Edit tour
Windows
Analysis Report
file.exe
Overview
General Information
Detection
Score: | 60 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of debugger detection
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Creates a process in suspended mode (likely to inject code)
Detected potential crypto function
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
Installs a raw input device (often for capturing keystrokes)
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Sample file is different than original file name gathered from version info
Sleep loop found (likely to delay execution)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Classification
- System is w10x64
- file.exe (PID: 7396 cmdline:
"C:\Users\ user\Deskt op\file.ex e" MD5: 4BEF7B2F09CEF526EBCE72FB190173AB) - chrome.exe (PID: 7432 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ki osk https: //youtube. com/accoun t?=https:/ /accounts. google.com /v3/signin /challenge /pwd MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7644 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2116 --fi eld-trial- handle=205 6,i,125134 3323353512 0327,12878 3683609790 07082,2621 44 /prefet ch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7172 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= audio.mojo m.AudioSer vice --lan g=en-US -- service-sa ndbox-type =audio --m ojo-platfo rm-channel -handle=53 24 --field -trial-han dle=2056,i ,125134332 3353512032 7,12878368 3609790070 82,262144 /prefetch: 8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7196 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= video_capt ure.mojom. VideoCaptu reService --lang=en- US --servi ce-sandbox -type=none --mojo-pl atform-cha nnel-handl e=5384 --f ield-trial -handle=20 56,i,12513 4332335351 20327,1287 8368360979 007082,262 144 /prefe tch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_00A0DBBE | |
Source: | Code function: | 0_2_00A168EE | |
Source: | Code function: | 0_2_00A1698F | |
Source: | Code function: | 0_2_00A0D076 | |
Source: | Code function: | 0_2_00A0D3A9 | |
Source: | Code function: | 0_2_00A19642 | |
Source: | Code function: | 0_2_00A1979D | |
Source: | Code function: | 0_2_00A19B2B | |
Source: | Code function: | 0_2_00A15C97 |
Source: | IP Address: |
Source: | JA3 fingerprint: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | Code function: | 0_2_00A1CE44 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_00A1EAFF |
Source: | Code function: | 0_2_00A1ED6A |
Source: | Code function: | 0_2_00A1EAFF |
Source: | Code function: | 0_2_00A0AA57 |
Source: | Binary or memory string: | memstr_d4ad2048-9 |
Source: | Code function: | 0_2_00A39576 |
System Summary |
---|
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | memstr_eee57f89-c | |
Source: | String found in binary or memory: | memstr_6982fb94-8 | |
Source: | String found in binary or memory: | memstr_052e7ac7-d | |
Source: | String found in binary or memory: | memstr_a632c1a3-0 |
Source: | Code function: | 0_2_00A0D5EB |
Source: | Code function: | 0_2_00A01201 |
Source: | Code function: | 0_2_00A0E8F6 |
Source: | Code function: | 0_2_00A12046 | |
Source: | Code function: | 0_2_009A8060 | |
Source: | Code function: | 0_2_00A08298 | |
Source: | Code function: | 0_2_009DE4FF | |
Source: | Code function: | 0_2_009D676B | |
Source: | Code function: | 0_2_00A34873 | |
Source: | Code function: | 0_2_009CCAA0 | |
Source: | Code function: | 0_2_009ACAF0 | |
Source: | Code function: | 0_2_009BCC39 | |
Source: | Code function: | 0_2_009D6DD9 | |
Source: | Code function: | 0_2_009A91C0 | |
Source: | Code function: | 0_2_009BB119 | |
Source: | Code function: | 0_2_009C1394 | |
Source: | Code function: | 0_2_009C1706 | |
Source: | Code function: | 0_2_009C781B | |
Source: | Code function: | 0_2_009C19B0 | |
Source: | Code function: | 0_2_009A7920 | |
Source: | Code function: | 0_2_009B997D | |
Source: | Code function: | 0_2_009C7A4A | |
Source: | Code function: | 0_2_009C7CA7 | |
Source: | Code function: | 0_2_009C1C77 | |
Source: | Code function: | 0_2_009D9EEE | |
Source: | Code function: | 0_2_00A2BE44 | |
Source: | Code function: | 0_2_009C1F32 |
Source: | Code function: | ||
Source: | Code function: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_00A137B5 |
Source: | Code function: | 0_2_00A010BF | |
Source: | Code function: | 0_2_00A016C3 |
Source: | Code function: | 0_2_00A151CD |
Source: | Code function: | 0_2_00A2A67C |
Source: | Code function: | 0_2_00A1648E |
Source: | Code function: | 0_2_009A42A2 |
Source: | Static PE information: |
Source: | File read: | Jump to behavior |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Key value queried: | Jump to behavior |
Source: | Window detected: |
Source: | Static file information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_009A42DE |
Source: | Code function: | 0_2_009C0A89 |
Source: | Code function: | 0_2_009BF98E | |
Source: | Code function: | 0_2_00A31C41 |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Sandbox detection routine: | graph_0-97268 |
Source: | Window / User API: | Jump to behavior |
Source: | API coverage: |
Source: | Thread sleep time: | Jump to behavior |
Source: | Last function: |
Source: | Thread sleep count: | Jump to behavior |
Source: | Code function: | 0_2_00A0DBBE | |
Source: | Code function: | 0_2_00A168EE | |
Source: | Code function: | 0_2_00A1698F | |
Source: | Code function: | 0_2_00A0D076 | |
Source: | Code function: | 0_2_00A0D3A9 | |
Source: | Code function: | 0_2_00A19642 | |
Source: | Code function: | 0_2_00A1979D | |
Source: | Code function: | 0_2_00A19B2B | |
Source: | Code function: | 0_2_00A15C97 |
Source: | Code function: | 0_2_009A42DE |
Source: | Binary or memory string: |
Anti Debugging |
---|
Source: | Debugger detection routine: | graph_0-95913 |
Source: | Code function: | 0_2_00A1EAA2 |
Source: | Code function: | 0_2_009D2622 |
Source: | Code function: | 0_2_009A42DE |
Source: | Code function: | 0_2_009C4CE8 |
Source: | Code function: | 0_2_00A00B62 |
Source: | Code function: | 0_2_009D2622 | |
Source: | Code function: | 0_2_009C083F | |
Source: | Code function: | 0_2_009C09D5 | |
Source: | Code function: | 0_2_009C0C21 |
Source: | Code function: | 0_2_00A01201 |
Source: | Code function: | 0_2_009E2BA5 |
Source: | Code function: | 0_2_00A0B226 |
Source: | Code function: | 0_2_00A222DA |
Source: | Process created: | Jump to behavior |
Source: | Code function: | 0_2_00A00B62 |
Source: | Code function: | 0_2_00A01663 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_009C0698 |
Source: | Code function: | 0_2_00A18195 |
Source: | Code function: | 0_2_009FD27A |
Source: | Code function: | 0_2_009DBB6F |
Source: | Code function: | 0_2_009A42DE |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00A21204 | |
Source: | Code function: | 0_2_00A21806 |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 2 Valid Accounts | 1 Native API | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 1 Disable or Modify Tools | 31 Input Capture | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 2 Valid Accounts | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 31 Input Capture | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 2 Valid Accounts | 2 Obfuscated Files or Information | Security Account Manager | 2 File and Directory Discovery | SMB/Windows Admin Shares | 3 Clipboard Data | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 21 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 15 System Information Discovery | Distributed Component Object Model | Input Capture | 4 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 12 Process Injection | 2 Valid Accounts | LSA Secrets | 221 Security Software Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 22 Virtualization/Sandbox Evasion | Cached Domain Credentials | 22 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 21 Access Token Manipulation | DCSync | 2 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 12 Process Injection | Proc Filesystem | 11 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | HTML Smuggling | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
youtube-ui.l.google.com | 142.250.186.174 | true | false | unknown | |
www3.l.google.com | 142.250.186.110 | true | false | unknown | |
play.google.com | 216.58.206.78 | true | false | unknown | |
www.google.com | 142.250.186.132 | true | false | unknown | |
youtube.com | 142.250.186.46 | true | false | unknown | |
accounts.youtube.com | unknown | unknown | false | unknown | |
www.youtube.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.186.174 | youtube-ui.l.google.com | United States | 15169 | GOOGLEUS | false | |
216.58.206.78 | play.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.186.132 | www.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.186.110 | www3.l.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.184.206 | unknown | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1520802 |
Start date and time: | 2024-09-27 23:13:05 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 47s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 10 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | file.exe |
Detection: | MAL |
Classification: | mal60.evad.winEXE@29/30@14/7 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 172.217.16.195, 142.250.185.206, 108.177.15.84, 34.104.35.123, 142.250.185.195, 142.250.181.234, 142.250.185.170, 142.250.184.234, 216.58.206.74, 142.250.185.234, 142.250.186.170, 172.217.18.10, 172.217.16.202, 142.250.185.202, 142.250.186.106, 142.250.186.74, 142.250.186.42, 216.58.206.42, 172.217.16.138, 216.58.212.170, 142.250.184.202, 172.217.18.106, 216.58.212.138, 172.217.23.106, 142.250.185.74, 142.250.185.138, 142.250.186.138, 142.250.185.106, 93.184.221.240, 192.229.221.95, 172.217.16.131, 142.250.186.46
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, optimizationguide-pa.googleapis.com
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing disassembly code.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: file.exe
⊘No simulations
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | HtmlDropper | Browse | |||
Get hash | malicious | Amadey, Stealc, Vidar | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HtmlDropper | Browse |
| ||
Get hash | malicious | Amadey, Stealc, Vidar | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4071 |
Entropy (8bit): | 5.363129487888587 |
Encrypted: | false |
SSDEEP: | 96:GUpT+TmXtdW1qsHFcn7t7CnyWYvNTcLalw:lpT+qXW1PFcn7tGnyWY1Tk |
MD5: | 5DE1D7CDC36C4E5F382A84353107425E |
SHA1: | AD4BEF49EFF0A9F7EDCED3EF0F5F6B9DE229EB37 |
SHA-256: | 3496137475D197D8FC520B396AA59445D302F0A41C9377A0A3F4523C0EF29DE6 |
SHA-512: | 841D824896F4FCAF5C23BC6CA64064732EBDF392D1ED854E870124D18F3A080AE0B4F63B6FCAF9E913CB3AF70A1832EF693E1F2C25B0F288231A32164557F3C0 |
Malicious: | false |
Reputation: | low |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEH86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFSx2KuJtQynzb5elc5wFf5a1q72w/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=sOXFj,q0xTif,ZZ4WUe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5430 |
Entropy (8bit): | 3.6534652184263736 |
Encrypted: | false |
SSDEEP: | 48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B |
MD5: | F3418A443E7D841097C714D69EC4BCB8 |
SHA1: | 49263695F6B0CDD72F45CF1B775E660FDC36C606 |
SHA-256: | 6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770 |
SHA-512: | 82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563 |
Malicious: | false |
Reputation: | high, very likely benign file |
URL: | https://www.google.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 697906 |
Entropy (8bit): | 5.5934290978859496 |
Encrypted: | false |
SSDEEP: | 6144:TYNlxfbDTYDhzCTNoygVWyJb5em3bL2Mp15gI8seqfh53p+rrvV7i:T25bDTYB+qemD+Nu |
MD5: | 61632AEF1EA70545E53C29AAECC3E178 |
SHA1: | C57350B6801E079DBE60E33C76A5FEC186C2E639 |
SHA-256: | D4E7EE7A1B43DA6177504AF736D09AD589F8278A814C6E95FB5C54ABA2B8A3EE |
SHA-512: | EB5BFEEB5AF44D4B9BAE4611D363BED07601F0871E4B53B4FE4EA8995DA6A43D21E30782010EC3C3A0DC7289557B942CC32850C7068BE818453339279328E08E |
Malicious: | false |
Reputation: | low |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEH86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFSx2KuJtQynzb5elc5wFf5a1q72w/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,XVq9Qb,STuCOe,njlZCf,m9oV,vjKJJ,y5vRwf,iyZMqd,NTMZac,mzzZzc,rCcCxc,vvMGie,K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc,NOeYWe,O6y8ed,L9OGUe,PrPYRd,MpJwZc,qPfo0c,cYShmd,hc6Ubd,Rkm0ef,KUM7Z,oLggrd,inNHtf,L1AAkb,WpP9Yc,lwddkf,gJzDyc,SpsfSb,aC1iue,tUnxGc,aW3pY,ZakeSe,EFQ78c,xQtZb,I6YDgd,zbML3c,zr1jrb,vHEMJe,YHI3We,YTxL4,bSspM,Uas9Hd,zy0vNb,K0PMbc,AvtSve,qmdT9,MY7mZe,xBaz7b,GwYlN,eVCnO,EIOG1e,LDQI" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52280 |
Entropy (8bit): | 7.995413196679271 |
Encrypted: | true |
SSDEEP: | 1536:1rvqtK8DZilXxwJ8mMwAZy7phqsFLdG3B4d:xytBZits8bw4wzbFxG3B4d |
MD5: | F61F0D4D0F968D5BBA39A84C76277E1A |
SHA1: | AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2 |
SHA-256: | 57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC |
SHA-512: | 6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487 |
Malicious: | false |
Reputation: | high, very likely benign file |
URL: | https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5049 |
Entropy (8bit): | 5.317800104741948 |
Encrypted: | false |
SSDEEP: | 96:oHX9gPiPrfnHhsB0TR6kg1oDPJzLmM18Vh1z2fEZ54TZtnqj6w:EtEAr6BmPZtOeEvW/ncP |
MD5: | CE53EF566B68CCF2D62FA044CFB0D138 |
SHA1: | F48EC60289F2B55E8B388601206888F8295B1EB1 |
SHA-256: | E6CC5114D92811D5DE0663266D4B63F367834AFA0FC3BAFA54F707038C59D010 |
SHA-512: | 20B434881DE971E263669E6096C01665D4D35B0FBFF47D312A4A442645EE962A8CE6AD7E68246D4EE9691BD30D9B1DDCF7059226492E1B58CD3191B63B001E4D |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEH86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFSx2KuJtQynzb5elc5wFf5a1q72w/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=wg1P6b" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3471 |
Entropy (8bit): | 5.5174491302699495 |
Encrypted: | false |
SSDEEP: | 96:ojAmjTJ/fJgpIcB7Fd2tilGBEMO/A6VxV08w:vUTJpgDJXM0ApJ |
MD5: | 2D999C87DD54C7FE6400D267C33FBB23 |
SHA1: | 414C3A329C2760325EDBACBD7A221D7F8DBFEEE8 |
SHA-256: | 76D55A1AFC1D39CB04D60EB04E45A538A0E75EE2871561C84CC89B1C13596BCC |
SHA-512: | 72D923BB71DD147139962FF8E2BD0E336E0F6409C212AC2F25387D0F3B4FC9365F5A6D40E2980BB1065534888362C97D6B7663E362D29166B5915D2A9DA7D238 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEH86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,wg1P6b,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFSx2KuJtQynzb5elc5wFf5a1q72w/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22827 |
Entropy (8bit): | 5.420322672717721 |
Encrypted: | false |
SSDEEP: | 384:/jqdWXWfyA20UUjDE8BSUxDJs16KHvSN34kaHaN+587SaXD2mLR0H:/jqdWXAUUjDE84Wi6KPSKjHaN+58+0J2 |
MD5: | 2B29741A316862EE788996DD29116DD5 |
SHA1: | 9D5551916D4452E977C39B8D69CF88DF2AAA462B |
SHA-256: | 62955C853976B722EFBB4C116A10DB3FF54580EDD7495D280177550B8F4289AB |
SHA-512: | 6E37C3258F07F29909763728DADE0CD40A3602D55D9099F78B37756926FCF2A50008B82876B518FEAF3E56617F0F7D1D37A73C346A99A58E6AD8BCD6689E9B15 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEH86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFSx2KuJtQynzb5elc5wFf5a1q72w/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1858 |
Entropy (8bit): | 5.253939888205379 |
Encrypted: | false |
SSDEEP: | 48:o7BNJfeFb8L3A6FHqIy5Z+d70OCzSfvi/3fM/r8ZQzRrw:oFuILhFHrVCz0vLZz9w |
MD5: | 10FF6F99E3228E96AFD6E2C30EF97C0A |
SHA1: | 4AE3DCB8D1F5A0C302D5BAD9DFF5050A7A5E8130 |
SHA-256: | 95E5546E1C7F311D07BB5050CC456A973E43BCC4777BA6014757376016537679 |
SHA-512: | 116C0B1CAC98A27044100005545AB66BE5F4801D75DC259093A9F145B3A4ACD8DC1C360AF525F6DC8421CD54B675A78023D2ED8B57F5946A3969543758C673C9 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEH86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFSx2KuJtQynzb5elc5wFf5a1q72w/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=iAskyc,ziXSP" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1608 |
Entropy (8bit): | 5.280977407061266 |
Encrypted: | false |
SSDEEP: | 48:o7YNJvl3WlENrpB3stYCIgMxILNH/wf7DVTBpdQrw:oApB8iDwYlGw |
MD5: | 4FB66582D37D04933F00E49C2FBA34D4 |
SHA1: | 3DB09C53BBEB1EEB045A001356E498D8EF30915D |
SHA-256: | A97DAC01ABFE3EB75C7C97D504E21BDDDADDB6EBE0B56B6A9A10CD3700CAB41B |
SHA-512: | 2AEB3A6CFFBF6EFA626EBDC9E11ACBAC04BFE986F98FBC050B2501898B289C67D392ED195D16ACC9565EF8784401ADA1E88188CDE3A7AB12D98BB5ED7D8A5711 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEH86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFSx2KuJtQynzb5elc5wFf5a1q72w/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=w9hDv,ZDZcre,A7fCU" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 604377 |
Entropy (8bit): | 5.790228291888412 |
Encrypted: | false |
SSDEEP: | 3072:l0pApkygA62bwwdnO2YflNYhFGOizdGj008PpVVM96C5bMEPQUhts6FV8eKqtVAQ:llgNmwwdnOsF98oNGuQRAYqXsI1x |
MD5: | 286F2996F0ABEBBEBF95F7F14685F8CF |
SHA1: | 8F1D6ECFE1669D6503BA2D78352EB914AF58571A |
SHA-256: | 70E7837B2A17751C0A61DD21B49975DC08D0939A33201D313D0BDF64E6851F9B |
SHA-512: | 8B51E9CB3B075E0203140CD567BB282719CDF10A929482C3804D9873CD5A81E29C3D9546CA0FB93D7B61FCD88C128903CFBDD79DFF34941C177EB4A9B1C4995D |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/am=xIFgKBi2EQjEH86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlGJ4o321hY8zfkESxEyT6FjvlBr8A/m=_b,_tp" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3131 |
Entropy (8bit): | 5.3750044852869046 |
Encrypted: | false |
SSDEEP: | 48:o7zfN/cD498xdg+Y5jNQ8js6npwk0OmNAEZbpMzR4EQBcW5QcHj9KWfGAeFKRrw:oCD9dA5jOEGh+EFqR4rhqUhzff9w |
MD5: | 39693D34EE3D1829DBB1627C4FC6687B |
SHA1: | A03303C2F027F3749B48D5134D1F8FB3E495C6E9 |
SHA-256: | 03B0C1B4E402E0BCF75D530DD9085B25357EEFD09E238453DE1F3A042542C076 |
SHA-512: | AC0749EDC33DA0EC0E40470388DD797B6528AD08B8FAC1C2AC42F85198131052BA1B533E90409D35DA237607E8B07D591FA6BA580B6A90B0D0AB2282A01F7585 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEH86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFSx2KuJtQynzb5elc5wFf5a1q72w/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZwDk9d,RMhBfe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 84 |
Entropy (8bit): | 4.875266466142591 |
Encrypted: | false |
SSDEEP: | 3:DZFJu0+WVTBCq2Bjdw2KsJJuYHSKnZ:lFJuuVTBudw29nu4SKZ |
MD5: | 87B6333E98B7620EA1FF98D1A837A39E |
SHA1: | 105DE6815B0885357DE1414BFC0D77FCC9E924EF |
SHA-256: | DCD3C133C5C40BECD4100BBE6EDAE84C9735E778E4234A5E8395C56FF8A733BA |
SHA-512: | 867D7943D813685FAA76394E53199750C55817E836FD19C933F74D11E9657CE66719A6D6B2E39EE1DE62358BCE364E38A55F4E138DF92337DE6985DDCD5D0994 |
Malicious: | false |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioBw==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 32499 |
Entropy (8bit): | 5.361345284201954 |
Encrypted: | false |
SSDEEP: | 768:mLX1O+aL6fgyIiREM4RKmh90toLoTswtF3ATcbDR6kIsnJd9DPyMv/FI:U2M4oltoLoTswtFoc/tIsnXFLI |
MD5: | D5C3FB8EAE24AB7E40009338B5078496 |
SHA1: | 5638BF5986A6445A88CD79A9B690B744B126BEC2 |
SHA-256: | 597C14D360D690BCFDC2B8D315E6BB8879AEF33DE6C30D274743079BDB63C6B0 |
SHA-512: | 6AE434850D473BEF15AA694AB4862596982CDDA6BD3991991D3ADD8F4A5F61DFBF8756D0DA98B72EF083909D68CF7B6B148A6488E9381F92FBF15CCB20176A0E |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEH86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=_b,_tp/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFSx2KuJtQynzb5elc5wFf5a1q72w/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1460 |
Entropy (8bit): | 5.316515499943097 |
Encrypted: | false |
SSDEEP: | 24:kMYD7DduJqrxsNL90YIzFK/Hb5eNhz1uktdDuvKKKGbLZ99GbSSF/ZR8OkdnprGJ:o7DQJopFN+ASCKKGbF99GbSS3RY7rw |
MD5: | D97AB4594FC610665FF2763A650EE6A8 |
SHA1: | 5C7459CA838D27BE45745571D8D96D156F4B9F8D |
SHA-256: | 767D778369623FD8F5FB98D3BCC3130D05D02CBE0B9B88DD226F43281B14E9AF |
SHA-512: | CE4941B41C3A8CC983C1BBCC87EF682823CB9DB24EA7A570E35BBF832046340D433F7D47211384B61FA38F3527CC35C195A6068CCB24B48E1F492C5B4D4192A1 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEH86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFSx2KuJtQynzb5elc5wFf5a1q72w/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=P6sQOc" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9210 |
Entropy (8bit): | 5.3872171131917925 |
Encrypted: | false |
SSDEEP: | 192:FK/pAzN7GZ068Hqhqu6DQaVapzYjgKItwdiwUsYRTi1j1t9bRl9:FqI7GZ04dRYjghtgisYYbt9ll9 |
MD5: | AB70454DE18E1CE16E61EAC290FC304D |
SHA1: | 68532B5E8B262D7E14B8F4507AA69A61146B3C18 |
SHA-256: | B32D746867CC4FA21FD39437502F401D952D0A3E8DC708DFB7D58B85F256C0F1 |
SHA-512: | A123C517380BEF0B47F23A5A6E1D16650FE39D9C701F9FA5ADD79294973C118E8EA3A7BA32CB63C3DFC0CE0F843FB86BFFCAA2AAE987629E7DFF84F176DEBB98 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEH86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PrPYRd,Rkm0ef,SCuOPb,STuCOe,SpsfSb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,byfTOb,cYShmd,eVCnO,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,qPfo0c,qmdT9,rCcCxc,siKnQd,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlFSx2KuJtQynzb5elc5wFf5a1q72w/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,yRXbo,bTi8wc,ywOR5c,PHUIyb" |
Preview: |
File type: | |
Entropy (8bit): | 7.0367474834889 |
TrID: |
|
File name: | file.exe |
File size: | 1'167'360 bytes |
MD5: | 4bef7b2f09cef526ebce72fb190173ab |
SHA1: | 4342c837573c7eb7823a5f749d2e167c9a1690d4 |
SHA256: | e39b149e059d34e59eb76a80a65b44c952517da99ec78d2bfdefa891abc6db6c |
SHA512: | 27da738577cfe57fba36dbbb74b627917d5a308a7103f765dd0e482654156a579d8550a9f1c89940d5f6860ce26d2454f06b136ca3a51cc9a66415cfd6701170 |
SSDEEP: | 24576:9qDEvCTbMWu7rQYlBQcBiT6rprG8arZ2+b+HdiJUK:9TvC/MTQYxsWR7arZ2+b+HoJU |
TLSH: | 9045CF027391C022FF9B92734F5AF6115BBC69260123E61F13981DBABE701B1563E7A3 |
File Content Preview: | MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z.... |
Icon Hash: | aaf3e3e3938382a0 |
Entrypoint: | 0x420577 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x66F714C1 [Fri Sep 27 20:25:37 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | 948cc502fe9226992dce9417f952fce3 |
Instruction |
---|
call 00007F381CC7E653h |
jmp 00007F381CC7DF5Fh |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007F381CC7E13Dh |
mov dword ptr [esi], 0049FDF0h |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FDF8h |
mov dword ptr [ecx], 0049FDF0h |
ret |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007F381CC7E10Ah |
mov dword ptr [esi], 0049FE0Ch |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FE14h |
mov dword ptr [ecx], 0049FE0Ch |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
and dword ptr [eax], 00000000h |
and dword ptr [eax+04h], 00000000h |
push eax |
mov eax, dword ptr [ebp+08h] |
add eax, 04h |
push eax |
call 00007F381CC80CFDh |
pop ecx |
pop ecx |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
lea eax, dword ptr [ecx+04h] |
mov dword ptr [ecx], 0049FDD0h |
push eax |
call 00007F381CC80D48h |
pop ecx |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
push eax |
call 00007F381CC80D31h |
test byte ptr [ebp+08h], 00000001h |
pop ecx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xc8e64 | 0x17c | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd4000 | 0x46464 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x11b000 | 0x7594 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xb0ff0 | 0x1c | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0xc3400 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xb1010 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x9c000 | 0x894 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x9ab1d | 0x9ac00 | 0a1473f3064dcbc32ef93c5c8a90f3a6 | False | 0.565500681542811 | data | 6.668273581389308 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x9c000 | 0x2fb82 | 0x2fc00 | c9cf2468b60bf4f80f136ed54b3989fb | False | 0.35289185209424084 | data | 5.691811547483722 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xcc000 | 0x706c | 0x4800 | 53b9025d545d65e23295e30afdbd16d9 | False | 0.04356553819444445 | DOS executable (block device driver @\273\) | 0.5846666986982398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0xd4000 | 0x46464 | 0x46600 | 338d803b6b1bf0eb165a2318d70be46d | False | 0.9059655306394316 | data | 7.844921345624461 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0x11b000 | 0x7594 | 0x7600 | c68ee8931a32d45eb82dc450ee40efc3 | False | 0.7628111758474576 | data | 6.7972128181359786 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0xd45a8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
RT_ICON | 0xd46d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
RT_ICON | 0xd47f8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.3885135135135135 |
RT_ICON | 0xd4920 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 0 | English | Great Britain | 0.3333333333333333 |
RT_ICON | 0xd4c08 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 0 | English | Great Britain | 0.5 |
RT_ICON | 0xd4d30 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | English | Great Britain | 0.2835820895522388 |
RT_ICON | 0xd5bd8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | Great Britain | 0.37906137184115524 |
RT_ICON | 0xd6480 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | English | Great Britain | 0.23699421965317918 |
RT_ICON | 0xd69e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | English | Great Britain | 0.13858921161825727 |
RT_ICON | 0xd8f90 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | English | Great Britain | 0.25070356472795496 |
RT_ICON | 0xda038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | Great Britain | 0.3173758865248227 |
RT_MENU | 0xda4a0 | 0x50 | data | English | Great Britain | 0.9 |
RT_STRING | 0xda4f0 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
RT_STRING | 0xdaa84 | 0x68a | data | English | Great Britain | 0.2735961768219833 |
RT_STRING | 0xdb110 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
RT_STRING | 0xdb5a0 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
RT_STRING | 0xdbb9c | 0x65c | data | English | Great Britain | 0.34336609336609336 |
RT_STRING | 0xdc1f8 | 0x466 | data | English | Great Britain | 0.3605683836589698 |
RT_STRING | 0xdc660 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
RT_RCDATA | 0xdc7b8 | 0x3d72c | data | 1.0003416874592757 | ||
RT_GROUP_ICON | 0x119ee4 | 0x76 | data | English | Great Britain | 0.6610169491525424 |
RT_GROUP_ICON | 0x119f5c | 0x14 | data | English | Great Britain | 1.25 |
RT_GROUP_ICON | 0x119f70 | 0x14 | data | English | Great Britain | 1.15 |
RT_GROUP_ICON | 0x119f84 | 0x14 | data | English | Great Britain | 1.25 |
RT_VERSION | 0x119f98 | 0xdc | data | English | Great Britain | 0.6181818181818182 |
RT_MANIFEST | 0x11a074 | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
DLL | Import |
---|---|
WSOCK32.dll | gethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect |
VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
MPR.dll | WNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W |
WININET.dll | HttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable |
PSAPI.DLL | GetProcessMemoryInfo |
IPHLPAPI.DLL | IcmpSendEcho, IcmpCloseHandle, IcmpCreateFile |
USERENV.dll | DestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile |
UxTheme.dll | IsThemeActive |
KERNEL32.dll | DuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW |
USER32.dll | GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient |
GDI32.dll | EndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath |
COMDLG32.dll | GetSaveFileNameW, GetOpenFileNameW |
ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW |
SHELL32.dll | DragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW |
ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket |
OLEAUT32.dll | CreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | Great Britain |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 27, 2024 23:14:00.489164114 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.174 |
Sep 27, 2024 23:14:00.489188910 CEST | 443 | 49736 | 142.250.186.174 | 192.168.2.4 |
Sep 27, 2024 23:14:00.489253998 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.174 |
Sep 27, 2024 23:14:00.489948988 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.174 |
Sep 27, 2024 23:14:00.489959955 CEST | 443 | 49736 | 142.250.186.174 | 192.168.2.4 |
Sep 27, 2024 23:14:01.124627113 CEST | 443 | 49736 | 142.250.186.174 | 192.168.2.4 |
Sep 27, 2024 23:14:01.125039101 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.174 |
Sep 27, 2024 23:14:01.125052929 CEST | 443 | 49736 | 142.250.186.174 | 192.168.2.4 |
Sep 27, 2024 23:14:01.125396013 CEST | 443 | 49736 | 142.250.186.174 | 192.168.2.4 |
Sep 27, 2024 23:14:01.125456095 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.174 |
Sep 27, 2024 23:14:01.125991106 CEST | 443 | 49736 | 142.250.186.174 | 192.168.2.4 |
Sep 27, 2024 23:14:01.126104116 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.174 |
Sep 27, 2024 23:14:01.127114058 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.174 |
Sep 27, 2024 23:14:01.127166033 CEST | 443 | 49736 | 142.250.186.174 | 192.168.2.4 |
Sep 27, 2024 23:14:01.127330065 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.174 |
Sep 27, 2024 23:14:01.127335072 CEST | 443 | 49736 | 142.250.186.174 | 192.168.2.4 |
Sep 27, 2024 23:14:01.179227114 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.174 |
Sep 27, 2024 23:14:01.427561998 CEST | 443 | 49736 | 142.250.186.174 | 192.168.2.4 |
Sep 27, 2024 23:14:01.427638054 CEST | 443 | 49736 | 142.250.186.174 | 192.168.2.4 |
Sep 27, 2024 23:14:01.427676916 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.174 |
Sep 27, 2024 23:14:01.429733992 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.174 |
Sep 27, 2024 23:14:01.429733992 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.174 |
Sep 27, 2024 23:14:01.661241055 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Sep 27, 2024 23:14:01.741105080 CEST | 49736 | 443 | 192.168.2.4 | 142.250.186.174 |
Sep 27, 2024 23:14:01.741121054 CEST | 443 | 49736 | 142.250.186.174 | 192.168.2.4 |
Sep 27, 2024 23:14:03.873248100 CEST | 49741 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:14:03.873306036 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:03.873384953 CEST | 49741 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:14:03.873636961 CEST | 49741 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:14:03.873661041 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:04.016244888 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:04.016273022 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:04.016350031 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:04.018095970 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:04.018121958 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:04.531274080 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:04.531461954 CEST | 49741 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:14:04.531477928 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:04.532948017 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:04.533006907 CEST | 49741 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:14:04.533858061 CEST | 49741 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:14:04.533955097 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:04.583297968 CEST | 49741 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:14:04.583307981 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:04.630179882 CEST | 49741 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:14:04.660387993 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:04.660456896 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:04.663450956 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:04.663461924 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:04.663990974 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:04.701287985 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:04.747416973 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:04.929353952 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:04.929425001 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:04.929476023 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:04.930111885 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:04.930145025 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:04.930170059 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:04.930186987 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:04.966809034 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:04.966854095 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:04.966942072 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:04.967184067 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:04.967200041 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:05.627109051 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:05.627192974 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:05.628437042 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:05.628473997 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:05.628820896 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:05.630172968 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:05.675448895 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:05.907011986 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:05.907077074 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:05.907306910 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:05.908132076 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Sep 27, 2024 23:14:05.908149004 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Sep 27, 2024 23:14:08.274018049 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:08.274086952 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:08.274166107 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:08.274364948 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:08.274401903 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.034440041 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.075588942 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.075937033 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.075973034 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.076662064 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.076736927 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.077662945 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.077737093 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.078668118 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.078757048 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.078887939 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.078907013 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.119378090 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.354038954 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.354099989 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.354140043 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.354162931 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.354211092 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.354240894 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.360212088 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.360289097 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.360313892 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.366569042 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.366605043 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.366642952 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.366664886 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.366722107 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.372756958 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.372832060 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.379785061 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.379857063 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.379875898 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.379934072 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.426079988 CEST | 49760 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:09.426121950 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:09.426191092 CEST | 49760 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:09.427037001 CEST | 49760 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:09.427052975 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:09.440468073 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.440531015 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.440541029 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.440591097 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.440645933 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.443532944 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.443618059 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.449671030 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.449747086 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.449754000 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.449768066 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.449809074 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.455966949 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.456053972 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.462460995 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.462542057 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.462557077 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.468800068 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.468868017 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.468883038 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.473838091 CEST | 49762 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:09.473882914 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:09.474035025 CEST | 49762 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:09.474529028 CEST | 49762 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:09.474558115 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:09.474936962 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.474993944 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.475007057 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.475069046 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:09.475116014 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.475444078 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.110 |
Sep 27, 2024 23:14:09.475466013 CEST | 443 | 49756 | 142.250.186.110 | 192.168.2.4 |
Sep 27, 2024 23:14:10.082997084 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.083168983 CEST | 49760 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.083197117 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.083517075 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.083580971 CEST | 49760 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.084100962 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.084152937 CEST | 49760 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.085020065 CEST | 49760 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.085072994 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.085299969 CEST | 49760 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.085309029 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.102617979 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.102829933 CEST | 49762 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.102878094 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.103468895 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.103540897 CEST | 49762 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.104465961 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.104523897 CEST | 49762 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.104640007 CEST | 49762 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.104726076 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.104765892 CEST | 49762 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.132692099 CEST | 49760 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.148046017 CEST | 49762 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.148060083 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.194252014 CEST | 49762 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.389030933 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.389444113 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.389499903 CEST | 49760 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.389537096 CEST | 49760 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.389558077 CEST | 443 | 49760 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.389570951 CEST | 49760 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.389599085 CEST | 49760 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.390296936 CEST | 49766 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.390400887 CEST | 443 | 49766 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.390477896 CEST | 49766 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.390695095 CEST | 49766 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.390722990 CEST | 443 | 49766 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.412508965 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.413021088 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.413083076 CEST | 49762 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.413083076 CEST | 49762 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.413127899 CEST | 443 | 49762 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.413187027 CEST | 49762 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.413815975 CEST | 49767 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.413839102 CEST | 443 | 49767 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:10.413903952 CEST | 49767 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.414182901 CEST | 49767 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:10.414196014 CEST | 443 | 49767 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.045459032 CEST | 443 | 49766 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.045696020 CEST | 49766 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.045743942 CEST | 443 | 49766 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.046066046 CEST | 443 | 49766 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.046128035 CEST | 49766 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.046649933 CEST | 443 | 49766 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.046710968 CEST | 49766 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.046878099 CEST | 49766 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.046955109 CEST | 443 | 49766 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.047108889 CEST | 49766 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.047132969 CEST | 443 | 49766 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.047172070 CEST | 49766 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.064996004 CEST | 443 | 49767 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.065232992 CEST | 49767 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.065243959 CEST | 443 | 49767 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.065743923 CEST | 443 | 49767 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.065798044 CEST | 49767 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.066767931 CEST | 443 | 49767 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.066817999 CEST | 49767 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.066947937 CEST | 49767 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.067032099 CEST | 443 | 49767 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.067063093 CEST | 49767 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.067085028 CEST | 49767 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.067092896 CEST | 443 | 49767 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.091394901 CEST | 443 | 49766 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.102061987 CEST | 49766 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.116367102 CEST | 49767 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.252166986 CEST | 49741 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:14:11.266499043 CEST | 443 | 49766 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.267474890 CEST | 443 | 49766 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.267537117 CEST | 49766 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.267975092 CEST | 49766 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.268006086 CEST | 443 | 49766 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.285413980 CEST | 443 | 49767 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.286456108 CEST | 443 | 49767 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.286509991 CEST | 49767 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.287245989 CEST | 49767 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:11.287256956 CEST | 443 | 49767 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:11.295430899 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:11.525484085 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:11.525607109 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:11.525665045 CEST | 49741 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:14:11.525680065 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:11.525773048 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:11.525825977 CEST | 49741 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:14:11.525834084 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:11.526077032 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:11.526133060 CEST | 49741 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:14:11.526583910 CEST | 49741 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:14:11.526593924 CEST | 443 | 49741 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:14:14.487775087 CEST | 49772 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:14.487814903 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:14.488033056 CEST | 49772 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:14.489106894 CEST | 49772 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:14.489129066 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:15.094424009 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:15.094495058 CEST | 49772 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:15.098383904 CEST | 49772 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:15.098398924 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:15.098790884 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:15.149255991 CEST | 49772 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:15.896927118 CEST | 49772 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:15.943443060 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:16.091562033 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:16.091583967 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:16.091590881 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:16.091598988 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:16.091629028 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:16.091641903 CEST | 49772 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:16.091660023 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:16.091691017 CEST | 49772 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:16.091706991 CEST | 49772 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:16.094229937 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:16.094290972 CEST | 49772 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:16.094291925 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:16.094338894 CEST | 49772 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:16.746195078 CEST | 49772 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:16.746217012 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:16.746248007 CEST | 49772 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:16.746257067 CEST | 443 | 49772 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:17.383889914 CEST | 49778 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:17.383912086 CEST | 443 | 49778 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:17.383970022 CEST | 49778 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:17.384243011 CEST | 49778 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:17.384252071 CEST | 443 | 49778 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:17.956738949 CEST | 80 | 49723 | 87.248.202.1 | 192.168.2.4 |
Sep 27, 2024 23:14:17.956897974 CEST | 49723 | 80 | 192.168.2.4 | 87.248.202.1 |
Sep 27, 2024 23:14:17.956967115 CEST | 49723 | 80 | 192.168.2.4 | 87.248.202.1 |
Sep 27, 2024 23:14:17.961747885 CEST | 80 | 49723 | 87.248.202.1 | 192.168.2.4 |
Sep 27, 2024 23:14:18.023601055 CEST | 443 | 49778 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:18.023793936 CEST | 49778 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:18.023802042 CEST | 443 | 49778 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:18.024130106 CEST | 443 | 49778 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:18.024404049 CEST | 49778 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:18.024455070 CEST | 443 | 49778 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:18.024534941 CEST | 49778 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:18.024550915 CEST | 49778 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:18.024559021 CEST | 443 | 49778 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:18.351284981 CEST | 443 | 49778 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:18.352044106 CEST | 443 | 49778 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:18.352102995 CEST | 49778 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:18.352832079 CEST | 49778 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:18.352844954 CEST | 443 | 49778 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:33.768527031 CEST | 80 | 49724 | 87.248.202.1 | 192.168.2.4 |
Sep 27, 2024 23:14:33.768626928 CEST | 49724 | 80 | 192.168.2.4 | 87.248.202.1 |
Sep 27, 2024 23:14:33.768683910 CEST | 49724 | 80 | 192.168.2.4 | 87.248.202.1 |
Sep 27, 2024 23:14:33.777904987 CEST | 80 | 49724 | 87.248.202.1 | 192.168.2.4 |
Sep 27, 2024 23:14:33.777971983 CEST | 49724 | 80 | 192.168.2.4 | 87.248.202.1 |
Sep 27, 2024 23:14:33.782681942 CEST | 80 | 49724 | 87.248.202.1 | 192.168.2.4 |
Sep 27, 2024 23:14:40.352241039 CEST | 49780 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:40.352324009 CEST | 443 | 49780 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:40.352406025 CEST | 49780 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:40.352725983 CEST | 49780 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:40.352760077 CEST | 443 | 49780 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:40.885401964 CEST | 49781 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:40.885500908 CEST | 443 | 49781 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:40.885591984 CEST | 49781 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:40.886178017 CEST | 49781 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:40.886210918 CEST | 443 | 49781 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:40.976095915 CEST | 49782 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:40.976134062 CEST | 443 | 49782 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:40.976237059 CEST | 49782 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:40.976547003 CEST | 49782 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:40.976572990 CEST | 443 | 49782 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:40.984302998 CEST | 443 | 49780 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:40.984626055 CEST | 49780 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:40.984672070 CEST | 443 | 49780 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:40.985004902 CEST | 443 | 49780 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:40.985413074 CEST | 49780 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:40.985482931 CEST | 443 | 49780 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:40.985584021 CEST | 49780 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:40.985622883 CEST | 49780 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:40.985635996 CEST | 443 | 49780 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.283173084 CEST | 443 | 49780 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.284034967 CEST | 443 | 49780 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.284109116 CEST | 49780 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.284246922 CEST | 49780 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.284275055 CEST | 443 | 49780 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.520761013 CEST | 443 | 49781 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.521049023 CEST | 49781 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.521107912 CEST | 443 | 49781 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.522309065 CEST | 443 | 49781 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.522908926 CEST | 49781 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.523089886 CEST | 49781 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.523098946 CEST | 443 | 49781 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.523134947 CEST | 49781 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.523191929 CEST | 443 | 49781 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.569952965 CEST | 49781 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.705029964 CEST | 443 | 49782 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.705292940 CEST | 49782 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.705324888 CEST | 443 | 49782 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.705837965 CEST | 443 | 49782 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.705918074 CEST | 49782 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.706835032 CEST | 443 | 49782 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.706904888 CEST | 49782 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.707082987 CEST | 49782 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.707166910 CEST | 443 | 49782 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.707289934 CEST | 49782 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.707312107 CEST | 443 | 49782 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.707353115 CEST | 49782 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.751449108 CEST | 443 | 49782 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.756408930 CEST | 49782 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.820842028 CEST | 443 | 49781 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.821314096 CEST | 443 | 49781 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.821386099 CEST | 49781 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.821743011 CEST | 49781 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.821775913 CEST | 443 | 49781 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.925198078 CEST | 443 | 49782 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.926528931 CEST | 443 | 49782 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:41.926623106 CEST | 49782 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.926754951 CEST | 49782 | 443 | 192.168.2.4 | 216.58.206.78 |
Sep 27, 2024 23:14:41.926793098 CEST | 443 | 49782 | 216.58.206.78 | 192.168.2.4 |
Sep 27, 2024 23:14:53.417201996 CEST | 49783 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:53.417243958 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:53.417320013 CEST | 49783 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:53.417695999 CEST | 49783 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:53.417707920 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:53.995219946 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:53.995414972 CEST | 49783 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:53.998822927 CEST | 49783 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:53.998845100 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:53.999072075 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:54.008057117 CEST | 49783 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:54.055448055 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:54.199309111 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:54.199333906 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:54.199417114 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:54.199515104 CEST | 49783 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:54.199515104 CEST | 49783 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:54.199527025 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:54.199572086 CEST | 49783 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:54.204708099 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:54.204761028 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:54.204782963 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:54.204797029 CEST | 49783 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:54.204829931 CEST | 49783 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:54.204946041 CEST | 49783 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:54.204961061 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:14:54.204973936 CEST | 49783 | 443 | 192.168.2.4 | 20.12.23.50 |
Sep 27, 2024 23:14:54.204977989 CEST | 443 | 49783 | 20.12.23.50 | 192.168.2.4 |
Sep 27, 2024 23:15:03.917059898 CEST | 49785 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:15:03.917165041 CEST | 443 | 49785 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:15:03.917275906 CEST | 49785 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:15:03.917484999 CEST | 49785 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:15:03.917520046 CEST | 443 | 49785 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:15:04.607796907 CEST | 443 | 49785 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:15:04.608100891 CEST | 49785 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:15:04.608133078 CEST | 443 | 49785 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:15:04.608422995 CEST | 443 | 49785 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:15:04.609074116 CEST | 49785 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:15:04.609132051 CEST | 443 | 49785 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:15:04.650428057 CEST | 49785 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:15:11.484237909 CEST | 49787 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:11.484278917 CEST | 443 | 49787 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:11.484344006 CEST | 49787 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:11.484541893 CEST | 49787 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:11.484556913 CEST | 443 | 49787 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:11.554871082 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:11.554919958 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:11.554996014 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:11.555340052 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:11.555354118 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:12.923890114 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:12.926700115 CEST | 443 | 49787 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:12.938611984 CEST | 49787 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:12.938636065 CEST | 443 | 49787 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:12.938812971 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:12.938847065 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:12.939297915 CEST | 443 | 49787 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:12.939306974 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:12.939764023 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:12.939825058 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:12.940351009 CEST | 49787 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:12.940443039 CEST | 443 | 49787 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:12.940680027 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:12.940692902 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:12.940704107 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:12.940830946 CEST | 49787 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:12.940871954 CEST | 49787 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:12.940876961 CEST | 443 | 49787 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:13.229374886 CEST | 443 | 49787 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:13.230142117 CEST | 443 | 49787 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:13.230201960 CEST | 49787 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:13.230443954 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:13.230566978 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:13.230618954 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:13.236320972 CEST | 49787 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:13.236342907 CEST | 443 | 49787 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:13.243401051 CEST | 49788 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:13.243419886 CEST | 443 | 49788 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:14.519593000 CEST | 443 | 49785 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:15:14.519654989 CEST | 443 | 49785 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:15:14.519727945 CEST | 49785 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:15:27.678498983 CEST | 49785 | 443 | 192.168.2.4 | 142.250.186.132 |
Sep 27, 2024 23:15:27.678580046 CEST | 443 | 49785 | 142.250.186.132 | 192.168.2.4 |
Sep 27, 2024 23:15:41.852802038 CEST | 49790 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:41.852847099 CEST | 443 | 49790 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:41.853001118 CEST | 49790 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:41.854289055 CEST | 49790 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:41.854301929 CEST | 443 | 49790 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:42.774885893 CEST | 443 | 49790 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:42.775125027 CEST | 49790 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:42.775140047 CEST | 443 | 49790 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:42.775460958 CEST | 443 | 49790 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:42.775748014 CEST | 49790 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:42.775805950 CEST | 443 | 49790 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:42.775903940 CEST | 49790 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:42.775932074 CEST | 49790 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:42.775938034 CEST | 443 | 49790 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:43.071929932 CEST | 443 | 49790 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:43.072537899 CEST | 443 | 49790 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:43.072698116 CEST | 49790 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:43.072859049 CEST | 49790 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:43.072875977 CEST | 443 | 49790 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:43.645112991 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:43.645163059 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:43.645275116 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:43.645560980 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:43.645572901 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:44.292947054 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:44.293356895 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:44.293369055 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:44.293680906 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:44.293946028 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:44.293997049 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:44.294087887 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:44.294116974 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:44.294152021 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:44.594201088 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:44.599195957 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:15:44.599566936 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:44.600003004 CEST | 49791 | 443 | 192.168.2.4 | 142.250.184.206 |
Sep 27, 2024 23:15:44.600023031 CEST | 443 | 49791 | 142.250.184.206 | 192.168.2.4 |
Sep 27, 2024 23:16:03.984935999 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.68 |
Sep 27, 2024 23:16:03.984977961 CEST | 443 | 49792 | 216.58.206.68 | 192.168.2.4 |
Sep 27, 2024 23:16:03.985039949 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.68 |
Sep 27, 2024 23:16:03.985624075 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.68 |
Sep 27, 2024 23:16:03.985641003 CEST | 443 | 49792 | 216.58.206.68 | 192.168.2.4 |
Sep 27, 2024 23:16:04.639833927 CEST | 443 | 49792 | 216.58.206.68 | 192.168.2.4 |
Sep 27, 2024 23:16:04.643141985 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.68 |
Sep 27, 2024 23:16:04.643162012 CEST | 443 | 49792 | 216.58.206.68 | 192.168.2.4 |
Sep 27, 2024 23:16:04.643450022 CEST | 443 | 49792 | 216.58.206.68 | 192.168.2.4 |
Sep 27, 2024 23:16:04.644051075 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.68 |
Sep 27, 2024 23:16:04.644104004 CEST | 443 | 49792 | 216.58.206.68 | 192.168.2.4 |
Sep 27, 2024 23:16:04.694237947 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.68 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Sep 27, 2024 23:13:59.429455996 CEST | 65343 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 23:13:59.429687023 CEST | 55514 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 23:13:59.436168909 CEST | 53 | 65343 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:13:59.436184883 CEST | 53 | 62244 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:13:59.437110901 CEST | 53 | 55514 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:13:59.484704971 CEST | 53 | 64445 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:00.478316069 CEST | 63360 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 23:14:00.478442907 CEST | 58165 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 23:14:00.487086058 CEST | 53 | 59516 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:00.488405943 CEST | 53 | 63360 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:00.488821983 CEST | 53 | 58165 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:03.865358114 CEST | 58854 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 23:14:03.865483999 CEST | 50204 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 23:14:03.872442007 CEST | 53 | 58854 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:03.872462034 CEST | 53 | 50204 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:05.747524977 CEST | 53 | 53960 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:08.263012886 CEST | 63220 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 23:14:08.263165951 CEST | 63951 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 23:14:08.269917965 CEST | 53 | 63220 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:08.270093918 CEST | 53 | 63951 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:09.405797958 CEST | 61625 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 23:14:09.406982899 CEST | 49619 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 23:14:09.412734985 CEST | 53 | 61625 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:09.413552046 CEST | 53 | 49619 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:11.653940916 CEST | 53 | 60528 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:17.391635895 CEST | 53 | 55706 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:18.637214899 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Sep 27, 2024 23:14:36.140760899 CEST | 53 | 58549 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:58.624062061 CEST | 53 | 62350 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:14:59.159743071 CEST | 53 | 61570 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:15:10.394746065 CEST | 53 | 49687 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:15:11.476869106 CEST | 62431 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 23:15:11.477006912 CEST | 53847 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 23:15:11.483800888 CEST | 53 | 53847 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:15:11.483865023 CEST | 53 | 62431 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:15:27.687520027 CEST | 53 | 55935 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:16:03.975461960 CEST | 49930 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 23:16:03.975601912 CEST | 52938 | 53 | 192.168.2.4 | 1.1.1.1 |
Sep 27, 2024 23:16:03.982264042 CEST | 53 | 49930 | 1.1.1.1 | 192.168.2.4 |
Sep 27, 2024 23:16:03.982295990 CEST | 53 | 52938 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Sep 27, 2024 23:13:59.429455996 CEST | 192.168.2.4 | 1.1.1.1 | 0x6028 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 23:13:59.429687023 CEST | 192.168.2.4 | 1.1.1.1 | 0x2546 | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 23:14:00.478316069 CEST | 192.168.2.4 | 1.1.1.1 | 0x35ff | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 23:14:00.478442907 CEST | 192.168.2.4 | 1.1.1.1 | 0x6707 | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 23:14:03.865358114 CEST | 192.168.2.4 | 1.1.1.1 | 0x691 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 23:14:03.865483999 CEST | 192.168.2.4 | 1.1.1.1 | 0x953b | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 23:14:08.263012886 CEST | 192.168.2.4 | 1.1.1.1 | 0x5a6e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 23:14:08.263165951 CEST | 192.168.2.4 | 1.1.1.1 | 0x3e6e | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 23:14:09.405797958 CEST | 192.168.2.4 | 1.1.1.1 | 0x62b3 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 23:14:09.406982899 CEST | 192.168.2.4 | 1.1.1.1 | 0xa002 | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 23:15:11.476869106 CEST | 192.168.2.4 | 1.1.1.1 | 0x3d89 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 23:15:11.477006912 CEST | 192.168.2.4 | 1.1.1.1 | 0xf52c | Standard query (0) | 65 | IN (0x0001) | false | |
Sep 27, 2024 23:16:03.975461960 CEST | 192.168.2.4 | 1.1.1.1 | 0xf577 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Sep 27, 2024 23:16:03.975601912 CEST | 192.168.2.4 | 1.1.1.1 | 0x1fe5 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Sep 27, 2024 23:13:59.436168909 CEST | 1.1.1.1 | 192.168.2.4 | 0x6028 | No error (0) | 142.250.186.46 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:13:59.437110901 CEST | 1.1.1.1 | 192.168.2.4 | 0x2546 | No error (0) | 65 | IN (0x0001) | false | |||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 142.250.186.174 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 142.250.181.238 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 142.250.185.142 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 142.250.185.238 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 172.217.18.14 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 142.250.185.174 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 216.58.206.46 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 142.250.185.110 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 142.250.185.206 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 172.217.16.206 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 142.250.184.238 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 142.250.184.206 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 142.250.186.110 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 172.217.16.142 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488405943 CEST | 1.1.1.1 | 192.168.2.4 | 0x35ff | No error (0) | 142.250.186.46 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488821983 CEST | 1.1.1.1 | 192.168.2.4 | 0x6707 | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:00.488821983 CEST | 1.1.1.1 | 192.168.2.4 | 0x6707 | No error (0) | 65 | IN (0x0001) | false | |||
Sep 27, 2024 23:14:03.872442007 CEST | 1.1.1.1 | 192.168.2.4 | 0x691 | No error (0) | 142.250.186.132 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:03.872462034 CEST | 1.1.1.1 | 192.168.2.4 | 0x953b | No error (0) | 65 | IN (0x0001) | false | |||
Sep 27, 2024 23:14:08.269917965 CEST | 1.1.1.1 | 192.168.2.4 | 0x5a6e | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:08.269917965 CEST | 1.1.1.1 | 192.168.2.4 | 0x5a6e | No error (0) | 142.250.186.110 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:08.270093918 CEST | 1.1.1.1 | 192.168.2.4 | 0x3e6e | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Sep 27, 2024 23:14:09.412734985 CEST | 1.1.1.1 | 192.168.2.4 | 0x62b3 | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:15:11.483865023 CEST | 1.1.1.1 | 192.168.2.4 | 0x3d89 | No error (0) | 142.250.184.206 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:16:03.982264042 CEST | 1.1.1.1 | 192.168.2.4 | 0xf577 | No error (0) | 216.58.206.68 | A (IP address) | IN (0x0001) | false | ||
Sep 27, 2024 23:16:03.982295990 CEST | 1.1.1.1 | 192.168.2.4 | 0x1fe5 | No error (0) | 65 | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49736 | 142.250.186.174 | 443 | 7644 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-27 21:14:01 UTC | 894 | OUT | |
2024-09-27 21:14:01 UTC | 2530 | IN |