:02:42.099351 |
SID: | 2839471 |
Source Port: | 37292 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.208.28.560026802839471 06/03/23-22:03:48.484412 |
SID: | 2839471 |
Source Port: | 60026 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.154.249.12552690802839471 06/03/23-22:03:13.109400 |
SID: | 2839471 |
Source Port: | 52690 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.131.25.10240486802839471 06/03/23-22:02:51.442129 |
SID: | 2839471 |
Source Port: | 40486 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.245.14760928802839471 06/03/23-22:02:36.629755 |
SID: | 2839471 |
Source Port: | 60928 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.99.97.19739658802839471 06/03/23-22:03:37.294774 |
SID: | 2839471 |
Source Port: | 39658 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.191.4740878802839471 06/03/23-22:03:55.855068 |
SID: | 2839471 |
Source Port: | 40878 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.101.169.16554384802839471 06/03/23-22:02:30.697931 |
SID: | 2839471 |
Source Port: | 54384 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.173.147.7035014802839471 06/03/23-22:01:32.781366 |
SID: | 2839471 |
Source Port: | 35014 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.182.114.20736166802839471 06/03/23-22:01:44.610951 |
SID: | 2839471 |
Source Port: | 36166 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.26.238.4458572802839471 06/03/23-22:03:37.310083 |
SID: | 2839471 |
Source Port: | 58572 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.136.13546796802839471 06/03/23-22:01:58.458562 |
SID: | 2839471 |
Source Port: | 46796 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.216.223.1141980802839471 06/03/23-22:03:08.694674 |
SID: | 2839471 |
Source Port: | 41980 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.160.34.2643754802839471 06/03/23-22:04:08.764959 |
SID: | 2839471 |
Source Port: | 43754 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.205.27.3854082802839471 06/03/23-22:03:32.979001 |
SID: | 2839471 |
Source Port: | 54082 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.111.237.18738058802839471 06/03/23-22:03:08.533980 |
SID: | 2839471 |
Source Port: | 38058 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.214.249.5044412802839471 06/03/23-22:04:04.164943 |
SID: | 2839471 |
Source Port: | 44412 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.253.194.14554670802839471 06/03/23-22:01:32.845648 |
SID: | 2839471 |
Source Port: | 54670 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.99.154.12446408802839471 06/03/23-22:02:12.457064 |
SID: | 2839471 |
Source Port: | 46408 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.165.140.14740100802839471 06/03/23-22:01:56.588277 |
SID: | 2839471 |
Source Port: | 40100 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.130.126.943802802839471 06/03/23-22:01:38.124284 |
SID: | 2839471 |
Source Port: | 43802 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.157.143.11052834802839471 06/03/23-22:03:08.731267 |
SID: | 2839471 |
Source Port: | 52834 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.255.50.1042252802839471 06/03/23-22:04:01.663893 |
SID: | 2839471 |
Source Port: | 42252 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.176.446176802839471 06/03/23-22:03:13.113760 |
SID: | 2839471 |
Source Port: | 46176 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.65.58.2335076802839471 06/03/23-22:03:48.549178 |
SID: | 2839471 |
Source Port: | 35076 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.174.19.14138864802839471 06/03/23-22:01:56.485538 |
SID: | 2839471 |
Source Port: | 38864 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.28.213.16041900802839471 06/03/23-22:03:40.191860 |
SID: | 2839471 |
Source Port: | 41900 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.213.226.24536190802839471 06/03/23-22:02:44.247808 |
SID: | 2839471 |
Source Port: | 36190 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.144.6440926802839471 06/03/23-22:03:16.864923 |
SID: | 2839471 |
Source Port: | 40926 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.204.166.11437670802839471 06/03/23-22:01:44.983916 |
SID: | 2839471 |
Source Port: | 37670 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.99.197.19754660802839471 06/03/23-22:03:48.672363 |
SID: | 2839471 |
Source Port: | 54660 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.88.122.1732856802839471 06/03/23-22:03:10.809380 |
SID: | 2839471 |
Source Port: | 32856 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.213.157.14958992802839471 06/03/23-22:04:07.425332 |
SID: | 2839471 |
Source Port: | 58992 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.111.250.14244224802839471 06/03/23-22:03:46.400258 |
SID: | 2839471 |
Source Port: | 44224 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.125.218.20960866802839471 06/03/23-22:04:11.521075 |
SID: | 2839471 |
Source Port: | 60866 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.58.55.10447296802839471 06/03/23-22:01:50.884156 |
SID: | 2839471 |
Source Port: | 47296 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.133.132.22548216802839471 06/03/23-22:02:21.663761 |
SID: | 2839471 |
Source Port: | 48216 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.208.248.14445706802839471 06/03/23-22:03:05.014352 |
SID: | 2839471 |
Source Port: | 45706 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.214.105.14957684802839471 06/03/23-22:02:42.128225 |
SID: | 2839471 |
Source Port: | 57684 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.201.20046866802839471 06/03/23-22:02:55.988654 |
SID: | 2839471 |
Source Port: | 46866 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.168.211.22257896802839471 06/03/23-22:01:44.638664 |
SID: | 2839471 |
Source Port: | 57896 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.12.36.16336728802839471 06/03/23-22:03:10.827349 |
SID: | 2839471 |
Source Port: | 36728 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.217.28.950006802839471 06/03/23-22:01:56.540976 |
SID: | 2839471 |
Source Port: | 50006 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.60.24260834802839471 06/03/23-22:03:13.126227 |
SID: | 2839471 |
Source Port: | 60834 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.128.3355956802839471 06/03/23-22:03:27.628914 |
SID: | 2839471 |
Source Port: | 55956 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.143.178.8351224802839471 06/03/23-22:04:07.428493 |
SID: | 2839471 |
Source Port: | 51224 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.184.138.15933820802839471 06/03/23-22:01:32.782640 |
SID: | 2839471 |
Source Port: | 33820 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.9.134.19342872802839471 06/03/23-22:01:56.604240 |
SID: | 2839471 |
Source Port: | 42872 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.87.11.19836612802839471 06/03/23-22:01:50.652965 |
SID: | 2839471 |
Source Port: | 36612 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.216.1.3536664802839471 06/03/23-22:04:04.032872 |
SID: | 2839471 |
Source Port: | 36664 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.177.215.20056360802839471 06/03/23-22:02:36.334562 |
SID: | 2839471 |
Source Port: | 56360 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.99.242.24556110802839471 06/03/23-22:02:36.843005 |
SID: | 2839471 |
Source Port: | 56110 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.180.254.13551750802839471 06/03/23-22:01:43.280695 |
SID: | 2839471 |
Source Port: | 51750 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.164.173.4052366802839471 06/03/23-22:02:51.377525 |
SID: | 2839471 |
Source Port: | 52366 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.253.217.16040832802839471 06/03/23-22:03:05.082773 |
SID: | 2839471 |
Source Port: | 40832 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.125.360868802839471 06/03/23-22:01:50.690596 |
SID: | 2839471 |
Source Port: | 60868 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.209.219.13137436802839471 06/03/23-22:04:01.609671 |
SID: | 2839471 |
Source Port: | 37436 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.79.73.22259376802839471 06/03/23-22:02:12.434858 |
SID: | 2839471 |
Source Port: | 59376 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.79.24952512802839471 06/03/23-22:03:02.827476 |
SID: | 2839471 |
Source Port: | 52512 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.61.20448326802839471 06/03/23-22:01:31.354480 |
SID: | 2839471 |
Source Port: | 48326 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.111.198.3533598802839471 06/03/23-22:03:08.675656 |
SID: | 2839471 |
Source Port: | 33598 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.165.1737424802839471 06/03/23-22:03:53.429203 |
SID: | 2839471 |
Source Port: | 37424 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.183.130.12146382802839471 06/03/23-22:03:58.202461 |
SID: | 2839471 |
Source Port: | 46382 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.206.226.6636272802839471 06/03/23-22:03:31.076124 |
SID: | 2839471 |
Source Port: | 36272 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.57.72.17556702802839471 06/03/23-22:02:08.066011 |
SID: | 2839471 |
Source Port: | 56702 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.107.251.2837514802839471 06/03/23-22:03:48.543776 |
SID: | 2839471 |
Source Port: | 37514 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.179.13.6545730802839471 06/03/23-22:03:27.678466 |
SID: | 2839471 |
Source Port: | 45730 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2341.232.171.8139988372152835222 06/03/23-22:03:54.802409 |
SID: | 2835222 |
Source Port: | 39988 |
Destination Port: | 37215 |
Protocol: | TCP |
Classtype: | A Network Trojan was detected |
Timestamp: | 192.168.2.2395.35.31.10443542802839471 06/03/23-22:02:16.953758 |
SID: | 2839471 |
Source Port: | 43542 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.149.116.12157602802839471 06/03/23-22:02:25.672301 |
SID: | 2839471 |
Source Port: | 57602 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.179.52.13041434802839471 06/03/23-22:03:05.015442 |
SID: | 2839471 |
Source Port: | 41434 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.217.48.5352604802839471 06/03/23-22:03:48.522231 |
SID: | 2839471 |
Source Port: | 52604 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.182.131.14734330802839471 06/03/23-22:01:32.781430 |
SID: | 2839471 |
Source Port: | 34330 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.198.200.6432826802839471 06/03/23-22:02:18.724163 |
SID: | 2839471 |
Source Port: | 32826 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.76.89.19433640802839471 06/03/23-22:02:29.721906 |
SID: | 2839471 |
Source Port: | 33640 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.217.191.17345342802839471 06/03/23-22:03:55.798938 |
SID: | 2839471 |
Source Port: | 45342 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.83.103.7345626802839471 06/03/23-22:03:10.715849 |
SID: | 2839471 |
Source Port: | 45626 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.124.15560664802839471 06/03/23-22:04:11.459229 |
SID: | 2839471 |
Source Port: | 60664 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.56.207.25434840802839471 06/03/23-22:02:29.784991 |
SID: | 2839471 |
Source Port: | 34840 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.99.38.6446878802839471 06/03/23-22:04:13.608904 |
SID: | 2839471 |
Source Port: | 46878 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.184.13651330802839471 06/03/23-22:02:42.072122 |
SID: | 2839471 |
Source Port: | 51330 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.155.13641436802839471 06/03/23-22:03:46.374540 |
SID: | 2839471 |
Source Port: | 41436 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.101.99.10733332802839471 06/03/23-22:01:56.536773 |
SID: | 2839471 |
Source Port: | 33332 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.216.79.4940538802839471 06/03/23-22:04:07.412141 |
SID: | 2839471 |
Source Port: | 40538 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.186.756700802839471 06/03/23-22:04:01.637058 |
SID: | 2839471 |
Source Port: | 56700 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.208.46.2750262802839471 06/03/23-22:03:21.665316 |
SID: | 2839471 |
Source Port: | 50262 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.85.6.17547458802839471 06/03/23-22:01:44.640548 |
SID: | 2839471 |
Source Port: | 47458 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.237.16851020802839471 06/03/23-22:02:55.510539 |
SID: | 2839471 |
Source Port: | 51020 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.216.43.6747318802839471 06/03/23-22:03:13.117166 |
SID: | 2839471 |
Source Port: | 47318 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.208.242.20456448802839471 06/03/23-22:04:00.357838 |
SID: | 2839471 |
Source Port: | 56448 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.142.100.18735330802839471 06/03/23-22:03:55.813810 |
SID: | 2839471 |
Source Port: | 35330 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.19.187.21434634802839471 06/03/23-22:02:24.057966 |
SID: | 2839471 |
Source Port: | 34634 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.255.226.17940608802839471 06/03/23-22:03:10.814174 |
SID: | 2839471 |
Source Port: | 40608 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.195.209.2947004802839471 06/03/23-22:04:13.630937 |
SID: | 2839471 |
Source Port: | 47004 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.111.248.2837910802839471 06/03/23-22:02:04.858055 |
SID: | 2839471 |
Source Port: | 37910 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.99.14.3347050802839471 06/03/23-22:02:55.495390 |
SID: | 2839471 |
Source Port: | 47050 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.31.85.152966802839471 06/03/23-22:01:46.747332 |
SID: | 2839471 |
Source Port: | 52966 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.167.226.7858356802839471 06/03/23-22:03:58.198533 |
SID: | 2839471 |
Source Port: | 58356 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.196.90.13740810802839471 06/03/23-22:03:51.044597 |
SID: | 2839471 |
Source Port: | 40810 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.227.17256530802839471 06/03/23-22:02:25.592170 |
SID: | 2839471 |
Source Port: | 56530 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.49.98.7232982802839471 06/03/23-22:02:12.453043 |
SID: | 2839471 |
Source Port: | 32982 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.119.161.7344784802839471 06/03/23-22:02:12.512293 |
SID: | 2839471 |
Source Port: | 44784 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.168.147.9245526802839471 06/03/23-22:03:25.042472 |
SID: | 2839471 |
Source Port: | 45526 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.84.192.16049634802839471 06/03/23-22:04:01.713430 |
SID: | 2839471 |
Source Port: | 49634 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.73.10849236802839471 06/03/23-22:03:58.143597 |
SID: | 2839471 |
Source Port: | 49236 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.18.8755450802839471 06/03/23-22:03:04.982003 |
SID: | 2839471 |
Source Port: | 55450 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.210.34.10242226802839471 06/03/23-22:03:48.533242 |
SID: | 2839471 |
Source Port: | 42226 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.101.47.14857470802839471 06/03/23-22:02:36.250853 |
SID: | 2839471 |
Source Port: | 57470 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.99.10959102802839471 06/03/23-22:03:27.628857 |
SID: | 2839471 |
Source Port: | 59102 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.128.100.19840116802839471 06/03/23-22:03:55.789362 |
SID: | 2839471 |
Source Port: | 40116 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.228.254.17248128802839471 06/03/23-22:02:47.408551 |
SID: | 2839471 |
Source Port: | 48128 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.121.170.17439438802839471 06/03/23-22:03:42.963544 |
SID: | 2839471 |
Source Port: | 39438 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.161.135.13540652802839471 06/03/23-22:02:08.516569 |
SID: | 2839471 |
Source Port: | 40652 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.202.112.1352626802839471 06/03/23-22:03:27.714516 |
SID: | 2839471 |
Source Port: | 52626 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.166.80.7442426802839471 06/03/23-22:03:32.946964 |
SID: | 2839471 |
Source Port: | 42426 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.217.6.13854368802839471 06/03/23-22:01:44.648437 |
SID: | 2839471 |
Source Port: | 54368 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.48.22360614802839471 06/03/23-22:02:25.632018 |
SID: | 2839471 |
Source Port: | 60614 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.242.222.20754682802839471 06/03/23-22:02:12.750907 |
SID: | 2839471 |
Source Port: | 54682 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.154.113.2942760802839471 06/03/23-22:03:00.540748 |
SID: | 2839471 |
Source Port: | 42760 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.248.115.1948794802839471 06/03/23-22:03:37.301163 |
SID: | 2839471 |
Source Port: | 48794 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.85.78.4042264802839471 06/03/23-22:02:26.069833 |
SID: | 2839471 |
Source Port: | 42264 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.198.45.23757758802839471 06/03/23-22:04:01.631560 |
SID: | 2839471 |
Source Port: | 57758 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.172.240.4250272802839471 06/03/23-22:03:55.788415 |
SID: | 2839471 |
Source Port: | 50272 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.183.73.3354418802839471 06/03/23-22:02:04.852808 |
SID: | 2839471 |
Source Port: | 54418 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.19.24143172802839471 06/03/23-22:02:55.507610 |
SID: | 2839471 |
Source Port: | 43172 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.99.167.1358108802839471 06/03/23-22:03:48.478086 |
SID: | 2839471 |
Source Port: | 58108 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.237.5056702802839471 06/03/23-22:02:25.592256 |
SID: | 2839471 |
Source Port: | 56702 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.65.62.8452474802839471 06/03/23-22:03:55.808617 |
SID: | 2839471 |
Source Port: | 52474 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.163.191.8044276802839471 06/03/23-22:04:08.764845 |
SID: | 2839471 |
Source Port: | 44276 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.169.212.24655092802839471 06/03/23-22:03:55.818626 |
SID: | 2839471 |
Source Port: | 55092 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.58.115.12859914802839471 06/03/23-22:02:36.361503 |
SID: | 2839471 |
Source Port: | 59914 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.198.19.19959722802839471 06/03/23-22:03:16.860296 |
SID: | 2839471 |
Source Port: | 59722 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.77.23.10854532802839471 06/03/23-22:04:15.760017 |
SID: | 2839471 |
Source Port: | 54532 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.101.142.25340064802839471 06/03/23-22:01:50.695887 |
SID: | 2839471 |
Source Port: | 40064 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.152.144.13634480802839471 06/03/23-22:03:05.024656 |
SID: | 2839471 |
Source Port: | 34480 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.157.234.17934556802839471 06/03/23-22:03:48.734810 |
SID: | 2839471 |
Source Port: | 34556 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.218.131.6633094802839471 06/03/23-22:02:21.063933 |
SID: | 2839471 |
Source Port: | 33094 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.217.19.17048882802839471 06/03/23-22:03:00.419680 |
SID: | 2839471 |
Source Port: | 48882 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.221.177.24142274802839471 06/03/23-22:02:34.066960 |
SID: | 2839471 |
Source Port: | 42274 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.216.217.9949420802839471 06/03/23-22:02:51.415945 |
SID: | 2839471 |
Source Port: | 49420 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.209.202.4853620802839471 06/03/23-22:03:37.535794 |
SID: | 2839471 |
Source Port: | 53620 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.111.248.10158090802839471 06/03/23-22:02:25.618140 |
SID: | 2839471 |
Source Port: | 58090 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.162.13.20346040802839471 06/03/23-22:03:16.531487 |
SID: | 2839471 |
Source Port: | 46040 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.157.90.19642966802839471 06/03/23-22:02:00.054459 |
SID: | 2839471 |
Source Port: | 42966 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.100.230.24941404802839471 06/03/23-22:02:48.781482 |
SID: | 2839471 |
Source Port: | 41404 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.142.39.24747294802839471 06/03/23-22:02:04.852363 |
SID: | 2839471 |
Source Port: | 47294 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.164.15.751426802839471 06/03/23-22:03:51.110257 |
SID: | 2839471 |
Source Port: | 51426 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.216.229.2549830802839471 06/03/23-22:02:04.868984 |
SID: | 2839471 |
Source Port: | 49830 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.116.107.25050544802839471 06/03/23-22:02:39.982953 |
SID: | 2839471 |
Source Port: | 50544 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.129.96.23235014802839471 06/03/23-22:04:07.402099 |
SID: | 2839471 |
Source Port: | 35014 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.149.203.25438050802839471 06/03/23-22:03:37.286892 |
SID: | 2839471 |
Source Port: | 38050 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.101.150.233318802839471 06/03/23-22:02:42.089044 |
SID: | 2839471 |
Source Port: | 33318 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.86.200.3342376802839471 06/03/23-22:02:34.120888 |
SID: | 2839471 |
Source Port: | 42376 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.236.22.13733260802839471 06/03/23-22:01:51.350456 |
SID: | 2839471 |
Source Port: | 33260 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.42.212.859148802839471 06/03/23-22:03:08.551202 |
SID: | 2839471 |
Source Port: | 59148 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.197.203.1338966802839471 06/03/23-22:01:53.148274 |
SID: | 2839471 |
Source Port: | 38966 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.169.45.22339008802839471 06/03/23-22:01:53.167452 |
SID: | 2839471 |
Source Port: | 39008 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.179.162.8251808802839471 06/03/23-22:03:53.447992 |
SID: | 2839471 |
Source Port: | 51808 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.197.117.1748362802839471 06/03/23-22:03:31.176374 |
SID: | 2839471 |
Source Port: | 48362 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.183.13.19847414802839471 06/03/23-22:04:04.051657 |
SID: | 2839471 |
Source Port: | 47414 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.54.48.3645052802839471 06/03/23-22:02:36.299543 |
SID: | 2839471 |
Source Port: | 45052 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.23112.168.31.12446502802839471 06/03/23-22:03:55.760361 |
SID: | 2839471 |
Source Port: | 46502 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.19.149.12538586802839471 06/03/23-22:03:48.752174 |
SID: | 2839471 |
Source Port: | 38586 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.80.188.19136608802839471 06/03/23-22:03:37.272656 |
SID: | 2839471 |
Source Port: | 36608 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.208.121.8047398802839471 06/03/23-22:03:02.837733 |
SID: | 2839471 |
Source Port: | 47398 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.57.136.8234914802839471 06/03/23-22:04:01.847693 |
SID: | 2839471 |
Source Port: | 34914 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.141.35.857374802839471 06/03/23-22:01:50.674313 |
SID: | 2839471 |
Source Port: | 57374 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.58.113.9934854802839471 06/03/23-22:04:15.824350 |
SID: | 2839471 |
Source Port: | 34854 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.217.229.14344046802839471 06/03/23-22:02:07.980645 |
SID: | 2839471 |
Source Port: | 44046 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2395.216.174.25441438802839471 06/03/23-22:03:29.817461 |
SID: | 2839471 |
Source Port: | 41438 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
Timestamp: | 192.168.2.2388.208.218.19755620802839471 06/03/23-22:03:51.076715 |
SID: | 2839471 |
Source Port: | 55620 |
Destination Port: | 80 |
Protocol: | TCP |
Classtype: | Web Application Attack |
- • AV Detection
- • Networking
- • System Summary
- • Persistence and Installation Behavior
- • Hooking and other Techniques for Hiding and Protection
- • Malware Analysis System Evasion
- • Stealing of Sensitive Information
- • Remote Access Functionality
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Avira: |
Source: | ReversingLabs: | |||
Source: | Virustotal: | Perma Link |
Networking |
---|
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: |