Windows
Analysis Report
1727269807db8b68b2c9b1c9bdd42030655a5e439e971ba77503b2390bf7da0c0928072d74511.dat-decoded.exe
Overview
General Information
Sample name: | 1727269807db8b68b2c9b1c9bdd42030655a5e439e971ba77503b2390bf7da0c0928072d74511.dat-decoded.exe |
Analysis ID: | 1518290 |
MD5: | 5e460456a6586d424dde3b82365f6113 |
SHA1: | a7930e9c81dc7afdb0fb597f6be3d5e7a8275538 |
SHA256: | f19f39a1030833ec381965932d4e3a827264130e622dd4da2bdad7d98f36764a |
Tags: | base64-decodedexeuser-abuse_ch |
Infos: | |
Detection
Score: | 100 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Classification
- System is w10x64
- 1727269807db8b68b2c9b1c9bdd42030655a5e439e971ba77503b2390bf7da0c0928072d74511.dat-decoded.exe (PID: 5064 cmdline:
"C:\Users\ user\Deskt op\1727269 807db8b68b 2c9b1c9bdd 42030655a5 e439e971ba 77503b2390 bf7da0c092 8072d74511 .dat-decod ed.exe" MD5: 5E460456A6586D424DDE3B82365F6113)
- cleanup
Name | Description | Attribution | Blogpost URLs | Link |
---|---|---|---|---|
XWorm | Malware with wide range of capabilities ranging from RAT to ransomware. | No Attribution |
{"C2 url": ["135.224.23.113"], "Port": "5555", "Aes key": "<Xwormmm>", "SPL": "<Xwormmm>", "Install file": "USB.exe", "Version": "XWorm V5.6"}
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_XWorm | Yara detected XWorm | Joe Security | ||
MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen |
|
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_XWorm | Yara detected XWorm | Joe Security | ||
MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen |
| |
JoeSecurity_XWorm | Yara detected XWorm | Joe Security | ||
JoeSecurity_XWorm | Yara detected XWorm | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_XWorm | Yara detected XWorm | Joe Security | ||
MALWARE_Win_AsyncRAT | Detects AsyncRAT | ditekSHen |
|
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-09-25T15:12:18.929351+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:12:26.161967+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:12:40.165270+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:12:48.879945+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:12:54.150157+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:08.145362+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:11.801620+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:13.488608+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:16.006488+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:18.947050+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:19.076284+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:19.174653+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:21.087447+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:26.221600+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:29.381776+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:34.593001+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:42.954676+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:44.739428+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:44.804729+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:44.840361+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:44.888175+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:45.210348+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:45.210437+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:48.884872+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:51.676845+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:55.304096+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:55.401568+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:58.676296+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:12.677135+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:12.784133+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:18.887036+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:21.714146+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:23.941445+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:24.720520+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:28.680542+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:31.531608+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:31.568887+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:32.092324+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:32.561384+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:34.729533+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:34.777053+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:34.779673+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:34.785277+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:36.607168+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:37.801099+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:37.811252+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:39.454187+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:47.503316+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:47.753250+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:47.788878+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:47.820452+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:48.104097+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:48.203602+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:48.313340+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:48.877705+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:54.423306+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:56.880320+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:04.082001+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:04.132928+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:04.148474+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:04.180995+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:14.364312+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:18.887923+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:19.110412+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:19.254134+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:19.378474+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:29.914605+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:30.590346+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:30.707996+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:30.838594+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:36.025500+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:36.357551+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:36.364759+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:36.478131+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:36.598653+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:36.714698+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:41.724472+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:41.747453+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:48.891862+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:55.784595+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:16:02.135206+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:16:02.440865+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:16:02.538420+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:16:08.366094+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:16:09.395514+0200 | 2852870 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-09-25T15:12:26.165363+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:12:40.167999+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:12:54.151947+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:08.147777+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:11.803321+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:13.490866+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:16.018930+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:19.078512+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:19.176269+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:21.089363+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:26.233280+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:29.396543+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:29.515287+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:29.523748+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:34.595691+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:42.956756+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:44.742387+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:44.886976+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:44.892442+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:44.987375+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:45.215519+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:51.683447+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.306035+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.405259+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.505252+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.510776+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.515869+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.523737+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.529325+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.535715+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:58.678595+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:12.687685+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:12.786880+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:21.716450+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:23.943978+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:24.723199+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:28.697617+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:31.533733+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:32.100875+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:32.567716+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:34.738989+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:36.612732+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:37.803109+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:37.843018+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:39.456145+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:47.506152+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:47.755085+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:47.881754+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:47.972125+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:48.205154+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:48.315048+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:54.425191+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:56.883120+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:04.130457+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:04.135641+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:04.155860+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:04.182602+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:04.227858+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:04.274428+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:14.365827+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:19.263754+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:19.381271+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:30.133883+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:30.595288+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:30.711825+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:30.841824+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:36.030447+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:36.360831+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:36.479437+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:36.600957+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:36.719556+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:41.726311+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:41.749009+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:41.867565+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:41.880121+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:55.787114+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:16:02.158308+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:16:02.442801+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:16:02.545067+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:16:08.367230+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:16:09.398544+0200 | 2852923 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-09-25T15:12:18.929351+0200 | 2852874 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:12:48.879945+0200 | 2852874 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:18.947050+0200 | 2852874 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:48.884872+0200 | 2852874 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:18.887036+0200 | 2852874 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:48.877705+0200 | 2852874 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:18.887923+0200 | 2852874 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:19.110412+0200 | 2852874 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:48.891862+0200 | 2852874 | 1 | Malware Command and Control Activity Detected | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
Timestamp | SID | Severity | Classtype | Source IP | Source Port | Destination IP | Destination Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-09-25T15:14:12.570078+0200 | 2853193 | 1 | Malware Command and Control Activity Detected | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
Click to jump to signature section
AV Detection |
---|
Source: | Avira: |
Source: | Malware Configuration Extractor: |
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: |
Source: | String decryptor: | ||
Source: | String decryptor: | ||
Source: | String decryptor: | ||
Source: | String decryptor: | ||
Source: | String decryptor: | ||
Source: | String decryptor: |
Source: | Static PE information: |
Source: | Static PE information: |
Networking |
---|
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: | ||
Source: | Suricata IDS: |
Source: | URLs: |
Source: | TCP traffic: |
Source: | ASN Name: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | String found in binary or memory: |
System Summary |
---|
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Process Stats: |
Source: | Code function: | 0_2_00007FF848F36CF2 | |
Source: | Code function: | 0_2_00007FF848F35F46 | |
Source: | Code function: | 0_2_00007FF848F32040 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Matched rule: | ||
Source: | Matched rule: | ||
Source: | Matched rule: |
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: | ||
Source: | Cryptographic APIs: |
Source: | Classification label: |
Source: | Mutant created: | ||
Source: | Mutant created: |
Source: | Static PE information: |
Source: | Static file information: |
Source: | Key opened: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Static PE information: |
Source: | Static PE information: |
Data Obfuscation |
---|
Source: | .Net Code: | ||
Source: | .Net Code: |
Source: | .Net Code: | ||
Source: | .Net Code: | ||
Source: | .Net Code: |
Source: | Code function: | 0_2_00007FF848F3756A |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | WMI Queries: |
Source: | Memory allocated: | Jump to behavior | ||
Source: | Memory allocated: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior |
Source: | Window / User API: | Jump to behavior | ||
Source: | Window / User API: | Jump to behavior |
Source: | Thread sleep time: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep count: | Jump to behavior |
Source: | Thread injection, dropped files, key value created, disk infection and DNS query: |
Source: | File Volume queried: | Jump to behavior | ||
Source: | File Volume queried: | Jump to behavior |
Source: | Thread delayed: | Jump to behavior |
Source: | Binary or memory string: |
Anti Debugging |
---|
Source: | Process Stats: |
Source: | Process token adjusted: | Jump to behavior |
Source: | Thread injection, dropped files, key value created, disk infection and DNS query: |
Source: | Memory allocated: | Jump to behavior |
Source: | Queries volume information: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Binary or memory string: |
Source: | WMI Queries: |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | 11 Windows Management Instrumentation | 1 DLL Side-Loading | 1 DLL Side-Loading | 1 Disable or Modify Tools | OS Credential Dumping | 221 Security Software Discovery | Remote Services | 11 Archive Collected Data | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 232 Virtualization/Sandbox Evasion | LSASS Memory | 232 Virtualization/Sandbox Evasion | Remote Desktop Protocol | Data from Removable Media | 1 Non-Standard Port | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 1 Deobfuscate/Decode Files or Information | Security Account Manager | 1 Application Window Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 Obfuscated Files or Information | NTDS | 13 System Information Discovery | Distributed Component Object Model | Input Capture | Protocol Impersonation | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 2 Software Packing | LSA Secrets | Internet Connection Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 DLL Side-Loading | Cached Domain Credentials | Wi-Fi Discovery | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Avira | HEUR/AGEN.1305769 | ||
100% | Joe Sandbox ML |
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | Avira URL Cloud | safe |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
true |
| unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
135.224.23.113 | unknown | United States | 10455 | LUCENT-CIOUS | true |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1518290 |
Start date and time: | 2024-09-25 15:11:11 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 6m 9s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 5 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | 1727269807db8b68b2c9b1c9bdd42030655a5e439e971ba77503b2390bf7da0c0928072d74511.dat-decoded.exe |
Detection: | MAL |
Classification: | mal100.troj.evad.winEXE@1/0@0/1 |
EGA Information: | Failed |
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
- Execution Graph export aborted for target 1727269807db8b68b2c9b1c9bdd42030655a5e439e971ba77503b2390bf7da0c0928072d74511.dat-decoded.exe, PID 5064 because it is empty
- VT rate limit hit for: 1727269807db8b68b2c9b1c9bdd42030655a5e439e971ba77503b2390bf7da0c0928072d74511.dat-decoded.exe
Time | Type | Description |
---|---|---|
09:12:10 | API Interceptor |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
135.224.23.113 | Get hash | malicious | PureLog Stealer, XWorm | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
LUCENT-CIOUS | Get hash | malicious | PureLog Stealer, XWorm | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai, Moobot | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai, Moobot | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
File type: | |
Entropy (8bit): | 5.590165988673767 |
TrID: |
|
File name: | 1727269807db8b68b2c9b1c9bdd42030655a5e439e971ba77503b2390bf7da0c0928072d74511.dat-decoded.exe |
File size: | 33'280 bytes |
MD5: | 5e460456a6586d424dde3b82365f6113 |
SHA1: | a7930e9c81dc7afdb0fb597f6be3d5e7a8275538 |
SHA256: | f19f39a1030833ec381965932d4e3a827264130e622dd4da2bdad7d98f36764a |
SHA512: | 265f8aabe0c18c8d903493cae22779c10f3c486084f598b776d2200a382a855e15fa507af5e38cdd5f9b935eec4bd7d636dfbdb405713c24ecd51702ac90ea32 |
SSDEEP: | 768:TVa+vNtg+PBy3Tw4e1dVFE9j/OjhJfbk:zvNtgwy3U4epFE9j/OjTA |
TLSH: | 81E23A4877D44722DAFEAFB129F362061670D517E813EF6E0CE485E62B67AC047407EA |
File Content Preview: | MZ......................@...............................................!..L.!This program cannot be run in DOS mode....$.......PE..L......f.................x..........n.... ........@.. ....................................@................................ |
Icon Hash: | 00928e8e8686b000 |
Entrypoint: | 0x40976e |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, NX_COMPAT, NO_SEH, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x66F3A2D7 [Wed Sep 25 05:42:47 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 4 |
OS Version Minor: | 0 |
File Version Major: | 4 |
File Version Minor: | 0 |
Subsystem Version Major: | 4 |
Subsystem Version Minor: | 0 |
Import Hash: | f34d5f2d4577ed6d9ceec516c1f5a744 |
Instruction |
---|
jmp dword ptr [00402000h] |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
add byte ptr [eax], al |
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0x9718 | 0x53 | .text |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xa000 | 0x4d8 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xc000 | 0xc | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x2000 | 0x8 | .text |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x2008 | 0x48 | .text |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x2000 | 0x7774 | 0x7800 | 6ae2b5aae5010c25f998d9a0b0199f83 | False | 0.5010416666666667 | data | 5.741189311374185 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rsrc | 0xa000 | 0x4d8 | 0x600 | f1b557a6818d9f758f7d836b8b8c5070 | False | 0.373046875 | data | 3.7171466095684083 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0xc000 | 0xc | 0x200 | 3ee5eb55d2c84cad34ece42377c6f250 | False | 0.044921875 | data | 0.08153941234324169 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_VERSION | 0xa0a0 | 0x244 | data | 0.4689655172413793 | ||
RT_MANIFEST | 0xa2e8 | 0x1ea | XML 1.0 document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators | 0.5469387755102041 |
DLL | Import |
---|---|
mscoree.dll | _CorExeMain |
Timestamp | SID | Signature | Severity | Source IP | Source Port | Dest IP | Dest Port | Protocol |
---|---|---|---|---|---|---|---|---|
2024-09-25T15:12:18.929351+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:12:18.929351+0200 | 2852874 | ETPRO MALWARE Win32/XWorm CnC PING Command Inbound M2 | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:12:26.028199+0200 | 2855924 | ETPRO MALWARE Win32/XWorm V3 CnC Command - PING Outbound | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:12:26.161967+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:12:26.165363+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:12:40.165270+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:12:40.167999+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:12:48.879945+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:12:48.879945+0200 | 2852874 | ETPRO MALWARE Win32/XWorm CnC PING Command Inbound M2 | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:12:54.150157+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:12:54.151947+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:08.145362+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:08.147777+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:11.801620+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:11.803321+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:13.488608+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:13.490866+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:16.006488+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:16.018930+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:18.947050+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:18.947050+0200 | 2852874 | ETPRO MALWARE Win32/XWorm CnC PING Command Inbound M2 | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:19.076284+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:19.078512+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:19.174653+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:19.176269+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:21.087447+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:21.089363+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:26.221600+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:26.233280+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:29.381776+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:29.396543+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:29.515287+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:29.523748+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:34.593001+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:34.595691+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:42.954676+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:42.956756+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:44.739428+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:44.742387+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:44.804729+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:44.840361+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:44.886976+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:44.888175+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:44.892442+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:44.987375+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:45.210348+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:45.210437+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:45.215519+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:48.884872+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:48.884872+0200 | 2852874 | ETPRO MALWARE Win32/XWorm CnC PING Command Inbound M2 | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:51.676845+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:51.683447+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.304096+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:55.306035+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.401568+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:55.405259+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.505252+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.510776+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.515869+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.523737+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.529325+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:55.535715+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:13:58.676296+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:13:58.678595+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:12.570078+0200 | 2853193 | ETPRO MALWARE Win32/XWorm V3 CnC Command - PING Outbound | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:12.677135+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:12.687685+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:12.784133+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:12.786880+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:18.887036+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:18.887036+0200 | 2852874 | ETPRO MALWARE Win32/XWorm CnC PING Command Inbound M2 | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:21.714146+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:21.716450+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:23.941445+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:23.943978+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:24.720520+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:24.723199+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:28.680542+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:28.697617+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:31.531608+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:31.533733+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:31.568887+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:32.092324+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:32.100875+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:32.561384+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:32.567716+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:34.729533+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:34.738989+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:34.777053+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:34.779673+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:34.785277+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:36.607168+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:36.612732+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:37.801099+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:37.803109+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:37.811252+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:37.843018+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:39.454187+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:39.456145+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:47.503316+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:47.506152+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:47.753250+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:47.755085+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:47.788878+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:47.820452+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:47.881754+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:47.972125+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:48.104097+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:48.203602+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:48.205154+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:48.313340+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:48.315048+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:48.877705+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:48.877705+0200 | 2852874 | ETPRO MALWARE Win32/XWorm CnC PING Command Inbound M2 | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:54.423306+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:54.425191+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:14:56.880320+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:14:56.883120+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:04.082001+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:04.130457+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:04.132928+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:04.135641+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:04.148474+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:04.155860+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:04.180995+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:04.182602+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:04.227858+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:04.274428+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:14.364312+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:14.365827+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:18.887923+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:18.887923+0200 | 2852874 | ETPRO MALWARE Win32/XWorm CnC PING Command Inbound M2 | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:19.110412+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:19.110412+0200 | 2852874 | ETPRO MALWARE Win32/XWorm CnC PING Command Inbound M2 | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:19.254134+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:19.263754+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:19.378474+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:19.381271+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:29.914605+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:30.133883+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:30.590346+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:30.595288+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:30.707996+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:30.711825+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:30.838594+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:30.841824+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:36.025500+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:36.030447+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:36.357551+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:36.360831+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:36.364759+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:36.478131+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:36.479437+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:36.598653+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:36.600957+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:36.714698+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:36.719556+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:41.724472+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:41.726311+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:41.747453+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:41.749009+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:41.867565+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:41.880121+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:15:48.891862+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:48.891862+0200 | 2852874 | ETPRO MALWARE Win32/XWorm CnC PING Command Inbound M2 | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:55.784595+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:15:55.787114+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:16:02.135206+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:16:02.158308+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:16:02.440865+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:16:02.442801+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:16:02.538420+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:16:02.545067+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:16:08.366094+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:16:08.367230+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
2024-09-25T15:16:09.395514+0200 | 2852870 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes | 1 | 135.224.23.113 | 5555 | 192.168.2.5 | 49704 | TCP |
2024-09-25T15:16:09.398544+0200 | 2852923 | ETPRO MALWARE Win32/XWorm CnC Checkin - Generic Prefix Bytes (Client) | 1 | 192.168.2.5 | 49704 | 135.224.23.113 | 5555 | TCP |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 25, 2024 15:12:11.826401949 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:12:11.831624031 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:12:11.831763983 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:12:12.035377026 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:12:12.040365934 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:12:18.929351091 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:12:18.974709988 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:12:26.028198957 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:12:26.033248901 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:12:26.161967039 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:12:26.165363073 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:12:26.204065084 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:12:40.022628069 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:12:40.047605991 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:12:40.165270090 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:12:40.167999029 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:12:40.173135996 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:12:48.879945040 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:12:48.927742958 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:12:54.021908045 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:12:54.027005911 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:12:54.150156975 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:12:54.151947021 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:12:54.162301064 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:08.021835089 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:08.030101061 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:08.145361900 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:08.147777081 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:08.154638052 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:11.679099083 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:11.684174061 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:11.801620007 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:11.803320885 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:11.808212996 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:13.365822077 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:13.371007919 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:13.488607883 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:13.490865946 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:13.496119022 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:15.882204056 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:15.888916969 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:16.006488085 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:16.018929958 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:16.023987055 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:18.756522894 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:18.947050095 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:18.947139978 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:18.947732925 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:18.952786922 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:19.076283932 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:19.078511953 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:19.083565950 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:19.174653053 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:19.176269054 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:19.184463978 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:20.959470987 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:20.966739893 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:21.087446928 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:21.089363098 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:21.097001076 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:26.084291935 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:26.101941109 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:26.221600056 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:26.233279943 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:26.238919973 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:29.240554094 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:29.245817900 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:29.256154060 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:29.261110067 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:29.271615028 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:29.276845932 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:29.381776094 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:29.396543026 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:29.417665958 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:29.509154081 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:29.515286922 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:29.523379087 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:29.523747921 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:29.540951014 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:34.349920034 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:34.469717979 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:34.593000889 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:34.595690966 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:34.606893063 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:42.740438938 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:42.836788893 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:42.954675913 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:42.956756115 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:42.961740971 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.615444899 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:44.620776892 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.677968979 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:44.683655977 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.693527937 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:44.699426889 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.709245920 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:44.714195013 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.739428043 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.742387056 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:44.790759087 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.790827990 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:44.797626972 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.802886963 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:44.804728985 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.840361118 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.840455055 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:44.886734962 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.886976004 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:44.888175011 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.892396927 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.892441988 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:44.897495985 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.985771894 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:44.987375021 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:45.210347891 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:45.210437059 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:45.210447073 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:45.210521936 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:45.211210012 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:45.215460062 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:45.215518951 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:45.220472097 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:48.884871960 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:48.927614927 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:51.553854942 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:51.558928013 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:51.676845074 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:51.683446884 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:51.688393116 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:54.974939108 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:55.187246084 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:55.187315941 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:55.192161083 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:55.193720102 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:55.198493958 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:55.304095984 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:55.306035042 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:55.310946941 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:55.401567936 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:55.405258894 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:55.410114050 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:55.501024008 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:55.505251884 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:55.510118008 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:55.510776043 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:55.515625000 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:55.515868902 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:55.520730972 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:55.523736954 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:55.529119015 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:55.529325008 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:55.534127951 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:55.535715103 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:55.540611029 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:58.553930044 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:58.558873892 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:58.676295996 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:13:58.678595066 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:13:58.683403015 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:12.554120064 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:12.560333967 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:12.570077896 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:12.574903965 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:12.677134991 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:12.687685013 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:12.692485094 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:12.784132957 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:12.786880016 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:12.791682959 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:18.887036085 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:18.943326950 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:21.490515947 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:21.596364021 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:21.714145899 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:21.716449976 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:21.721393108 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:23.818756104 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:23.823718071 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:23.941445112 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:23.943978071 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:23.949058056 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:24.256002903 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:24.600414991 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:24.720520020 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:24.723198891 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:24.730736971 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:28.538619995 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:28.553742886 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:28.680541992 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:28.697617054 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:28.714787006 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:31.099754095 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:31.123471975 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:31.531608105 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:31.533732891 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:31.568886995 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:31.568938017 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:31.580564976 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:31.927963018 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:31.961098909 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:32.092324018 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:32.100874901 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:32.122071981 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:32.412288904 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:32.417368889 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:32.561383963 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:32.567715883 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:32.630017996 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:33.631032944 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:33.641491890 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:34.729532957 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:34.738989115 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:34.777053118 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:34.779673100 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:34.779716015 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:34.781661987 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:34.785276890 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:34.785990000 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:34.788929939 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:36.052834988 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:36.318144083 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:36.560102940 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:36.560117960 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:36.607167959 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:36.612731934 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:36.617815018 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:37.459146976 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:37.472091913 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:37.474745035 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:37.497306108 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:37.801099062 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:37.803108931 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:37.811252117 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:37.842964888 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:37.843018055 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:37.860661030 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:39.224755049 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:39.293333054 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:39.454186916 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:39.456145048 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:39.497178078 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.380860090 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.385796070 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.503315926 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.506151915 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.510992050 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.630966902 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.635828972 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.662134886 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.667040110 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.677701950 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.682605028 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.693327904 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.698100090 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.709075928 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.714003086 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.724630117 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.729504108 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.740197897 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.745214939 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.753249884 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.755084991 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.788877964 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.788944006 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.820451975 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.820518017 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.870346069 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.870410919 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.875277042 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.879405022 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.881753922 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.910773039 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.910844088 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.962393999 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.962461948 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:47.967773914 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.970031023 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:47.972125053 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:48.007304907 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:48.007370949 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:48.058315992 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:48.058373928 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:48.104096889 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:48.104159117 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:48.154355049 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:48.154411077 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:48.160661936 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:48.203602076 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:48.205153942 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:48.210226059 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:48.313339949 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:48.315047979 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:48.319998980 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:48.877705097 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:48.927504063 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:54.177791119 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:54.306186914 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:54.423305988 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:54.425190926 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:54.430077076 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:56.757703066 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:56.762661934 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:56.880320072 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:14:56.883120060 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:14:56.887928009 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:03.959041119 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:03.963970900 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:03.990247011 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:03.997148991 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:04.005851030 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:04.012593031 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:04.037313938 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:04.042234898 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:04.052751064 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:04.057744026 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:04.082000971 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:04.084752083 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:04.130389929 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:04.130456924 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:04.132927895 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:04.135581017 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:04.135641098 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:04.141254902 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:04.148473978 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:04.155859947 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:04.180994987 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:04.182601929 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:04.226207972 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:04.227858067 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:04.274360895 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:04.274427891 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:04.279325008 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:14.242038965 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:14.247051001 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:14.364311934 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:14.365827084 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:14.370680094 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:18.887923002 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:19.110411882 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:19.110523939 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:19.130830050 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:19.136497974 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:19.254133940 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:19.256094933 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:19.260973930 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:19.263753891 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:19.268604040 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:19.378473997 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:19.381270885 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:19.386125088 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:29.756233931 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:29.761264086 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:29.914604902 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:29.961837053 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:30.133882999 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:30.166960001 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:30.318392038 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:30.481154919 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:30.481215000 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:30.518615007 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:30.590346098 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:30.595288038 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:30.600816965 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:30.707995892 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:30.711824894 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:30.746972084 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:30.838593960 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:30.841824055 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:30.847289085 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:35.771631002 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:35.904793978 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:35.904916048 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:35.928339958 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:36.025500059 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:36.030447006 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:36.036036015 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:36.147084951 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:36.357551098 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:36.357659101 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:36.360759974 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:36.360831022 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:36.364758968 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:36.364825964 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:36.367944002 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:36.478131056 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:36.479437113 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:36.528680086 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:36.598653078 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:36.600956917 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:36.622273922 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:36.714698076 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:36.719556093 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:36.731132984 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:41.583956957 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:41.594603062 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:41.615164042 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:41.621287107 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:41.646617889 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:41.653693914 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:41.662040949 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:41.667011023 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:41.724472046 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:41.726310968 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:41.738176107 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:41.747452974 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:41.749008894 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:41.798593044 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:41.838047028 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:41.867564917 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:41.880039930 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:41.880120993 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:41.893959045 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:48.891861916 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:48.945595026 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:55.662029028 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:55.666969061 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:55.784595013 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:15:55.787113905 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:15:55.792022943 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:02.010262966 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:16:02.015459061 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:02.135205984 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:02.158308029 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:16:02.163228989 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:02.318320990 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:16:02.323359013 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:02.333842039 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:16:02.338680029 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:02.440865040 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:02.442800999 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:16:02.447737932 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:02.538419962 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:02.545067072 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:16:02.549957991 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:08.240164042 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:16:08.247661114 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:08.366094112 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:08.367229939 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:16:08.372103930 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:09.271346092 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:16:09.277709007 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:09.395514011 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Sep 25, 2024 15:16:09.398544073 CEST | 49704 | 5555 | 192.168.2.5 | 135.224.23.113 |
Sep 25, 2024 15:16:09.403453112 CEST | 5555 | 49704 | 135.224.23.113 | 192.168.2.5 |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Target ID: | 0 |
Start time: | 09:12:03 |
Start date: | 25/09/2024 |
Path: | C:\Users\user\Desktop\1727269807db8b68b2c9b1c9bdd42030655a5e439e971ba77503b2390bf7da0c0928072d74511.dat-decoded.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0xa60000 |
File size: | 33'280 bytes |
MD5 hash: | 5E460456A6586D424DDE3B82365F6113 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Yara matches: |
|
Reputation: | low |
Has exited: | false |
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F35F46 Relevance: .5, Instructions: 477COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F36CF2 Relevance: .5, Instructions: 463COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Strings |
|
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F30758 Relevance: .4, Instructions: 392COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F3237D Relevance: .4, Instructions: 385COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F36906 Relevance: .3, Instructions: 336COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F38609 Relevance: .3, Instructions: 277COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F38B4D Relevance: .3, Instructions: 256COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F327C5 Relevance: .2, Instructions: 237COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F37708 Relevance: .2, Instructions: 236COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F38BA0 Relevance: .2, Instructions: 230COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F37718 Relevance: .2, Instructions: 229COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F37728 Relevance: .2, Instructions: 218COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F37F9D Relevance: .2, Instructions: 214COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F30925 Relevance: .2, Instructions: 213COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F37738 Relevance: .2, Instructions: 211COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F388C1 Relevance: .2, Instructions: 206COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F37748 Relevance: .2, Instructions: 206COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F31908 Relevance: .2, Instructions: 203COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F37758 Relevance: .2, Instructions: 199COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F3383C Relevance: .2, Instructions: 197COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F305A0 Relevance: .2, Instructions: 180COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F31660 Relevance: .2, Instructions: 163COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F31FA5 Relevance: .2, Instructions: 163COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F30B5E Relevance: .2, Instructions: 160COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F304C8 Relevance: .1, Instructions: 138COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F30E11 Relevance: .1, Instructions: 132COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F30CC1 Relevance: .1, Instructions: 121COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F30E30 Relevance: .1, Instructions: 116COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F39679 Relevance: .1, Instructions: 114COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F381C9 Relevance: .1, Instructions: 102COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F3AB05 Relevance: .1, Instructions: 101COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F384C5 Relevance: .1, Instructions: 99COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F38362 Relevance: .1, Instructions: 96COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F3A911 Relevance: .1, Instructions: 80COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F38662 Relevance: .1, Instructions: 78COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F32A6A Relevance: .1, Instructions: 74COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F313D5 Relevance: .1, Instructions: 70COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F312C1 Relevance: .1, Instructions: 61COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F39562 Relevance: .1, Instructions: 57COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F37DF1 Relevance: .1, Instructions: 57COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F3AA69 Relevance: .0, Instructions: 45COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F3135D Relevance: .0, Instructions: 38COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F3143B Relevance: .0, Instructions: 31COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F39615 Relevance: .0, Instructions: 28COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F31284 Relevance: .0, Instructions: 26COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|
Function 00007FF848F31141 Relevance: .0, Instructions: 26COMMON
Memory Dump Source |
|
Joe Sandbox IDA Plugin |
|
Similarity |
|