Edit tour
Windows
Analysis Report
file.exe
Overview
General Information
Detection
Score: | 60 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of debugger detection
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Installs a raw input device (often for capturing keystrokes)
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sleep loop found (likely to delay execution)
Stores files to the Windows start menu directory
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Classification
- System is w10x64
- file.exe (PID: 5556 cmdline:
"C:\Users\ user\Deskt op\file.ex e" MD5: 0CDC96575612C0492C5137E300D18CEE) - chrome.exe (PID: 6780 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ki osk https: //youtube. com/accoun t?=https:/ /accounts. google.com /v3/signin /challenge /pwd MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 6048 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2164 --fi eld-trial- handle=186 4,i,604184 0047849572 020,897289 4644726327 820,262144 /prefetch :8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7940 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= audio.mojo m.AudioSer vice --lan g=en-US -- service-sa ndbox-type =audio --m ojo-platfo rm-channel -handle=57 36 --field -trial-han dle=1864,i ,604184004 7849572020 ,897289464 4726327820 ,262144 /p refetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7948 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= video_capt ure.mojom. VideoCaptu reService --lang=en- US --servi ce-sandbox -type=none --mojo-pl atform-cha nnel-handl e=5512 --f ield-trial -handle=18 64,i,60418 4004784957 2020,89728 9464472632 7820,26214 4 /prefetc h:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_0059DBBE | |
Source: | Code function: | 0_2_0056C2A2 | |
Source: | Code function: | 0_2_005A68EE | |
Source: | Code function: | 0_2_005A698F | |
Source: | Code function: | 0_2_0059D076 | |
Source: | Code function: | 0_2_0059D3A9 | |
Source: | Code function: | 0_2_005A9642 | |
Source: | Code function: | 0_2_005A979D | |
Source: | Code function: | 0_2_005A9B2B | |
Source: | Code function: | 0_2_005A5C97 |
Source: | IP Address: |
Source: | JA3 fingerprint: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | Code function: | 0_2_005ACE44 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_005AEAFF |
Source: | Code function: | 0_2_005AED6A |
Source: | Code function: | 0_2_005AEAFF |
Source: | Code function: | 0_2_0059AA57 |
Source: | Binary or memory string: | memstr_4dcf7495-e |
Source: | Code function: | 0_2_005C9576 |
System Summary |
---|
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | memstr_57b441af-0 | |
Source: | String found in binary or memory: | memstr_87b2bbc6-8 | |
Source: | String found in binary or memory: | memstr_08b13707-3 | |
Source: | String found in binary or memory: | memstr_359d4850-a |
Source: | Code function: | 0_2_0059D5EB |
Source: | Code function: | 0_2_00591201 |
Source: | Code function: | 0_2_0059E8F6 |
Source: | Code function: | 0_2_0053BF40 | |
Source: | Code function: | 0_2_005A2046 | |
Source: | Code function: | 0_2_00538060 | |
Source: | Code function: | 0_2_00598298 | |
Source: | Code function: | 0_2_0056E4FF | |
Source: | Code function: | 0_2_0056676B | |
Source: | Code function: | 0_2_005C4873 | |
Source: | Code function: | 0_2_0053CAF0 | |
Source: | Code function: | 0_2_0055CAA0 | |
Source: | Code function: | 0_2_0054CC39 | |
Source: | Code function: | 0_2_00566DD9 | |
Source: | Code function: | 0_2_0054B119 | |
Source: | Code function: | 0_2_005391C0 | |
Source: | Code function: | 0_2_00551394 | |
Source: | Code function: | 0_2_00551706 | |
Source: | Code function: | 0_2_0055781B | |
Source: | Code function: | 0_2_0054997D | |
Source: | Code function: | 0_2_00537920 | |
Source: | Code function: | 0_2_005519B0 | |
Source: | Code function: | 0_2_00557A4A | |
Source: | Code function: | 0_2_00551C77 | |
Source: | Code function: | 0_2_00557CA7 | |
Source: | Code function: | 0_2_005BBE44 | |
Source: | Code function: | 0_2_00569EEE | |
Source: | Code function: | 0_2_00551F32 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_005A37B5 |
Source: | Code function: | 0_2_005910BF | |
Source: | Code function: | 0_2_005916C3 |
Source: | Code function: | 0_2_005A51CD |
Source: | Code function: | 0_2_005BA67C |
Source: | Code function: | 0_2_005A648E |
Source: | Code function: | 0_2_005342A2 |
Source: | File created: | Jump to behavior |
Source: | Static PE information: |
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Static file information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_005342DE |
Source: | Code function: | 0_2_00550A89 |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Source: | Code function: | 0_2_0054F98E | |
Source: | Code function: | 0_2_005C1C41 |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Sandbox detection routine: | graph_0-97024 |
Source: | Window / User API: | Jump to behavior |
Source: | API coverage: |
Source: | Thread sleep count: | Jump to behavior | ||
Source: | Thread sleep time: | Jump to behavior |
Source: | Last function: | ||
Source: | Last function: |
Source: | Thread sleep count: | Jump to behavior |
Source: | Code function: | 0_2_0059DBBE | |
Source: | Code function: | 0_2_0056C2A2 | |
Source: | Code function: | 0_2_005A68EE | |
Source: | Code function: | 0_2_005A698F | |
Source: | Code function: | 0_2_0059D076 | |
Source: | Code function: | 0_2_0059D3A9 | |
Source: | Code function: | 0_2_005A9642 | |
Source: | Code function: | 0_2_005A979D | |
Source: | Code function: | 0_2_005A9B2B | |
Source: | Code function: | 0_2_005A5C97 |
Source: | Code function: | 0_2_005342DE |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Anti Debugging |
---|
Source: | Debugger detection routine: | graph_0-96244 |
Source: | Code function: | 0_2_005AEAA2 |
Source: | Code function: | 0_2_00562622 |
Source: | Code function: | 0_2_005342DE |
Source: | Code function: | 0_2_00554CE8 |
Source: | Code function: | 0_2_00590B62 |
Source: | Code function: | 0_2_00562622 | |
Source: | Code function: | 0_2_0055083F | |
Source: | Code function: | 0_2_005509D5 | |
Source: | Code function: | 0_2_00550C21 |
Source: | Code function: | 0_2_00591201 |
Source: | Code function: | 0_2_00572BA5 |
Source: | Code function: | 0_2_0059B226 |
Source: | Code function: | 0_2_005B22DA |
Source: | Process created: | Jump to behavior |
Source: | Code function: | 0_2_00590B62 |
Source: | Code function: | 0_2_00591663 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00550698 |
Source: | Code function: | 0_2_005A8195 |
Source: | Code function: | 0_2_0058D27A |
Source: | Code function: | 0_2_0056B952 |
Source: | Code function: | 0_2_005342DE |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_005B1204 | |
Source: | Code function: | 0_2_005B1806 |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 2 Valid Accounts | 1 Native API | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 1 Disable or Modify Tools | 31 Input Capture | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 2 Valid Accounts | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 31 Input Capture | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | 1 Registry Run Keys / Startup Folder | 2 Valid Accounts | 2 Obfuscated Files or Information | Security Account Manager | 2 File and Directory Discovery | SMB/Windows Admin Shares | 3 Clipboard Data | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 21 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 15 System Information Discovery | Distributed Component Object Model | Input Capture | 4 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 12 Process Injection | 1 Masquerading | LSA Secrets | 221 Security Software Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | 1 Registry Run Keys / Startup Folder | 2 Valid Accounts | Cached Domain Credentials | 22 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 22 Virtualization/Sandbox Evasion | DCSync | 2 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 21 Access Token Manipulation | Proc Filesystem | 11 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | 12 Process Injection | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
youtube-ui.l.google.com | 142.250.186.78 | true | false | unknown | |
www3.l.google.com | 142.250.184.238 | true | false | unknown | |
play.google.com | 216.58.212.142 | true | false | unknown | |
www.google.com | 142.250.184.228 | true | false | unknown | |
youtube.com | 142.250.185.142 | true | false | unknown | |
accounts.youtube.com | unknown | unknown | false | unknown | |
www.youtube.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.186.78 | youtube-ui.l.google.com | United States | 15169 | GOOGLEUS | false | |
216.58.212.142 | play.google.com | United States | 15169 | GOOGLEUS | false | |
216.58.206.68 | unknown | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.185.142 | youtube.com | United States | 15169 | GOOGLEUS | false | |
142.250.184.238 | www3.l.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.184.228 | www.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.184.206 | unknown | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.8 |
192.168.2.5 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1520639 |
Start date and time: | 2024-09-27 17:40:09 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 4s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 10 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | file.exe |
Detection: | MAL |
Classification: | mal60.evad.winEXE@31/36@14/10 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): dllhost.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.185.67, 142.250.185.174, 64.233.166.84, 34.104.35.123, 216.58.206.42, 142.250.185.138, 142.250.185.74, 142.250.185.106, 142.250.184.234, 142.250.185.170, 142.250.186.138, 142.250.186.74, 142.250.181.234, 142.250.186.170, 172.217.18.106, 142.250.184.202, 142.250.185.234, 216.58.212.138, 142.250.185.202, 172.217.16.202, 142.250.186.35, 142.250.186.106, 142.250.74.202, 172.217.18.10, 172.217.23.106, 142.250.186.42, 199.232.210.172, 192.229.221.95, 142.250.185.163, 142.250.74.206
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, optimizationguide-pa.googleapis.com
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing disassembly code.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: file.exe
⊘No simulations
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | HTMLPhisher | Browse | ||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | HTMLPhisher | Browse |
⊘No context
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | HTMLPhisher | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.978590813077424 |
Encrypted: | false |
SSDEEP: | 48:8WdzsTUQtHMidAKZdA19ehwiZUklqehky+3:88svAjy |
MD5: | BF2A6A7B782ED360CEB2866F6CDC3F3F |
SHA1: | 1B52A1451692B503B829369D8C16D5BAB9C3D59B |
SHA-256: | 5F002A09D1E8B41FE94E407FD52D367F11E17903ADABE9B1DB78124D984495F1 |
SHA-512: | FAA7311E4789D491B57E0C97A006C7198D658B7C208398B6118E7D02110EEC4FB2C5668353CF4CF7914B601C3DD5F239BF611BD96237F2126A6988276F57642E |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 3.9963519912166405 |
Encrypted: | false |
SSDEEP: | 48:8ndzsTUQtHMidAKZdA1weh/iZUkAQkqehTy+2:8lsv69Q6y |
MD5: | 99AEAFDED1B640D15A176D141C63450D |
SHA1: | 767A6500DF67B365EAC68B165925B92C4485DA83 |
SHA-256: | 7FB940D2DC03798C3B7A723CE6F8E8C9D3609408CCAC998DCF5EF657228059A3 |
SHA-512: | BD4F713BD2480E0D98DF923AD0B8B6EE8DCBE467D760255131A308E286CD18A8D6ABCD09716D2FABF4C1394BF6B3AB3674DE6D3A2FE022B9D2569D5EEE8A43F6 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.007418998646242 |
Encrypted: | false |
SSDEEP: | 48:8xBdzsTUQsHMidAKZdA14tseh7sFiZUkmgqeh7sZy+BX:8xHsv1nvy |
MD5: | 59035B3394509BBB85C325EEFA18928E |
SHA1: | 99B64EAC5AA4A4E1ABB85EB68DB262A1F464C4C2 |
SHA-256: | C0D0386F09FB024ADF66D1CA18D42BB456CB3595CD35988167F7624EDC1D8909 |
SHA-512: | 6820557B1895D18325738DE3526B86832EC90BD5C32658F3E78C3358524974CDF6A692BAD0812DDB90C0E81B68CDE321C01A32003DF9655E92054B4C2E38FC03 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.996056918615686 |
Encrypted: | false |
SSDEEP: | 48:82dzsTUQtHMidAKZdA1vehDiZUkwqehXy+R:8csvhhy |
MD5: | DCF3EEA83211EBC8939E89082B0C34CD |
SHA1: | DAE18987AA8C80CCA7BDB7C2096F07671936BF19 |
SHA-256: | 51BD8D9972DA521561D48F729134FB551B21976190E8A152AC78A9125236EA55 |
SHA-512: | 07E708816F70FFD88EF97E5B06854DDDB0B3FB7EE9299E7B8D180B48C332756FE1156FD7ABBBDE8415060BB397797E3769D357ACB6A74F893F4CEA5B3AB36DC2 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.985935964334401 |
Encrypted: | false |
SSDEEP: | 48:8GdzsTUQtHMidAKZdA1hehBiZUk1W1qehVy+C:8ssvh91y |
MD5: | D609A973F389D5554C9F62C9C2EB1B1A |
SHA1: | A02D4AD14770054FD3269B04D0C192B70BCF911C |
SHA-256: | F22957E157A7E0F5DAA956B03E667244ACF9E0DAECEA3F9E1F17B9BB2CB1768C |
SHA-512: | E27330D5B5FCBDC0BA8F56B2B2FE20154E7127CF03884B0F31B3C988DFDBA1C609389702C95485C9FB79E33BA9B303648B07B35A5E77F4FE557785FB40EDC345 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 3.9941381417076847 |
Encrypted: | false |
SSDEEP: | 48:86dzsTUQtHMidAKZdA1duT+ehOuTbbiZUk5OjqehOuTbvy+yT+:8gsvdT/TbxWOvTbvy7T |
MD5: | 790617C2DA45C49B1DE8767EBE44A942 |
SHA1: | 105DA47D26EBBECA8949B8AB2567D5BFE9F9F36B |
SHA-256: | F85F7472B5D897730FADE521E845739E8C2FE1A229CD30AABC9C84B7F9DE1906 |
SHA-512: | AB7A00111E850DCE2BC57587BD11C0B566E191105A7F646174CB5B0D6C281CD65DC481E99A5559838916E44F8F46E7EC0E91D6D511F90A0057A69C23A3ABC287 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 84 |
Entropy (8bit): | 4.875266466142591 |
Encrypted: | false |
SSDEEP: | 3:DZFJu0+WVTBCq2Bjdw2KsJJuYHSKnZ:lFJuuVTBudw29nu4SKZ |
MD5: | 87B6333E98B7620EA1FF98D1A837A39E |
SHA1: | 105DE6815B0885357DE1414BFC0D77FCC9E924EF |
SHA-256: | DCD3C133C5C40BECD4100BBE6EDAE84C9735E778E4234A5E8395C56FF8A733BA |
SHA-512: | 867D7943D813685FAA76394E53199750C55817E836FD19C933F74D11E9657CE66719A6D6B2E39EE1DE62358BCE364E38A55F4E138DF92337DE6985DDCD5D0994 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioBw==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 603951 |
Entropy (8bit): | 5.789949489744101 |
Encrypted: | false |
SSDEEP: | 3072:x0pApkygA62bwwdnO2YflNYhFGOizdGj008PpVVM96C5bMEPQUhts6FV8eKqtVAT:xlgNmwwdnOsF98oNGuQRAYqXsI1+ |
MD5: | 036BC6CEC1912EAA63C716C2A7494AFC |
SHA1: | C32891F55B0D7A86DCE1BDBB7B84DB21C2A09F4F |
SHA-256: | 1A6181C3DFAEE5919CE57152DCFFCDC4B151C5FB2969CFD62168C1711FF202CF |
SHA-512: | 0AAA2285D109114921B5FD8A15F9A3D1F218AF8C61054B3925965E6753F8A49B45798326EA986C4A6B6180B6C36292A4652E2BA730C7505684DAAA4B5C314675 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlGsNipZrCRRMFQh1-tVmHSsIDzQTA/m=_b,_tp" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1460 |
Entropy (8bit): | 5.316515499943097 |
Encrypted: | false |
SSDEEP: | 24:kMYD7DduJqrxsNL90YIzFK/Hb5eNhz1uktdDuvKKKGbLZ99GbSSF/ZR8OkdnprGJ:o7DQJopFN+ASCKKGbF99GbSS3RY7rw |
MD5: | D97AB4594FC610665FF2763A650EE6A8 |
SHA1: | 5C7459CA838D27BE45745571D8D96D156F4B9F8D |
SHA-256: | 767D778369623FD8F5FB98D3BCC3130D05D02CBE0B9B88DD226F43281B14E9AF |
SHA-512: | CE4941B41C3A8CC983C1BBCC87EF682823CB9DB24EA7A570E35BBF832046340D433F7D47211384B61FA38F3527CC35C195A6068CCB24B48E1F492C5B4D4192A1 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=P6sQOc" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9210 |
Entropy (8bit): | 5.3872171131917925 |
Encrypted: | false |
SSDEEP: | 192:FK/pAzN7GZ068Hqhqu6DQaVapzYjgKItwdiwUsYRTi1j1t9bRl9:FqI7GZ04dRYjghtgisYYbt9ll9 |
MD5: | AB70454DE18E1CE16E61EAC290FC304D |
SHA1: | 68532B5E8B262D7E14B8F4507AA69A61146B3C18 |
SHA-256: | B32D746867CC4FA21FD39437502F401D952D0A3E8DC708DFB7D58B85F256C0F1 |
SHA-512: | A123C517380BEF0B47F23A5A6E1D16650FE39D9C701F9FA5ADD79294973C118E8EA3A7BA32CB63C3DFC0CE0F843FB86BFFCAA2AAE987629E7DFF84F176DEBB98 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PrPYRd,Rkm0ef,SCuOPb,STuCOe,SpsfSb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,byfTOb,cYShmd,eVCnO,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,qPfo0c,qmdT9,rCcCxc,siKnQd,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,yRXbo,bTi8wc,ywOR5c,PHUIyb" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3131 |
Entropy (8bit): | 5.3750044852869046 |
Encrypted: | false |
SSDEEP: | 48:o7zfN/cD498xdg+Y5jNQ8js6npwk0OmNAEZbpMzR4EQBcW5QcHj9KWfGAeFKRrw:oCD9dA5jOEGh+EFqR4rhqUhzff9w |
MD5: | 39693D34EE3D1829DBB1627C4FC6687B |
SHA1: | A03303C2F027F3749B48D5134D1F8FB3E495C6E9 |
SHA-256: | 03B0C1B4E402E0BCF75D530DD9085B25357EEFD09E238453DE1F3A042542C076 |
SHA-512: | AC0749EDC33DA0EC0E40470388DD797B6528AD08B8FAC1C2AC42F85198131052BA1B533E90409D35DA237607E8B07D591FA6BA580B6A90B0D0AB2282A01F7585 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZwDk9d,RMhBfe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 32499 |
Entropy (8bit): | 5.361345284201954 |
Encrypted: | false |
SSDEEP: | 768:mLX1O+aL6fgyIiREM4RKmh90toLoTswtF3ATcbDR6kIsnJd9DPyMv/FI:U2M4oltoLoTswtFoc/tIsnXFLI |
MD5: | D5C3FB8EAE24AB7E40009338B5078496 |
SHA1: | 5638BF5986A6445A88CD79A9B690B744B126BEC2 |
SHA-256: | 597C14D360D690BCFDC2B8D315E6BB8879AEF33DE6C30D274743079BDB63C6B0 |
SHA-512: | 6AE434850D473BEF15AA694AB4862596982CDDA6BD3991991D3ADD8F4A5F61DFBF8756D0DA98B72EF083909D68CF7B6B148A6488E9381F92FBF15CCB20176A0E |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=_b,_tp/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1608 |
Entropy (8bit): | 5.280977407061266 |
Encrypted: | false |
SSDEEP: | 48:o7YNJvl3WlENrpB3stYCIgMxILNH/wf7DVTBpdQrw:oApB8iDwYlGw |
MD5: | 4FB66582D37D04933F00E49C2FBA34D4 |
SHA1: | 3DB09C53BBEB1EEB045A001356E498D8EF30915D |
SHA-256: | A97DAC01ABFE3EB75C7C97D504E21BDDDADDB6EBE0B56B6A9A10CD3700CAB41B |
SHA-512: | 2AEB3A6CFFBF6EFA626EBDC9E11ACBAC04BFE986F98FBC050B2501898B289C67D392ED195D16ACC9565EF8784401ADA1E88188CDE3A7AB12D98BB5ED7D8A5711 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=w9hDv,ZDZcre,A7fCU" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4070 |
Entropy (8bit): | 5.362700670482359 |
Encrypted: | false |
SSDEEP: | 96:GUpT+TmXtdW1qsHFcn7t7CnyWYvNTcLaQOw:lpT+qXW1PFcn7tGnyWY1TGb |
MD5: | ED368A20CB303C0E7C6A3E6E43C2E14F |
SHA1: | 429A5C538B45221F80405163D1F87912DD73C05A |
SHA-256: | 93BA77AD4B11E0A70C0D36576F0DF24E27F50001EA02BAA6D357E034532D97F2 |
SHA-512: | DE74BBADE910475DD245FFEFD4E1FD10137DE710B1C920D33BA52554911496E1339EF3C1F6D9D315CBC98A60ABE5687A3E7D8BEE483708E18D25722E794BDBE9 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=sOXFj,q0xTif,ZZ4WUe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5430 |
Entropy (8bit): | 3.6534652184263736 |
Encrypted: | false |
SSDEEP: | 48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B |
MD5: | F3418A443E7D841097C714D69EC4BCB8 |
SHA1: | 49263695F6B0CDD72F45CF1B775E660FDC36C606 |
SHA-256: | 6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770 |
SHA-512: | 82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563 |
Malicious: | false |
URL: | https://www.google.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52280 |
Entropy (8bit): | 7.995413196679271 |
Encrypted: | true |
SSDEEP: | 1536:1rvqtK8DZilXxwJ8mMwAZy7phqsFLdG3B4d:xytBZits8bw4wzbFxG3B4d |
MD5: | F61F0D4D0F968D5BBA39A84C76277E1A |
SHA1: | AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2 |
SHA-256: | 57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC |
SHA-512: | 6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487 |
Malicious: | false |
URL: | https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 697429 |
Entropy (8bit): | 5.593310312179182 |
Encrypted: | false |
SSDEEP: | 6144:TYNlxfbDTYDhzCTNoygVWyJb5eGpbL2Mp15gI8seqfh53p+rrvV7i:T25bDTYB+qeGB+Nu |
MD5: | 92F0F5E28355D863ACB77313F1E675DE |
SHA1: | 8AD6F9B535D5B8952A4ADCCC57E4A4E0723F1E8D |
SHA-256: | F903AE346609A2872554A3D8FFBDB1836CB5C8B7AAAED4C3F8296B887E03D833 |
SHA-512: | 0C81A6CD850C6ACDBE9CCCBA00BBA34CDE1E09E8572814AE8E55DBED3C2B56F0B020359841F8217843B3403847DF46FA1C82229684F762A73C8110CE45898DAF |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,XVq9Qb,STuCOe,njlZCf,m9oV,vjKJJ,y5vRwf,iyZMqd,NTMZac,mzzZzc,rCcCxc,vvMGie,K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc,NOeYWe,O6y8ed,L9OGUe,PrPYRd,MpJwZc,qPfo0c,cYShmd,hc6Ubd,Rkm0ef,KUM7Z,oLggrd,inNHtf,L1AAkb,WpP9Yc,lwddkf,gJzDyc,SpsfSb,aC1iue,tUnxGc,aW3pY,ZakeSe,EFQ78c,xQtZb,I6YDgd,zbML3c,zr1jrb,vHEMJe,YHI3We,YTxL4,bSspM,Uas9Hd,zy0vNb,K0PMbc,AvtSve,qmdT9,MY7mZe,xBaz7b,GwYlN,eVCnO,EIOG1e,LDQI" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3471 |
Entropy (8bit): | 5.5174491302699495 |
Encrypted: | false |
SSDEEP: | 96:ojAmjTJ/fJgpIcB7Fd2tilGBEMO/A6VxV08w:vUTJpgDJXM0ApJ |
MD5: | 2D999C87DD54C7FE6400D267C33FBB23 |
SHA1: | 414C3A329C2760325EDBACBD7A221D7F8DBFEEE8 |
SHA-256: | 76D55A1AFC1D39CB04D60EB04E45A538A0E75EE2871561C84CC89B1C13596BCC |
SHA-512: | 72D923BB71DD147139962FF8E2BD0E336E0F6409C212AC2F25387D0F3B4FC9365F5A6D40E2980BB1065534888362C97D6B7663E362D29166B5915D2A9DA7D238 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,wg1P6b,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1858 |
Entropy (8bit): | 5.253939888205379 |
Encrypted: | false |
SSDEEP: | 48:o7BNJfeFb8L3A6FHqIy5Z+d70OCzSfvi/3fM/r8ZQzRrw:oFuILhFHrVCz0vLZz9w |
MD5: | 10FF6F99E3228E96AFD6E2C30EF97C0A |
SHA1: | 4AE3DCB8D1F5A0C302D5BAD9DFF5050A7A5E8130 |
SHA-256: | 95E5546E1C7F311D07BB5050CC456A973E43BCC4777BA6014757376016537679 |
SHA-512: | 116C0B1CAC98A27044100005545AB66BE5F4801D75DC259093A9F145B3A4ACD8DC1C360AF525F6DC8421CD54B675A78023D2ED8B57F5946A3969543758C673C9 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=iAskyc,ziXSP" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22827 |
Entropy (8bit): | 5.420322672717721 |
Encrypted: | false |
SSDEEP: | 384:/jqdWXWfyA20UUjDE8BSUxDJs16KHvSN34kaHaN+587SaXD2mLR0H:/jqdWXAUUjDE84Wi6KPSKjHaN+58+0J2 |
MD5: | 2B29741A316862EE788996DD29116DD5 |
SHA1: | 9D5551916D4452E977C39B8D69CF88DF2AAA462B |
SHA-256: | 62955C853976B722EFBB4C116A10DB3FF54580EDD7495D280177550B8F4289AB |
SHA-512: | 6E37C3258F07F29909763728DADE0CD40A3602D55D9099F78B37756926FCF2A50008B82876B518FEAF3E56617F0F7D1D37A73C346A99A58E6AD8BCD6689E9B15 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5049 |
Entropy (8bit): | 5.317800104741948 |
Encrypted: | false |
SSDEEP: | 96:oHX9gPiPrfnHhsB0TR6kg1oDPJzLmM18Vh1z2fEZ54TZtnqj6w:EtEAr6BmPZtOeEvW/ncP |
MD5: | CE53EF566B68CCF2D62FA044CFB0D138 |
SHA1: | F48EC60289F2B55E8B388601206888F8295B1EB1 |
SHA-256: | E6CC5114D92811D5DE0663266D4B63F367834AFA0FC3BAFA54F707038C59D010 |
SHA-512: | 20B434881DE971E263669E6096C01665D4D35B0FBFF47D312A4A442645EE962A8CE6AD7E68246D4EE9691BD30D9B1DDCF7059226492E1B58CD3191B63B001E4D |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=wg1P6b" |
Preview: |
File type: | |
Entropy (8bit): | 7.036733434834559 |
TrID: |
|
File name: | file.exe |
File size: | 1'167'360 bytes |
MD5: | 0cdc96575612c0492c5137e300d18cee |
SHA1: | e02a5ed08f2b187d8709acf6fe680750e32ea1f0 |
SHA256: | 6b46a024fb39fefa5bce5a16113c610bb0b5f9f2f77034b638cb50daea5682d6 |
SHA512: | 2c514a465d7554b0ac07fdba52d59e96baa93dff20e3208421756f2e95bc1b16fac2204b1cd6cb696f10f92782812f17a79c394afbd7ac07ad73bd9d6f0845e0 |
SSDEEP: | 24576:XqDEvCTbMWu7rQYlBQcBiT6rprG8ar32+b+HdiJUK:XTvC/MTQYxsWR7ar32+b+HoJU |
TLSH: | 9245CF027391C062FF9B92734F5AF6115BBC69260123E61F13981DBABE701B1563E7A3 |
File Content Preview: | MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z.... |
Icon Hash: | aaf3e3e3938382a0 |
Entrypoint: | 0x420577 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x66F6CE5D [Fri Sep 27 15:25:17 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | 948cc502fe9226992dce9417f952fce3 |
Instruction |
---|
call 00007F9F58BFE813h |
jmp 00007F9F58BFE11Fh |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007F9F58BFE2FDh |
mov dword ptr [esi], 0049FDF0h |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FDF8h |
mov dword ptr [ecx], 0049FDF0h |
ret |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007F9F58BFE2CAh |
mov dword ptr [esi], 0049FE0Ch |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FE14h |
mov dword ptr [ecx], 0049FE0Ch |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
and dword ptr [eax], 00000000h |
and dword ptr [eax+04h], 00000000h |
push eax |
mov eax, dword ptr [ebp+08h] |
add eax, 04h |
push eax |
call 00007F9F58C00EBDh |
pop ecx |
pop ecx |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
lea eax, dword ptr [ecx+04h] |
mov dword ptr [ecx], 0049FDD0h |
push eax |
call 00007F9F58C00F08h |
pop ecx |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
push eax |
call 00007F9F58C00EF1h |
test byte ptr [ebp+08h], 00000001h |
pop ecx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xc8e64 | 0x17c | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd4000 | 0x46464 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x11b000 | 0x7594 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xb0ff0 | 0x1c | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0xc3400 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xb1010 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x9c000 | 0x894 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x9ab1d | 0x9ac00 | 0a1473f3064dcbc32ef93c5c8a90f3a6 | False | 0.565500681542811 | data | 6.668273581389308 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x9c000 | 0x2fb82 | 0x2fc00 | c9cf2468b60bf4f80f136ed54b3989fb | False | 0.35289185209424084 | data | 5.691811547483722 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xcc000 | 0x706c | 0x4800 | 53b9025d545d65e23295e30afdbd16d9 | False | 0.04356553819444445 | DOS executable (block device driver @\273\) | 0.5846666986982398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0xd4000 | 0x46464 | 0x46600 | 56087394f0de928afb4db961a3a60167 | False | 0.9059655306394316 | data | 7.844916540599419 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0x11b000 | 0x7594 | 0x7600 | c68ee8931a32d45eb82dc450ee40efc3 | False | 0.7628111758474576 | data | 6.7972128181359786 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0xd45a8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
RT_ICON | 0xd46d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
RT_ICON | 0xd47f8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.3885135135135135 |
RT_ICON | 0xd4920 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 0 | English | Great Britain | 0.3333333333333333 |
RT_ICON | 0xd4c08 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 0 | English | Great Britain | 0.5 |
RT_ICON | 0xd4d30 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | English | Great Britain | 0.2835820895522388 |
RT_ICON | 0xd5bd8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | Great Britain | 0.37906137184115524 |
RT_ICON | 0xd6480 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | English | Great Britain | 0.23699421965317918 |
RT_ICON | 0xd69e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | English | Great Britain | 0.13858921161825727 |
RT_ICON | 0xd8f90 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | English | Great Britain | 0.25070356472795496 |
RT_ICON | 0xda038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | Great Britain | 0.3173758865248227 |
RT_MENU | 0xda4a0 | 0x50 | data | English | Great Britain | 0.9 |
RT_STRING | 0xda4f0 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
RT_STRING | 0xdaa84 | 0x68a | data | English | Great Britain | 0.2735961768219833 |
RT_STRING | 0xdb110 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
RT_STRING | 0xdb5a0 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
RT_STRING | 0xdbb9c | 0x65c | data | English | Great Britain | 0.34336609336609336 |
RT_STRING | 0xdc1f8 | 0x466 | data | English | Great Britain | 0.3605683836589698 |
RT_STRING | 0xdc660 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
RT_RCDATA | 0xdc7b8 | 0x3d72c | data | 1.0003416874592757 | ||
RT_GROUP_ICON | 0x119ee4 | 0x76 | data | English | Great Britain | 0.6610169491525424 |
RT_GROUP_ICON | 0x119f5c | 0x14 | data | English | Great Britain | 1.25 |
RT_GROUP_ICON | 0x119f70 | 0x14 | data | English | Great Britain | 1.15 |
RT_GROUP_ICON | 0x119f84 | 0x14 | data | English | Great Britain | 1.25 |
RT_VERSION | 0x119f98 | 0xdc | data | English | Great Britain | 0.6181818181818182 |
RT_MANIFEST | 0x11a074 | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
DLL | Import |
---|---|
WSOCK32.dll | gethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect |
VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
MPR.dll | WNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W |
WININET.dll | HttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable |
PSAPI.DLL | GetProcessMemoryInfo |
IPHLPAPI.DLL | IcmpSendEcho, IcmpCloseHandle, IcmpCreateFile |
USERENV.dll | DestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile |
UxTheme.dll | IsThemeActive |
KERNEL32.dll | DuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW |
USER32.dll | GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient |
GDI32.dll | EndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath |
COMDLG32.dll | GetSaveFileNameW, GetOpenFileNameW |
ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW |
SHELL32.dll | DragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW |
ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket |
OLEAUT32.dll | CreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | Great Britain |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 27, 2024 17:41:00.062271118 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Sep 27, 2024 17:41:00.202920914 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Sep 27, 2024 17:41:00.312421083 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Sep 27, 2024 17:41:04.854748964 CEST | 49707 | 443 | 192.168.2.5 | 142.250.185.142 |
Sep 27, 2024 17:41:04.854772091 CEST | 443 | 49707 | 142.250.185.142 | 192.168.2.5 |
Sep 27, 2024 17:41:04.854821920 CEST | 49707 | 443 | 192.168.2.5 | 142.250.185.142 |
Sep 27, 2024 17:41:04.855861902 CEST | 49707 | 443 | 192.168.2.5 | 142.250.185.142 |
Sep 27, 2024 17:41:04.855879068 CEST | 443 | 49707 | 142.250.185.142 | 192.168.2.5 |
Sep 27, 2024 17:41:05.503460884 CEST | 443 | 49707 | 142.250.185.142 | 192.168.2.5 |
Sep 27, 2024 17:41:05.506298065 CEST | 49707 | 443 | 192.168.2.5 | 142.250.185.142 |
Sep 27, 2024 17:41:05.506324053 CEST | 443 | 49707 | 142.250.185.142 | 192.168.2.5 |
Sep 27, 2024 17:41:05.506968021 CEST | 443 | 49707 | 142.250.185.142 | 192.168.2.5 |
Sep 27, 2024 17:41:05.507025957 CEST | 49707 | 443 | 192.168.2.5 | 142.250.185.142 |
Sep 27, 2024 17:41:05.508235931 CEST | 443 | 49707 | 142.250.185.142 | 192.168.2.5 |
Sep 27, 2024 17:41:05.508280993 CEST | 49707 | 443 | 192.168.2.5 | 142.250.185.142 |
Sep 27, 2024 17:41:05.509757042 CEST | 49707 | 443 | 192.168.2.5 | 142.250.185.142 |
Sep 27, 2024 17:41:05.509835005 CEST | 443 | 49707 | 142.250.185.142 | 192.168.2.5 |
Sep 27, 2024 17:41:05.509963989 CEST | 49707 | 443 | 192.168.2.5 | 142.250.185.142 |
Sep 27, 2024 17:41:05.509970903 CEST | 443 | 49707 | 142.250.185.142 | 192.168.2.5 |
Sep 27, 2024 17:41:05.554400921 CEST | 49707 | 443 | 192.168.2.5 | 142.250.185.142 |
Sep 27, 2024 17:41:05.801610947 CEST | 443 | 49707 | 142.250.185.142 | 192.168.2.5 |
Sep 27, 2024 17:41:05.801661015 CEST | 49707 | 443 | 192.168.2.5 | 142.250.185.142 |
Sep 27, 2024 17:41:05.801687956 CEST | 443 | 49707 | 142.250.185.142 | 192.168.2.5 |
Sep 27, 2024 17:41:05.801700115 CEST | 443 | 49707 | 142.250.185.142 | 192.168.2.5 |
Sep 27, 2024 17:41:05.801742077 CEST | 49707 | 443 | 192.168.2.5 | 142.250.185.142 |
Sep 27, 2024 17:41:05.804791927 CEST | 49707 | 443 | 192.168.2.5 | 142.250.185.142 |
Sep 27, 2024 17:41:05.804812908 CEST | 443 | 49707 | 142.250.185.142 | 192.168.2.5 |
Sep 27, 2024 17:41:05.817781925 CEST | 49710 | 443 | 192.168.2.5 | 142.250.186.78 |
Sep 27, 2024 17:41:05.817821980 CEST | 443 | 49710 | 142.250.186.78 | 192.168.2.5 |
Sep 27, 2024 17:41:05.817909002 CEST | 49710 | 443 | 192.168.2.5 | 142.250.186.78 |
Sep 27, 2024 17:41:05.818363905 CEST | 49710 | 443 | 192.168.2.5 | 142.250.186.78 |
Sep 27, 2024 17:41:05.818376064 CEST | 443 | 49710 | 142.250.186.78 | 192.168.2.5 |
Sep 27, 2024 17:41:06.468204021 CEST | 443 | 49710 | 142.250.186.78 | 192.168.2.5 |
Sep 27, 2024 17:41:06.468595982 CEST | 49710 | 443 | 192.168.2.5 | 142.250.186.78 |
Sep 27, 2024 17:41:06.468611002 CEST | 443 | 49710 | 142.250.186.78 | 192.168.2.5 |
Sep 27, 2024 17:41:06.469007015 CEST | 443 | 49710 | 142.250.186.78 | 192.168.2.5 |
Sep 27, 2024 17:41:06.469151974 CEST | 49710 | 443 | 192.168.2.5 | 142.250.186.78 |
Sep 27, 2024 17:41:06.469727993 CEST | 443 | 49710 | 142.250.186.78 | 192.168.2.5 |
Sep 27, 2024 17:41:06.469785929 CEST | 49710 | 443 | 192.168.2.5 | 142.250.186.78 |
Sep 27, 2024 17:41:06.470808029 CEST | 49710 | 443 | 192.168.2.5 | 142.250.186.78 |
Sep 27, 2024 17:41:06.470870018 CEST | 443 | 49710 | 142.250.186.78 | 192.168.2.5 |
Sep 27, 2024 17:41:06.471044064 CEST | 49710 | 443 | 192.168.2.5 | 142.250.186.78 |
Sep 27, 2024 17:41:06.471055031 CEST | 443 | 49710 | 142.250.186.78 | 192.168.2.5 |
Sep 27, 2024 17:41:06.523139954 CEST | 49710 | 443 | 192.168.2.5 | 142.250.186.78 |
Sep 27, 2024 17:41:06.787761927 CEST | 443 | 49710 | 142.250.186.78 | 192.168.2.5 |
Sep 27, 2024 17:41:06.787780046 CEST | 443 | 49710 | 142.250.186.78 | 192.168.2.5 |
Sep 27, 2024 17:41:06.787856102 CEST | 443 | 49710 | 142.250.186.78 | 192.168.2.5 |
Sep 27, 2024 17:41:06.787861109 CEST | 49710 | 443 | 192.168.2.5 | 142.250.186.78 |
Sep 27, 2024 17:41:06.787915945 CEST | 49710 | 443 | 192.168.2.5 | 142.250.186.78 |
Sep 27, 2024 17:41:06.797856092 CEST | 49710 | 443 | 192.168.2.5 | 142.250.186.78 |
Sep 27, 2024 17:41:06.797879934 CEST | 443 | 49710 | 142.250.186.78 | 192.168.2.5 |
Sep 27, 2024 17:41:08.954499960 CEST | 49715 | 443 | 192.168.2.5 | 142.250.184.228 |
Sep 27, 2024 17:41:08.954540968 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:08.954646111 CEST | 49715 | 443 | 192.168.2.5 | 142.250.184.228 |
Sep 27, 2024 17:41:08.954974890 CEST | 49715 | 443 | 192.168.2.5 | 142.250.184.228 |
Sep 27, 2024 17:41:08.954988003 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:09.593636990 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:09.593933105 CEST | 49715 | 443 | 192.168.2.5 | 142.250.184.228 |
Sep 27, 2024 17:41:09.593947887 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:09.595366955 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:09.595436096 CEST | 49715 | 443 | 192.168.2.5 | 142.250.184.228 |
Sep 27, 2024 17:41:09.596450090 CEST | 49715 | 443 | 192.168.2.5 | 142.250.184.228 |
Sep 27, 2024 17:41:09.596529007 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:09.628236055 CEST | 49719 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:09.628305912 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:09.628381014 CEST | 49719 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:09.630011082 CEST | 49719 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:09.630038023 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:09.648027897 CEST | 49715 | 443 | 192.168.2.5 | 142.250.184.228 |
Sep 27, 2024 17:41:09.648039103 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:09.663522005 CEST | 49674 | 443 | 192.168.2.5 | 23.1.237.91 |
Sep 27, 2024 17:41:09.694791079 CEST | 49715 | 443 | 192.168.2.5 | 142.250.184.228 |
Sep 27, 2024 17:41:09.804156065 CEST | 49675 | 443 | 192.168.2.5 | 23.1.237.91 |
Sep 27, 2024 17:41:09.913526058 CEST | 49673 | 443 | 192.168.2.5 | 23.1.237.91 |
Sep 27, 2024 17:41:10.283642054 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:10.283725977 CEST | 49719 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:10.292212009 CEST | 49719 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:10.292248011 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:10.292587996 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:10.337517023 CEST | 49719 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:10.422714949 CEST | 49719 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:10.467408895 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:10.608943939 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:10.609107018 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:10.609155893 CEST | 49719 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:10.609327078 CEST | 49719 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:10.609349966 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:10.609363079 CEST | 49719 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:10.609370947 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:10.641851902 CEST | 49721 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:10.641913891 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:10.642000914 CEST | 49721 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:10.642772913 CEST | 49721 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:10.642791033 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:11.296237946 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:11.296395063 CEST | 49721 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:11.297588110 CEST | 49721 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:11.297595978 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:11.297936916 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:11.301671982 CEST | 49721 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:11.347404957 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:11.470093012 CEST | 443 | 49703 | 23.1.237.91 | 192.168.2.5 |
Sep 27, 2024 17:41:11.470226049 CEST | 49703 | 443 | 192.168.2.5 | 23.1.237.91 |
Sep 27, 2024 17:41:11.573555946 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:11.573718071 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:11.574456930 CEST | 49721 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:11.574527025 CEST | 49721 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:11.574552059 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:11.574583054 CEST | 49721 | 443 | 192.168.2.5 | 184.28.90.27 |
Sep 27, 2024 17:41:11.574588060 CEST | 443 | 49721 | 184.28.90.27 | 192.168.2.5 |
Sep 27, 2024 17:41:13.617917061 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:13.617958069 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:13.618109941 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:13.618402958 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:13.618416071 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.256633997 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.256908894 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.256942987 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.257333994 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.257400990 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.257991076 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.258048058 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.259500027 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.259572983 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.259685993 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.304574013 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.304600000 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.351469994 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.573678017 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.573751926 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.573793888 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.573810101 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.573853016 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.573875904 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.579581022 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.579637051 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.579648018 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.585984945 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.586038113 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.586046934 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.586061954 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.586148977 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.592330933 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.592391014 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.598385096 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.598439932 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.598444939 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.598452091 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.598494053 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.661911011 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.661983013 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.661994934 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.662045956 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.662631035 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.662688017 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.668865919 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.668926001 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.675210953 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.675259113 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.675278902 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.675292969 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.677153111 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.681525946 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.681669950 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.681684971 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.688627958 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.689850092 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.689863920 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.696017981 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.696206093 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.696288109 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.922897100 CEST | 49732 | 443 | 192.168.2.5 | 142.250.184.238 |
Sep 27, 2024 17:41:14.922941923 CEST | 443 | 49732 | 142.250.184.238 | 192.168.2.5 |
Sep 27, 2024 17:41:14.972039938 CEST | 49735 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:14.972145081 CEST | 443 | 49735 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:14.972256899 CEST | 49735 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:14.972995996 CEST | 49735 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:14.973028898 CEST | 443 | 49735 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.056195974 CEST | 49736 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.056247950 CEST | 443 | 49736 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.056341887 CEST | 49736 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.056592941 CEST | 49736 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.056607008 CEST | 443 | 49736 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.613584995 CEST | 443 | 49735 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.615406990 CEST | 49735 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.615439892 CEST | 443 | 49735 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.616029024 CEST | 443 | 49735 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.616209984 CEST | 49735 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.617069960 CEST | 443 | 49735 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.617136955 CEST | 49735 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.618218899 CEST | 49735 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.618357897 CEST | 443 | 49735 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.618500948 CEST | 49735 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.618509054 CEST | 443 | 49735 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.662565947 CEST | 49735 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.711210012 CEST | 443 | 49736 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.711504936 CEST | 49736 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.711534977 CEST | 443 | 49736 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.711838007 CEST | 443 | 49736 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.711891890 CEST | 49736 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.712461948 CEST | 443 | 49736 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.712507010 CEST | 49736 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.712630987 CEST | 49736 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.712682962 CEST | 443 | 49736 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.712960005 CEST | 49736 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.759397984 CEST | 443 | 49736 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.759639025 CEST | 49736 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.759685040 CEST | 443 | 49736 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.814707994 CEST | 49736 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.928852081 CEST | 443 | 49735 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.929341078 CEST | 443 | 49735 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.929399967 CEST | 49735 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.929588079 CEST | 49735 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.929615974 CEST | 443 | 49735 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.929630041 CEST | 49735 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.929661989 CEST | 49735 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.930762053 CEST | 49740 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.930802107 CEST | 443 | 49740 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:15.930869102 CEST | 49740 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.931376934 CEST | 49740 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:15.931395054 CEST | 443 | 49740 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.023045063 CEST | 443 | 49736 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.023690939 CEST | 443 | 49736 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.023747921 CEST | 49736 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.027507067 CEST | 49736 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.027542114 CEST | 443 | 49736 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.028387070 CEST | 49742 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.028453112 CEST | 443 | 49742 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.028517008 CEST | 49742 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.028897047 CEST | 49742 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.028913975 CEST | 443 | 49742 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.563093901 CEST | 443 | 49740 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.563484907 CEST | 49740 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.563519955 CEST | 443 | 49740 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.564052105 CEST | 443 | 49740 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.564130068 CEST | 49740 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.565104008 CEST | 443 | 49740 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.565165043 CEST | 49740 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.565315008 CEST | 49740 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.565399885 CEST | 443 | 49740 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.565483093 CEST | 49740 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.565490961 CEST | 443 | 49740 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.565526962 CEST | 49740 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.607403994 CEST | 443 | 49740 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.617001057 CEST | 49740 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.756623030 CEST | 443 | 49742 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.756943941 CEST | 49742 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.756980896 CEST | 443 | 49742 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.757301092 CEST | 443 | 49742 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.757369041 CEST | 49742 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.757900953 CEST | 443 | 49742 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.757966042 CEST | 49742 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.758100033 CEST | 49742 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.758152008 CEST | 443 | 49742 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.758311987 CEST | 49742 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.758332968 CEST | 443 | 49742 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.758356094 CEST | 49742 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.783097982 CEST | 443 | 49740 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.783298969 CEST | 443 | 49740 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.783366919 CEST | 49740 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.784411907 CEST | 49740 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.784431934 CEST | 443 | 49740 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.803409100 CEST | 443 | 49742 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.804207087 CEST | 49742 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.974915028 CEST | 443 | 49742 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.976208925 CEST | 443 | 49742 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:16.976273060 CEST | 49742 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.976917028 CEST | 49742 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:16.976939917 CEST | 443 | 49742 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:17.264849901 CEST | 49715 | 443 | 192.168.2.5 | 142.250.184.228 |
Sep 27, 2024 17:41:17.307415009 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:17.566297054 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:17.566343069 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:17.566379070 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:17.566379070 CEST | 49715 | 443 | 192.168.2.5 | 142.250.184.228 |
Sep 27, 2024 17:41:17.566401005 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:17.566426039 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:17.566430092 CEST | 49715 | 443 | 192.168.2.5 | 142.250.184.228 |
Sep 27, 2024 17:41:17.566437006 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:17.566462040 CEST | 49715 | 443 | 192.168.2.5 | 142.250.184.228 |
Sep 27, 2024 17:41:17.566559076 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:17.566613913 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:17.566649914 CEST | 49715 | 443 | 192.168.2.5 | 142.250.184.228 |
Sep 27, 2024 17:41:17.567534924 CEST | 49715 | 443 | 192.168.2.5 | 142.250.184.228 |
Sep 27, 2024 17:41:17.567553997 CEST | 443 | 49715 | 142.250.184.228 | 192.168.2.5 |
Sep 27, 2024 17:41:20.488274097 CEST | 49748 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:20.488337994 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:20.488406897 CEST | 49748 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:20.489419937 CEST | 49748 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:20.489437103 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:21.273148060 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:21.273212910 CEST | 49748 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:21.275774002 CEST | 49748 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:21.275798082 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:21.276063919 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:21.319921017 CEST | 49748 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:21.836496115 CEST | 49748 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:21.879414082 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:22.090599060 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:22.090625048 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:22.090631962 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:22.090643883 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:22.090672016 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:22.090671062 CEST | 49748 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:22.090698004 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:22.090698957 CEST | 49748 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:22.090706110 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:22.090722084 CEST | 49748 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:22.090739965 CEST | 49748 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:22.090791941 CEST | 49748 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:22.091320992 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:22.091370106 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:22.091419935 CEST | 49748 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:22.602302074 CEST | 49748 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:22.602345943 CEST | 443 | 49748 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:22.745749950 CEST | 49754 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:22.745810986 CEST | 443 | 49754 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:22.745873928 CEST | 49754 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:22.746334076 CEST | 49754 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:22.746347904 CEST | 443 | 49754 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:23.378042936 CEST | 443 | 49754 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:23.379086018 CEST | 49754 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:23.379115105 CEST | 443 | 49754 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:23.379753113 CEST | 443 | 49754 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:23.380161047 CEST | 49754 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:23.380264044 CEST | 443 | 49754 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:23.380775928 CEST | 49754 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:23.380908966 CEST | 49754 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:23.380914927 CEST | 443 | 49754 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:23.749862909 CEST | 443 | 49754 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:23.751149893 CEST | 443 | 49754 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:23.755152941 CEST | 49754 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:23.756295919 CEST | 49754 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:23.756319046 CEST | 443 | 49754 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:45.120321989 CEST | 49756 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:45.120381117 CEST | 443 | 49756 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:45.120454073 CEST | 49756 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:45.120786905 CEST | 49756 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:45.120809078 CEST | 443 | 49756 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:45.798597097 CEST | 443 | 49756 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:45.798917055 CEST | 49756 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:45.798934937 CEST | 443 | 49756 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:45.799464941 CEST | 443 | 49756 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:45.799909115 CEST | 49756 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:45.799985886 CEST | 443 | 49756 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:45.800136089 CEST | 49756 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:45.800153971 CEST | 49756 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:45.800165892 CEST | 443 | 49756 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:45.979012966 CEST | 49757 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:45.979058027 CEST | 443 | 49757 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:45.979118109 CEST | 49757 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:45.979557991 CEST | 49757 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:45.979569912 CEST | 443 | 49757 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.105267048 CEST | 443 | 49756 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.107095957 CEST | 443 | 49756 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.107198954 CEST | 49756 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.107342005 CEST | 49756 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.107364893 CEST | 443 | 49756 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.228952885 CEST | 49758 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.229062080 CEST | 443 | 49758 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.229146957 CEST | 49758 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.229403019 CEST | 49758 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.229440928 CEST | 443 | 49758 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.666466951 CEST | 443 | 49757 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.666765928 CEST | 49757 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.666831017 CEST | 443 | 49757 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.667992115 CEST | 443 | 49757 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.668356895 CEST | 49757 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.668433905 CEST | 443 | 49757 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.668555975 CEST | 49757 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.668595076 CEST | 49757 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.668606997 CEST | 443 | 49757 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.875096083 CEST | 443 | 49758 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.875416994 CEST | 49758 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.875524998 CEST | 443 | 49758 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.877068996 CEST | 443 | 49758 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.877424955 CEST | 49758 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.877600908 CEST | 443 | 49758 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.877633095 CEST | 49758 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.877648115 CEST | 49758 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.877711058 CEST | 443 | 49758 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.929220915 CEST | 49758 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.992672920 CEST | 443 | 49757 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.992809057 CEST | 443 | 49757 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:46.993201971 CEST | 49757 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.993320942 CEST | 49757 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:46.993349075 CEST | 443 | 49757 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:47.126388073 CEST | 443 | 49758 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:47.127135038 CEST | 443 | 49758 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:47.127233982 CEST | 49758 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:47.127604961 CEST | 49758 | 443 | 192.168.2.5 | 216.58.212.142 |
Sep 27, 2024 17:41:47.127651930 CEST | 443 | 49758 | 216.58.212.142 | 192.168.2.5 |
Sep 27, 2024 17:41:59.066538095 CEST | 49759 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:59.066586018 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:59.066653013 CEST | 49759 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:59.067065954 CEST | 49759 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:59.067076921 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:59.839956999 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:59.840044022 CEST | 49759 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:59.843914986 CEST | 49759 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:59.843971968 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:59.844398975 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:41:59.856476068 CEST | 49759 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:41:59.899410963 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:42:00.160927057 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:42:00.160985947 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:42:00.161030054 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:42:00.161052942 CEST | 49759 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:42:00.161082983 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:42:00.161094904 CEST | 49759 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:42:00.161138058 CEST | 49759 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:42:00.161278009 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:42:00.161329985 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:42:00.161364079 CEST | 49759 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:42:00.161385059 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:42:00.161425114 CEST | 49759 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:42:00.161793947 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:42:00.161849976 CEST | 49759 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:42:00.166140079 CEST | 49759 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:42:00.166157007 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:42:00.166167974 CEST | 49759 | 443 | 192.168.2.5 | 4.245.163.56 |
Sep 27, 2024 17:42:00.166173935 CEST | 443 | 49759 | 4.245.163.56 | 192.168.2.5 |
Sep 27, 2024 17:42:09.004390001 CEST | 49761 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 27, 2024 17:42:09.004497051 CEST | 443 | 49761 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:42:09.004597902 CEST | 49761 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 27, 2024 17:42:09.004925966 CEST | 49761 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 27, 2024 17:42:09.004970074 CEST | 443 | 49761 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:42:09.876224995 CEST | 443 | 49761 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:42:09.876544952 CEST | 49761 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 27, 2024 17:42:09.876626015 CEST | 443 | 49761 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:42:09.877072096 CEST | 443 | 49761 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:42:09.877373934 CEST | 49761 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 27, 2024 17:42:09.877450943 CEST | 443 | 49761 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:42:09.929380894 CEST | 49761 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 27, 2024 17:42:15.347867966 CEST | 49763 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:15.347973108 CEST | 443 | 49763 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:15.348061085 CEST | 49763 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:15.348257065 CEST | 49763 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:15.348292112 CEST | 443 | 49763 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:15.985214949 CEST | 443 | 49763 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:15.985696077 CEST | 49763 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:15.985713005 CEST | 443 | 49763 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:15.986265898 CEST | 443 | 49763 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:15.986695051 CEST | 49763 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:15.986763000 CEST | 443 | 49763 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:15.986891985 CEST | 49763 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:15.986926079 CEST | 49763 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:15.986929893 CEST | 443 | 49763 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:16.391879082 CEST | 443 | 49763 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:16.392011881 CEST | 443 | 49763 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:16.392080069 CEST | 49763 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:16.395379066 CEST | 49763 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:16.395400047 CEST | 443 | 49763 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:16.559820890 CEST | 49765 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:16.559876919 CEST | 443 | 49765 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:16.559942961 CEST | 49765 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:16.560636044 CEST | 49765 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:16.560657978 CEST | 443 | 49765 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:17.375159025 CEST | 443 | 49765 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:17.388499022 CEST | 49765 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:17.388552904 CEST | 443 | 49765 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:17.388988018 CEST | 443 | 49765 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:17.389350891 CEST | 49765 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:17.389421940 CEST | 443 | 49765 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:17.389540911 CEST | 49765 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:17.389576912 CEST | 49765 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:17.389585018 CEST | 443 | 49765 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:17.681071043 CEST | 443 | 49765 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:17.682053089 CEST | 443 | 49765 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:17.682118893 CEST | 49765 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:17.682416916 CEST | 49765 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:17.682452917 CEST | 443 | 49765 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:19.777040958 CEST | 443 | 49761 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:42:19.777232885 CEST | 443 | 49761 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:42:19.777308941 CEST | 49761 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 27, 2024 17:42:32.944530010 CEST | 49761 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 27, 2024 17:42:32.944605112 CEST | 443 | 49761 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:42:46.668231010 CEST | 49767 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:46.668294907 CEST | 443 | 49767 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:46.668405056 CEST | 49767 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:46.669085979 CEST | 49767 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:46.669106960 CEST | 443 | 49767 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:47.425225019 CEST | 443 | 49767 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:47.425605059 CEST | 49767 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:47.425633907 CEST | 443 | 49767 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:47.427858114 CEST | 443 | 49767 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:47.428186893 CEST | 49767 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:47.428349972 CEST | 49767 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:47.428356886 CEST | 443 | 49767 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:47.428378105 CEST | 443 | 49767 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:47.428388119 CEST | 49767 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:47.428472042 CEST | 443 | 49767 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:47.477231026 CEST | 49767 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:47.728216887 CEST | 443 | 49767 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:47.729351044 CEST | 443 | 49767 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:47.729425907 CEST | 49767 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:47.729746103 CEST | 49767 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:47.729763985 CEST | 443 | 49767 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:48.953320980 CEST | 49768 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:48.953371048 CEST | 443 | 49768 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:48.953448057 CEST | 49768 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:48.959816933 CEST | 49768 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:48.959830999 CEST | 443 | 49768 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:49.676621914 CEST | 443 | 49768 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:49.676927090 CEST | 49768 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:49.676944971 CEST | 443 | 49768 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:49.677702904 CEST | 443 | 49768 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:49.678000927 CEST | 49768 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:49.678093910 CEST | 443 | 49768 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:49.678165913 CEST | 49768 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:49.678180933 CEST | 49768 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:49.678222895 CEST | 443 | 49768 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:49.993067026 CEST | 443 | 49768 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:49.993235111 CEST | 443 | 49768 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:42:49.993321896 CEST | 49768 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:49.993897915 CEST | 49768 | 443 | 192.168.2.5 | 142.250.184.206 |
Sep 27, 2024 17:42:49.993912935 CEST | 443 | 49768 | 142.250.184.206 | 192.168.2.5 |
Sep 27, 2024 17:43:09.072247982 CEST | 49769 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 27, 2024 17:43:09.072299004 CEST | 443 | 49769 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:43:09.072396040 CEST | 49769 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 27, 2024 17:43:09.072644949 CEST | 49769 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 27, 2024 17:43:09.072655916 CEST | 443 | 49769 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:43:09.712436914 CEST | 443 | 49769 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:43:09.713010073 CEST | 49769 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 27, 2024 17:43:09.713038921 CEST | 443 | 49769 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:43:09.714113951 CEST | 443 | 49769 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:43:09.714793921 CEST | 49769 | 443 | 192.168.2.5 | 216.58.206.68 |
Sep 27, 2024 17:43:09.714967966 CEST | 443 | 49769 | 216.58.206.68 | 192.168.2.5 |
Sep 27, 2024 17:43:09.757539034 CEST | 49769 | 443 | 192.168.2.5 | 216.58.206.68 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 27, 2024 17:41:04.686877012 CEST | 54343 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 27, 2024 17:41:04.687109947 CEST | 61590 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 27, 2024 17:41:04.693877935 CEST | 53 | 54343 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:04.694531918 CEST | 53 | 61590 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:04.696882010 CEST | 53 | 63605 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:04.698909998 CEST | 53 | 65373 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:05.809922934 CEST | 52296 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 27, 2024 17:41:05.810223103 CEST | 49364 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 27, 2024 17:41:05.817091942 CEST | 53 | 52296 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:05.817238092 CEST | 53 | 49364 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:05.839056015 CEST | 53 | 55184 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:08.945924997 CEST | 58794 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 27, 2024 17:41:08.946063995 CEST | 57314 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 27, 2024 17:41:08.953345060 CEST | 53 | 58794 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:08.953830004 CEST | 53 | 57314 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:09.078593969 CEST | 53 | 58056 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:11.129118919 CEST | 53 | 57596 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:13.607678890 CEST | 53510 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 27, 2024 17:41:13.608694077 CEST | 59836 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 27, 2024 17:41:13.617392063 CEST | 53 | 53510 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:13.617408991 CEST | 53 | 59836 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:14.963090897 CEST | 49554 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 27, 2024 17:41:14.963416100 CEST | 57335 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 27, 2024 17:41:14.970366955 CEST | 53 | 49554 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:14.970396996 CEST | 53 | 57335 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:22.801106930 CEST | 53 | 50553 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:41:41.563698053 CEST | 53 | 49770 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:42:03.938029051 CEST | 53 | 59878 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:42:04.479021072 CEST | 53 | 61878 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:42:08.996789932 CEST | 57908 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 27, 2024 17:42:08.996939898 CEST | 49549 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 27, 2024 17:42:09.003458023 CEST | 53 | 57908 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:42:09.003658056 CEST | 53 | 49549 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:42:12.783947945 CEST | 53 | 60343 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:42:15.340145111 CEST | 56262 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 27, 2024 17:42:15.340286970 CEST | 57204 | 53 | 192.168.2.5 | 1.1.1.1 |
Sep 27, 2024 17:42:15.347212076 CEST | 53 | 56262 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:42:15.347512960 CEST | 53 | 57204 | 1.1.1.1 | 192.168.2.5 |
Sep 27, 2024 17:42:33.005898952 CEST | 53 | 50878 | 1.1.1.1 | 192.168.2.5 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Sep 27, 2024 17:41:04.686877012 CEST | 192.168.2.5 | 1.1.1.1 | 0xe16f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 17:41:04.687109947 CEST | 192.168.2.5 | 1.1.1.1 | 0x65ee | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 17:41:05.809922934 CEST | 192.168.2.5 | 1.1.1.1 | 0xca7a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 17:41:05.810223103 CEST | 192.168.2.5 | 1.1.1.1 | 0xb161 | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 17:41:08.945924997 CEST | 192.168.2.5 | 1.1.1.1 | 0x5ebe | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 17:41:08.946063995 CEST | 192.168.2.5 | 1.1.1.1 | 0x37f | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 17:41:13.607678890 CEST | 192.168.2.5 | 1.1.1.1 | 0xe9a9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 17:41:13.608694077 CEST | 192.168.2.5 | 1.1.1.1 | 0x8134 | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 17:41:14.963090897 CEST | 192.168.2.5 | 1.1.1.1 | 0xfa58 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 17:41:14.963416100 CEST | 192.168.2.5 | 1.1.1.1 | 0x2603 | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 17:42:08.996789932 CEST | 192.168.2.5 | 1.1.1.1 | 0x9428 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 17:42:08.996939898 CEST | 192.168.2.5 | 1.1.1.1 | 0xf22b | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 17:42:15.340145111 CEST | 192.168.2.5 | 1.1.1.1 | 0x595b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 17:42:15.340286970 CEST | 192.168.2.5 | 1.1.1.1 | 0x3630 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Sep 27, 2024 17:41:04.693877935 CEST | 1.1.1.1 | 192.168.2.5 | 0xe16f | No error (0) | 142.250.185.142 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:04.694531918 CEST | 1.1.1.1 | 192.168.2.5 | 0x65ee | No error (0) | 65 | IN (0x0001) | false | |||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 142.250.186.78 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 142.250.74.206 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 216.58.206.46 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 142.250.184.238 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 142.250.186.142 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 142.250.186.110 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 142.250.186.46 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 142.250.181.238 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 172.217.16.142 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 216.58.212.174 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 142.250.185.238 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 172.217.18.14 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 142.250.186.174 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 172.217.16.206 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817091942 CEST | 1.1.1.1 | 192.168.2.5 | 0xca7a | No error (0) | 142.250.184.206 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817238092 CEST | 1.1.1.1 | 192.168.2.5 | 0xb161 | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:05.817238092 CEST | 1.1.1.1 | 192.168.2.5 | 0xb161 | No error (0) | 65 | IN (0x0001) | false | |||
Sep 27, 2024 17:41:08.953345060 CEST | 1.1.1.1 | 192.168.2.5 | 0x5ebe | No error (0) | 142.250.184.228 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:08.953830004 CEST | 1.1.1.1 | 192.168.2.5 | 0x37f | No error (0) | 65 | IN (0x0001) | false | |||
Sep 27, 2024 17:41:13.617392063 CEST | 1.1.1.1 | 192.168.2.5 | 0xe9a9 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:13.617392063 CEST | 1.1.1.1 | 192.168.2.5 | 0xe9a9 | No error (0) | 142.250.184.238 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:13.617408991 CEST | 1.1.1.1 | 192.168.2.5 | 0x8134 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 27, 2024 17:41:14.970366955 CEST | 1.1.1.1 | 192.168.2.5 | 0xfa58 | No error (0) | 216.58.212.142 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:42:09.003458023 CEST | 1.1.1.1 | 192.168.2.5 | 0x9428 | No error (0) | 216.58.206.68 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 17:42:09.003658056 CEST | 1.1.1.1 | 192.168.2.5 | 0xf22b | No error (0) | 65 | IN (0x0001) | false | |||
Sep 27, 2024 17:42:15.347212076 CEST | 1.1.1.1 | 192.168.2.5 | 0x595b | No error (0) | 142.250.184.206 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.5 | 49707 | 142.250.185.142 | 443 | 6048 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-27 15:41:05 UTC | 867 | OUT | |
2024-09-27 15:41:05 UTC | 1726 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.5 | 49710 | 142.250.186.78 | 443 | 6048 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-27 15:41:06 UTC | 885 | OUT | |
2024-09-27 15:41:06 UTC | 2634 | IN |