Edit tour
Windows
Analysis Report
file.exe
Overview
General Information
Detection
Score: | 56 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected potential crypto function
Enables debug privileges
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Uses taskkill to terminate processes
Classification
- System is w10x64
- file.exe (PID: 2308 cmdline:
"C:\Users\ user\Deskt op\file.ex e" MD5: B44FE2B76982DAA43A25D6E62203B575) - taskkill.exe (PID: 2256 cmdline:
taskkill / F /IM chro me.exe /T MD5: CA313FD7E6C2A778FFD21CFB5C1C56CD) - conhost.exe (PID: 980 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: 0D698AF330FD17BEE3BF90011D49251D) - chrome.exe (PID: 2132 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ap p="https:/ /youtube.c om/account ?=https:// accounts.g oogle.com/ v3/signin/ challenge/ pwd" --sta rt-fullscr een --no-f irst-run - -disable-s ession-cra shed-bubbl e --disabl e-features =CrashReco very MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 5320 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =1724 --fi eld-trial- handle=201 6,i,125002 4575502999 4399,16919 4997374088 60724,2621 44 --disab le-feature s=CrashRec overy /pre fetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 8024 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= audio.mojo m.AudioSer vice --lan g=en-US -- service-sa ndbox-type =audio --m ojo-platfo rm-channel -handle=53 40 --field -trial-han dle=2016,i ,125002457 5502999439 9,16919499 7374088607 24,262144 --disable- features=C rashRecove ry /prefet ch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 8032 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= video_capt ure.mojom. VideoCaptu reService --lang=en- US --servi ce-sandbox -type=none --mojo-pl atform-cha nnel-handl e=5408 --f ield-trial -handle=20 16,i,12500 2457550299 94399,1691 9499737408 860724,262 144 --disa ble-featur es=CrashRe covery /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
⊘No yara matches
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_0077DBBE | |
Source: | Code function: | 0_2_007868EE | |
Source: | Code function: | 0_2_0078698F | |
Source: | Code function: | 0_2_0077D076 | |
Source: | Code function: | 0_2_0077D3A9 | |
Source: | Code function: | 0_2_00789642 | |
Source: | Code function: | 0_2_0078979D | |
Source: | Code function: | 0_2_00789B2B | |
Source: | Code function: | 0_2_00785C97 |
Source: | IP Address: |
Source: | JA3 fingerprint: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | Code function: | 0_2_0078CE44 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_0078EAFF |
Source: | Code function: | 0_2_0078ED6A |
Source: | Code function: | 0_2_0078EAFF |
Source: | Code function: | 0_2_0077AA57 |
Source: | Code function: | 0_2_007A9576 |
System Summary |
---|
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | memstr_caa448f9-7 | |
Source: | String found in binary or memory: | memstr_1e1ec682-0 | |
Source: | String found in binary or memory: | memstr_30168aa7-c | |
Source: | String found in binary or memory: | memstr_e6296373-d |
Source: | Code function: | 0_2_0077D5EB |
Source: | Code function: | 0_2_00771201 |
Source: | Code function: | 0_2_0077E8F6 |
Source: | Code function: | 0_2_0071BF40 | |
Source: | Code function: | 0_2_00718060 | |
Source: | Code function: | 0_2_00782046 | |
Source: | Code function: | 0_2_00778298 | |
Source: | Code function: | 0_2_0074E4FF | |
Source: | Code function: | 0_2_0074676B | |
Source: | Code function: | 0_2_007A4873 | |
Source: | Code function: | 0_2_0071CAF0 | |
Source: | Code function: | 0_2_0073CAA0 | |
Source: | Code function: | 0_2_0072CC39 | |
Source: | Code function: | 0_2_00746DD9 | |
Source: | Code function: | 0_2_0072B119 | |
Source: | Code function: | 0_2_007191C0 | |
Source: | Code function: | 0_2_00731394 | |
Source: | Code function: | 0_2_00731706 | |
Source: | Code function: | 0_2_0073781B | |
Source: | Code function: | 0_2_0072997D | |
Source: | Code function: | 0_2_00717920 | |
Source: | Code function: | 0_2_007319B0 | |
Source: | Code function: | 0_2_00737A4A | |
Source: | Code function: | 0_2_00731C77 | |
Source: | Code function: | 0_2_00737CA7 | |
Source: | Code function: | 0_2_0079BE44 | |
Source: | Code function: | 0_2_00749EEE | |
Source: | Code function: | 0_2_00731F32 |
Source: | Code function: | ||
Source: | Code function: |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_007837B5 |
Source: | Code function: | 0_2_007710BF | |
Source: | Code function: | 0_2_007716C3 |
Source: | Code function: | 0_2_007851CD |
Source: | Code function: | 0_2_0077D4DC |
Source: | Code function: | 0_2_0078648E |
Source: | Code function: | 0_2_007142A2 |
Source: | Mutant created: |
Source: | Static PE information: |
Source: | WMI Queries: |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Window detected: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_007142DE |
Source: | Code function: | 0_2_00730A89 |
Source: | Code function: | 0_2_0072F98E | |
Source: | Code function: | 0_2_007A1C41 |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Sandbox detection routine: | graph_0-95650 |
Source: | API coverage: |
Source: | Last function: |
Source: | Code function: | 0_2_0077DBBE | |
Source: | Code function: | 0_2_007868EE | |
Source: | Code function: | 0_2_0078698F | |
Source: | Code function: | 0_2_0077D076 | |
Source: | Code function: | 0_2_0077D3A9 | |
Source: | Code function: | 0_2_00789642 | |
Source: | Code function: | 0_2_0078979D | |
Source: | Code function: | 0_2_00789B2B | |
Source: | Code function: | 0_2_00785C97 |
Source: | Code function: | 0_2_007142DE |
Source: | Process information queried: | Jump to behavior |
Source: | Code function: | 0_2_0078EAA2 |
Source: | Code function: | 0_2_00742622 |
Source: | Code function: | 0_2_007142DE |
Source: | Code function: | 0_2_00734CE8 |
Source: | Code function: | 0_2_00770B62 |
Source: | Process token adjusted: | Jump to behavior |
Source: | Code function: | 0_2_00742622 | |
Source: | Code function: | 0_2_0073083F | |
Source: | Code function: | 0_2_007309D5 | |
Source: | Code function: | 0_2_00730C21 |
Source: | Code function: | 0_2_00771201 |
Source: | Code function: | 0_2_00752BA5 |
Source: | Code function: | 0_2_0077B226 |
Source: | Code function: | 0_2_007922DA |
Source: | Process created: | Jump to behavior |
Source: | Code function: | 0_2_00770B62 |
Source: | Code function: | 0_2_00771663 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00730698 |
Source: | Code function: | 0_2_00788195 |
Source: | Code function: | 0_2_0076D27A |
Source: | Code function: | 0_2_0074BB6F |
Source: | Code function: | 0_2_007142DE |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00791204 | |
Source: | Code function: | 0_2_00791806 |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 2 Valid Accounts | 1 Windows Management Instrumentation | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 2 Disable or Modify Tools | 21 Input Capture | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | 1 Native API | 2 Valid Accounts | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 21 Input Capture | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 2 Valid Accounts | 2 Obfuscated Files or Information | Security Account Manager | 1 File and Directory Discovery | SMB/Windows Admin Shares | 3 Clipboard Data | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 21 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 16 System Information Discovery | Distributed Component Object Model | Input Capture | 4 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 2 Process Injection | 2 Valid Accounts | LSA Secrets | 12 Security Software Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 Virtualization/Sandbox Evasion | Cached Domain Credentials | 1 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 21 Access Token Manipulation | DCSync | 3 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 2 Process Injection | Proc Filesystem | 1 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | HTML Smuggling | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
youtube-ui.l.google.com | 142.250.185.174 | true | false | unknown | |
www3.l.google.com | 172.217.18.14 | true | false | unknown | |
play.google.com | 142.250.186.110 | true | false | unknown | |
www.google.com | 142.250.185.132 | true | false | unknown | |
youtube.com | 216.58.206.46 | true | false | unknown | |
accounts.youtube.com | unknown | unknown | false | unknown | |
www.youtube.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
172.217.18.14 | www3.l.google.com | United States | 15169 | GOOGLEUS | false | |
216.58.206.78 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.185.132 | www.google.com | United States | 15169 | GOOGLEUS | false | |
216.58.206.46 | youtube.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.185.174 | youtube-ui.l.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.186.110 | play.google.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1523046 |
Start date and time: | 2024-10-01 00:50:05 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 46s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 13 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | file.exe |
Detection: | MAL |
Classification: | mal56.evad.winEXE@34/30@12/8 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 172.217.18.3, 142.250.184.238, 74.125.133.84, 34.104.35.123, 216.58.206.67, 172.217.16.195, 142.250.185.138, 142.250.186.74, 142.250.184.202, 142.250.185.234, 142.250.184.234, 142.250.186.138, 142.250.185.170, 142.250.185.106, 142.250.185.202, 172.217.18.10, 172.217.23.106, 142.250.186.42, 172.217.16.202, 142.250.186.106, 216.58.206.74, 142.250.185.74, 172.217.18.106, 142.250.74.202, 199.232.214.172, 192.229.221.95, 142.250.181.227, 142.251.168.84, 142.250.181.238
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, optimizationguide-pa.googleapis.com
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing disassembly code.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: file.exe
⊘No simulations
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse |
⊘No context
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5049 |
Entropy (8bit): | 5.317800104741948 |
Encrypted: | false |
SSDEEP: | 96:oHX9gPiPrfnHhsB0TR6kg1oDPJzLmM18Vh1z2fEZ54TZtnqj6w:EtEAr6BmPZtOeEvW/ncP |
MD5: | CE53EF566B68CCF2D62FA044CFB0D138 |
SHA1: | F48EC60289F2B55E8B388601206888F8295B1EB1 |
SHA-256: | E6CC5114D92811D5DE0663266D4B63F367834AFA0FC3BAFA54F707038C59D010 |
SHA-512: | 20B434881DE971E263669E6096C01665D4D35B0FBFF47D312A4A442645EE962A8CE6AD7E68246D4EE9691BD30D9B1DDCF7059226492E1B58CD3191B63B001E4D |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=wg1P6b" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 697429 |
Entropy (8bit): | 5.593310312179182 |
Encrypted: | false |
SSDEEP: | 6144:TYNlxfbDTYDhzCTNoygVWyJb5eGpbL2Mp15gI8seqfh53p+rrvV7i:T25bDTYB+qeGB+Nu |
MD5: | 92F0F5E28355D863ACB77313F1E675DE |
SHA1: | 8AD6F9B535D5B8952A4ADCCC57E4A4E0723F1E8D |
SHA-256: | F903AE346609A2872554A3D8FFBDB1836CB5C8B7AAAED4C3F8296B887E03D833 |
SHA-512: | 0C81A6CD850C6ACDBE9CCCBA00BBA34CDE1E09E8572814AE8E55DBED3C2B56F0B020359841F8217843B3403847DF46FA1C82229684F762A73C8110CE45898DAF |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,XVq9Qb,STuCOe,njlZCf,m9oV,vjKJJ,y5vRwf,iyZMqd,NTMZac,mzzZzc,rCcCxc,vvMGie,K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc,NOeYWe,O6y8ed,L9OGUe,PrPYRd,MpJwZc,qPfo0c,cYShmd,hc6Ubd,Rkm0ef,KUM7Z,oLggrd,inNHtf,L1AAkb,WpP9Yc,lwddkf,gJzDyc,SpsfSb,aC1iue,tUnxGc,aW3pY,ZakeSe,EFQ78c,xQtZb,I6YDgd,zbML3c,zr1jrb,vHEMJe,YHI3We,YTxL4,bSspM,Uas9Hd,zy0vNb,K0PMbc,AvtSve,qmdT9,MY7mZe,xBaz7b,GwYlN,eVCnO,EIOG1e,LDQI" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1858 |
Entropy (8bit): | 5.253939888205379 |
Encrypted: | false |
SSDEEP: | 48:o7BNJfeFb8L3A6FHqIy5Z+d70OCzSfvi/3fM/r8ZQzRrw:oFuILhFHrVCz0vLZz9w |
MD5: | 10FF6F99E3228E96AFD6E2C30EF97C0A |
SHA1: | 4AE3DCB8D1F5A0C302D5BAD9DFF5050A7A5E8130 |
SHA-256: | 95E5546E1C7F311D07BB5050CC456A973E43BCC4777BA6014757376016537679 |
SHA-512: | 116C0B1CAC98A27044100005545AB66BE5F4801D75DC259093A9F145B3A4ACD8DC1C360AF525F6DC8421CD54B675A78023D2ED8B57F5946A3969543758C673C9 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=iAskyc,ziXSP" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22827 |
Entropy (8bit): | 5.420322672717721 |
Encrypted: | false |
SSDEEP: | 384:/jqdWXWfyA20UUjDE8BSUxDJs16KHvSN34kaHaN+587SaXD2mLR0H:/jqdWXAUUjDE84Wi6KPSKjHaN+58+0J2 |
MD5: | 2B29741A316862EE788996DD29116DD5 |
SHA1: | 9D5551916D4452E977C39B8D69CF88DF2AAA462B |
SHA-256: | 62955C853976B722EFBB4C116A10DB3FF54580EDD7495D280177550B8F4289AB |
SHA-512: | 6E37C3258F07F29909763728DADE0CD40A3602D55D9099F78B37756926FCF2A50008B82876B518FEAF3E56617F0F7D1D37A73C346A99A58E6AD8BCD6689E9B15 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4070 |
Entropy (8bit): | 5.362700670482359 |
Encrypted: | false |
SSDEEP: | 96:GUpT+TmXtdW1qsHFcn7t7CnyWYvNTcLaQOw:lpT+qXW1PFcn7tGnyWY1TGb |
MD5: | ED368A20CB303C0E7C6A3E6E43C2E14F |
SHA1: | 429A5C538B45221F80405163D1F87912DD73C05A |
SHA-256: | 93BA77AD4B11E0A70C0D36576F0DF24E27F50001EA02BAA6D357E034532D97F2 |
SHA-512: | DE74BBADE910475DD245FFEFD4E1FD10137DE710B1C920D33BA52554911496E1339EF3C1F6D9D315CBC98A60ABE5687A3E7D8BEE483708E18D25722E794BDBE9 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=sOXFj,q0xTif,ZZ4WUe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5430 |
Entropy (8bit): | 3.6534652184263736 |
Encrypted: | false |
SSDEEP: | 48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B |
MD5: | F3418A443E7D841097C714D69EC4BCB8 |
SHA1: | 49263695F6B0CDD72F45CF1B775E660FDC36C606 |
SHA-256: | 6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770 |
SHA-512: | 82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563 |
Malicious: | false |
URL: | https://www.google.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 603951 |
Entropy (8bit): | 5.789948381047936 |
Encrypted: | false |
SSDEEP: | 3072:W0pApkygA62bwwdnO2YflNYhFGOizdGj008PpVVM96C5bMEPQUhts6FV8eKqtVAT:WlgNmwwdnOsF98oNGuQRAYqXsI1+ |
MD5: | A97373CC3F8795654F3C8C6B57066AE7 |
SHA1: | F7BECFDDE230EF537E8745B598DCED737C490C3C |
SHA-256: | A1B0568D555DC4B4AF4CC5A6C41E838B702816445C04FF002C8A13058387F311 |
SHA-512: | 47C76D26F4F9F206F93186800E06D3DBE1FDD0A1BA23FB9A3556390DE7F86C1FFB2C78FE307FB944C690475BFBAE9738C38233E00FDDFA9775A3B2030081D7F1 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlEQAz5EZnBR6fK6LIn1v8ILsATM3g/m=_b,_tp" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9210 |
Entropy (8bit): | 5.3872171131917925 |
Encrypted: | false |
SSDEEP: | 192:FK/pAzN7GZ068Hqhqu6DQaVapzYjgKItwdiwUsYRTi1j1t9bRl9:FqI7GZ04dRYjghtgisYYbt9ll9 |
MD5: | AB70454DE18E1CE16E61EAC290FC304D |
SHA1: | 68532B5E8B262D7E14B8F4507AA69A61146B3C18 |
SHA-256: | B32D746867CC4FA21FD39437502F401D952D0A3E8DC708DFB7D58B85F256C0F1 |
SHA-512: | A123C517380BEF0B47F23A5A6E1D16650FE39D9C701F9FA5ADD79294973C118E8EA3A7BA32CB63C3DFC0CE0F843FB86BFFCAA2AAE987629E7DFF84F176DEBB98 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PrPYRd,Rkm0ef,SCuOPb,STuCOe,SpsfSb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,byfTOb,cYShmd,eVCnO,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,qPfo0c,qmdT9,rCcCxc,siKnQd,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,yRXbo,bTi8wc,ywOR5c,PHUIyb" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52280 |
Entropy (8bit): | 7.995413196679271 |
Encrypted: | true |
SSDEEP: | 1536:1rvqtK8DZilXxwJ8mMwAZy7phqsFLdG3B4d:xytBZits8bw4wzbFxG3B4d |
MD5: | F61F0D4D0F968D5BBA39A84C76277E1A |
SHA1: | AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2 |
SHA-256: | 57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC |
SHA-512: | 6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487 |
Malicious: | false |
URL: | https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 32499 |
Entropy (8bit): | 5.361345284201954 |
Encrypted: | false |
SSDEEP: | 768:mLX1O+aL6fgyIiREM4RKmh90toLoTswtF3ATcbDR6kIsnJd9DPyMv/FI:U2M4oltoLoTswtFoc/tIsnXFLI |
MD5: | D5C3FB8EAE24AB7E40009338B5078496 |
SHA1: | 5638BF5986A6445A88CD79A9B690B744B126BEC2 |
SHA-256: | 597C14D360D690BCFDC2B8D315E6BB8879AEF33DE6C30D274743079BDB63C6B0 |
SHA-512: | 6AE434850D473BEF15AA694AB4862596982CDDA6BD3991991D3ADD8F4A5F61DFBF8756D0DA98B72EF083909D68CF7B6B148A6488E9381F92FBF15CCB20176A0E |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=_b,_tp/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3131 |
Entropy (8bit): | 5.3750044852869046 |
Encrypted: | false |
SSDEEP: | 48:o7zfN/cD498xdg+Y5jNQ8js6npwk0OmNAEZbpMzR4EQBcW5QcHj9KWfGAeFKRrw:oCD9dA5jOEGh+EFqR4rhqUhzff9w |
MD5: | 39693D34EE3D1829DBB1627C4FC6687B |
SHA1: | A03303C2F027F3749B48D5134D1F8FB3E495C6E9 |
SHA-256: | 03B0C1B4E402E0BCF75D530DD9085B25357EEFD09E238453DE1F3A042542C076 |
SHA-512: | AC0749EDC33DA0EC0E40470388DD797B6528AD08B8FAC1C2AC42F85198131052BA1B533E90409D35DA237607E8B07D591FA6BA580B6A90B0D0AB2282A01F7585 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZwDk9d,RMhBfe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3471 |
Entropy (8bit): | 5.5174491302699495 |
Encrypted: | false |
SSDEEP: | 96:ojAmjTJ/fJgpIcB7Fd2tilGBEMO/A6VxV08w:vUTJpgDJXM0ApJ |
MD5: | 2D999C87DD54C7FE6400D267C33FBB23 |
SHA1: | 414C3A329C2760325EDBACBD7A221D7F8DBFEEE8 |
SHA-256: | 76D55A1AFC1D39CB04D60EB04E45A538A0E75EE2871561C84CC89B1C13596BCC |
SHA-512: | 72D923BB71DD147139962FF8E2BD0E336E0F6409C212AC2F25387D0F3B4FC9365F5A6D40E2980BB1065534888362C97D6B7663E362D29166B5915D2A9DA7D238 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,wg1P6b,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1608 |
Entropy (8bit): | 5.280977407061266 |
Encrypted: | false |
SSDEEP: | 48:o7YNJvl3WlENrpB3stYCIgMxILNH/wf7DVTBpdQrw:oApB8iDwYlGw |
MD5: | 4FB66582D37D04933F00E49C2FBA34D4 |
SHA1: | 3DB09C53BBEB1EEB045A001356E498D8EF30915D |
SHA-256: | A97DAC01ABFE3EB75C7C97D504E21BDDDADDB6EBE0B56B6A9A10CD3700CAB41B |
SHA-512: | 2AEB3A6CFFBF6EFA626EBDC9E11ACBAC04BFE986F98FBC050B2501898B289C67D392ED195D16ACC9565EF8784401ADA1E88188CDE3A7AB12D98BB5ED7D8A5711 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=w9hDv,ZDZcre,A7fCU" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 84 |
Entropy (8bit): | 4.875266466142591 |
Encrypted: | false |
SSDEEP: | 3:DZFJu0+WVTBCq2Bjdw2KsJJuYHSKnZ:lFJuuVTBudw29nu4SKZ |
MD5: | 87B6333E98B7620EA1FF98D1A837A39E |
SHA1: | 105DE6815B0885357DE1414BFC0D77FCC9E924EF |
SHA-256: | DCD3C133C5C40BECD4100BBE6EDAE84C9735E778E4234A5E8395C56FF8A733BA |
SHA-512: | 867D7943D813685FAA76394E53199750C55817E836FD19C933F74D11E9657CE66719A6D6B2E39EE1DE62358BCE364E38A55F4E138DF92337DE6985DDCD5D0994 |
Malicious: | false |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioBw==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1460 |
Entropy (8bit): | 5.316515499943097 |
Encrypted: | false |
SSDEEP: | 24:kMYD7DduJqrxsNL90YIzFK/Hb5eNhz1uktdDuvKKKGbLZ99GbSSF/ZR8OkdnprGJ:o7DQJopFN+ASCKKGbF99GbSS3RY7rw |
MD5: | D97AB4594FC610665FF2763A650EE6A8 |
SHA1: | 5C7459CA838D27BE45745571D8D96D156F4B9F8D |
SHA-256: | 767D778369623FD8F5FB98D3BCC3130D05D02CBE0B9B88DD226F43281B14E9AF |
SHA-512: | CE4941B41C3A8CC983C1BBCC87EF682823CB9DB24EA7A570E35BBF832046340D433F7D47211384B61FA38F3527CC35C195A6068CCB24B48E1F492C5B4D4192A1 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBi2EQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlHcuwDoV1_a7sThPZwbu2Ah9zAL5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=P6sQOc" |
Preview: |
File type: | |
Entropy (8bit): | 6.579771785034168 |
TrID: |
|
File name: | file.exe |
File size: | 917'504 bytes |
MD5: | b44fe2b76982daa43a25d6e62203b575 |
SHA1: | e1477346b672f5085ba1834a83bd115749b64570 |
SHA256: | 92a682ac0279afe087f60cc9ff8664c88fc5c60c82456f904a96139cd2e34d8a |
SHA512: | c7d677fb435e9f9cb88290a270dd13f12e4cd370308f6264de1c6ca9e76098bc57507d3a4385830d7cdba965199500d352319d50be03004dd2901866ceecbb64 |
SSDEEP: | 12288:TqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDga9TQ:TqDEvCTbMWu7rQYlBQcBiT6rprG8a5Q |
TLSH: | 2C159E0273D1C062FFAB92334B5AF6515BBC69260123E61F13981DB9BE701B1563E7A3 |
File Content Preview: | MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z.... |
Icon Hash: | aaf3e3e3938382a0 |
Entrypoint: | 0x420577 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x66FB2AED [Mon Sep 30 22:49:17 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | 948cc502fe9226992dce9417f952fce3 |
Instruction |
---|
call 00007FF3690E8963h |
jmp 00007FF3690E826Fh |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007FF3690E844Dh |
mov dword ptr [esi], 0049FDF0h |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FDF8h |
mov dword ptr [ecx], 0049FDF0h |
ret |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007FF3690E841Ah |
mov dword ptr [esi], 0049FE0Ch |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FE14h |
mov dword ptr [ecx], 0049FE0Ch |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
and dword ptr [eax], 00000000h |
and dword ptr [eax+04h], 00000000h |
push eax |
mov eax, dword ptr [ebp+08h] |
add eax, 04h |
push eax |
call 00007FF3690EB00Dh |
pop ecx |
pop ecx |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
lea eax, dword ptr [ecx+04h] |
mov dword ptr [ecx], 0049FDD0h |
push eax |
call 00007FF3690EB058h |
pop ecx |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
push eax |
call 00007FF3690EB041h |
test byte ptr [ebp+08h], 00000001h |
pop ecx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xc8e64 | 0x17c | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd4000 | 0x956c | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xde000 | 0x7594 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xb0ff0 | 0x1c | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0xc3400 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xb1010 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x9c000 | 0x894 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x9ab1d | 0x9ac00 | 0a1473f3064dcbc32ef93c5c8a90f3a6 | False | 0.565500681542811 | data | 6.668273581389308 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x9c000 | 0x2fb82 | 0x2fc00 | c9cf2468b60bf4f80f136ed54b3989fb | False | 0.35289185209424084 | data | 5.691811547483722 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xcc000 | 0x706c | 0x4800 | 53b9025d545d65e23295e30afdbd16d9 | False | 0.04356553819444445 | DOS executable (block device driver @\273\) | 0.5846666986982398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0xd4000 | 0x956c | 0x9600 | e185343aac492df4db0b3173396e1d63 | False | 0.28453125 | data | 5.166143566325022 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0xde000 | 0x7594 | 0x7600 | c68ee8931a32d45eb82dc450ee40efc3 | False | 0.7628111758474576 | data | 6.7972128181359786 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0xd45a8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
RT_ICON | 0xd46d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
RT_ICON | 0xd47f8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.3885135135135135 |
RT_ICON | 0xd4920 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 0 | English | Great Britain | 0.3333333333333333 |
RT_ICON | 0xd4c08 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 0 | English | Great Britain | 0.5 |
RT_ICON | 0xd4d30 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | English | Great Britain | 0.2835820895522388 |
RT_ICON | 0xd5bd8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | Great Britain | 0.37906137184115524 |
RT_ICON | 0xd6480 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | English | Great Britain | 0.23699421965317918 |
RT_ICON | 0xd69e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | English | Great Britain | 0.13858921161825727 |
RT_ICON | 0xd8f90 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | English | Great Britain | 0.25070356472795496 |
RT_ICON | 0xda038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | Great Britain | 0.3173758865248227 |
RT_MENU | 0xda4a0 | 0x50 | data | English | Great Britain | 0.9 |
RT_STRING | 0xda4f0 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
RT_STRING | 0xdaa84 | 0x68a | data | English | Great Britain | 0.2735961768219833 |
RT_STRING | 0xdb110 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
RT_STRING | 0xdb5a0 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
RT_STRING | 0xdbb9c | 0x65c | data | English | Great Britain | 0.34336609336609336 |
RT_STRING | 0xdc1f8 | 0x466 | data | English | Great Britain | 0.3605683836589698 |
RT_STRING | 0xdc660 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
RT_RCDATA | 0xdc7b8 | 0x834 | data | 1.0052380952380953 | ||
RT_GROUP_ICON | 0xdcfec | 0x76 | data | English | Great Britain | 0.6610169491525424 |
RT_GROUP_ICON | 0xdd064 | 0x14 | data | English | Great Britain | 1.25 |
RT_GROUP_ICON | 0xdd078 | 0x14 | data | English | Great Britain | 1.15 |
RT_GROUP_ICON | 0xdd08c | 0x14 | data | English | Great Britain | 1.25 |
RT_VERSION | 0xdd0a0 | 0xdc | data | English | Great Britain | 0.6181818181818182 |
RT_MANIFEST | 0xdd17c | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
DLL | Import |
---|---|
WSOCK32.dll | gethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect |
VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
MPR.dll | WNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W |
WININET.dll | HttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable |
PSAPI.DLL | GetProcessMemoryInfo |
IPHLPAPI.DLL | IcmpSendEcho, IcmpCloseHandle, IcmpCreateFile |
USERENV.dll | DestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile |
UxTheme.dll | IsThemeActive |
KERNEL32.dll | DuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW |
USER32.dll | GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient |
GDI32.dll | EndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath |
COMDLG32.dll | GetSaveFileNameW, GetOpenFileNameW |
ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW |
SHELL32.dll | DragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW |
ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket |
OLEAUT32.dll | CreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | Great Britain |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 1, 2024 00:51:00.606988907 CEST | 49731 | 443 | 192.168.2.4 | 216.58.206.46 |
Oct 1, 2024 00:51:00.607024908 CEST | 443 | 49731 | 216.58.206.46 | 192.168.2.4 |
Oct 1, 2024 00:51:00.607080936 CEST | 49731 | 443 | 192.168.2.4 | 216.58.206.46 |
Oct 1, 2024 00:51:00.614140987 CEST | 49731 | 443 | 192.168.2.4 | 216.58.206.46 |
Oct 1, 2024 00:51:00.614160061 CEST | 443 | 49731 | 216.58.206.46 | 192.168.2.4 |
Oct 1, 2024 00:51:00.938075066 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Oct 1, 2024 00:51:01.376964092 CEST | 443 | 49731 | 216.58.206.46 | 192.168.2.4 |
Oct 1, 2024 00:51:01.377140045 CEST | 49731 | 443 | 192.168.2.4 | 216.58.206.46 |
Oct 1, 2024 00:51:01.377194881 CEST | 443 | 49731 | 216.58.206.46 | 192.168.2.4 |
Oct 1, 2024 00:51:01.377780914 CEST | 443 | 49731 | 216.58.206.46 | 192.168.2.4 |
Oct 1, 2024 00:51:01.377846956 CEST | 49731 | 443 | 192.168.2.4 | 216.58.206.46 |
Oct 1, 2024 00:51:01.378791094 CEST | 443 | 49731 | 216.58.206.46 | 192.168.2.4 |
Oct 1, 2024 00:51:01.378854990 CEST | 49731 | 443 | 192.168.2.4 | 216.58.206.46 |
Oct 1, 2024 00:51:01.379607916 CEST | 49731 | 443 | 192.168.2.4 | 216.58.206.46 |
Oct 1, 2024 00:51:01.379714012 CEST | 443 | 49731 | 216.58.206.46 | 192.168.2.4 |
Oct 1, 2024 00:51:01.379723072 CEST | 49731 | 443 | 192.168.2.4 | 216.58.206.46 |
Oct 1, 2024 00:51:01.422447920 CEST | 49731 | 443 | 192.168.2.4 | 216.58.206.46 |
Oct 1, 2024 00:51:01.422466040 CEST | 443 | 49731 | 216.58.206.46 | 192.168.2.4 |
Oct 1, 2024 00:51:01.469340086 CEST | 49731 | 443 | 192.168.2.4 | 216.58.206.46 |
Oct 1, 2024 00:51:01.664330959 CEST | 443 | 49731 | 216.58.206.46 | 192.168.2.4 |
Oct 1, 2024 00:51:01.664808989 CEST | 443 | 49731 | 216.58.206.46 | 192.168.2.4 |
Oct 1, 2024 00:51:01.664875031 CEST | 49731 | 443 | 192.168.2.4 | 216.58.206.46 |
Oct 1, 2024 00:51:01.665909052 CEST | 49731 | 443 | 192.168.2.4 | 216.58.206.46 |
Oct 1, 2024 00:51:01.665949106 CEST | 443 | 49731 | 216.58.206.46 | 192.168.2.4 |
Oct 1, 2024 00:51:01.677738905 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 00:51:01.677778006 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 00:51:01.677850008 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 00:51:01.678045034 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 00:51:01.678056002 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 00:51:02.317655087 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 00:51:02.318089008 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 00:51:02.318104982 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 00:51:02.318465948 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 00:51:02.318536997 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 00:51:02.319175959 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 00:51:02.319230080 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 00:51:02.320359945 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 00:51:02.320406914 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 00:51:02.320635080 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 00:51:02.320641041 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 00:51:02.375591040 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 00:51:02.626283884 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 00:51:02.626312017 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 00:51:02.626380920 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 00:51:02.626400948 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 00:51:02.626463890 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 00:51:02.627729893 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 00:51:02.628441095 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 00:51:02.628458023 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 00:51:04.713912964 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:51:04.713965893 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:04.714054108 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:51:04.714312077 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:51:04.714325905 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:05.362153053 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:05.362510920 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:51:05.362561941 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:05.363580942 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:05.363662958 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:51:05.364511013 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:51:05.364573956 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:05.365592003 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:05.365609884 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:05.365686893 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:05.367141962 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:05.367153883 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:05.405500889 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:51:05.405529022 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:05.452708960 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:51:06.014647961 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:06.014718056 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:06.018536091 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:06.018542051 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:06.018791914 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:06.062068939 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:06.068764925 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:06.111443043 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:06.287668943 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:06.287734032 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:06.287781000 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:06.287899971 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:06.287909031 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:06.287919998 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:06.287925959 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:06.349875927 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:06.349942923 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:06.350019932 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:06.350492001 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:06.350517035 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:07.034302950 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:07.034420013 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:07.035762072 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:07.035783052 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:07.036000967 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:07.037156105 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:07.083411932 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:07.402723074 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:07.402791977 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:07.402952909 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:07.403692007 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:07.403719902 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:07.403733969 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 00:51:07.403740883 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 00:51:09.661499977 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:09.661552906 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:09.661650896 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:09.661912918 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:09.661942959 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.309787989 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.310280085 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.310308933 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.310868979 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.310944080 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.311892033 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.311952114 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.313926935 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.314039946 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.314152002 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.314171076 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.363886118 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.631869078 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.632302046 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.632390022 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.632455111 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.632484913 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.632539988 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.632558107 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.632611990 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.637804985 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.637898922 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.643985033 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.644058943 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.644126892 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.644185066 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.650397062 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.650484085 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.656527042 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.656603098 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.656656027 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.656714916 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.722120047 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.722207069 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.722337008 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.722366095 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.722421885 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.722801924 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.722856045 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.727030993 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.727076054 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.727097034 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.727128029 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.727174044 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.733412981 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.733499050 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.739500046 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.739568949 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.739649057 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.745907068 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.745968103 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.745985985 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.752204895 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.752264977 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.752279043 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.752408981 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.752460957 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.863675117 CEST | 49756 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 1, 2024 00:51:10.863775969 CEST | 443 | 49756 | 172.217.18.14 | 192.168.2.4 |
Oct 1, 2024 00:51:10.979805946 CEST | 49760 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:10.979882002 CEST | 443 | 49760 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:10.980132103 CEST | 49760 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:10.980264902 CEST | 49760 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:10.980281115 CEST | 443 | 49760 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.063211918 CEST | 49761 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.063271999 CEST | 443 | 49761 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.063353062 CEST | 49761 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.063852072 CEST | 49761 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.063863993 CEST | 443 | 49761 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.612144947 CEST | 443 | 49760 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.612590075 CEST | 49760 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.612613916 CEST | 443 | 49760 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.612945080 CEST | 443 | 49760 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.613006115 CEST | 49760 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.613560915 CEST | 443 | 49760 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.613619089 CEST | 49760 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.614684105 CEST | 49760 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.614751101 CEST | 443 | 49760 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.614934921 CEST | 49760 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.614942074 CEST | 443 | 49760 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.657248974 CEST | 49760 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.711874008 CEST | 443 | 49761 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.712197065 CEST | 49761 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.712271929 CEST | 443 | 49761 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.712599993 CEST | 443 | 49761 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.712681055 CEST | 49761 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.713207006 CEST | 443 | 49761 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.713270903 CEST | 49761 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.713478088 CEST | 49761 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.713537931 CEST | 443 | 49761 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.713711023 CEST | 49761 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.713727951 CEST | 443 | 49761 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.768577099 CEST | 49761 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.915612936 CEST | 443 | 49760 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.915700912 CEST | 443 | 49760 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.915745974 CEST | 49760 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.917004108 CEST | 49760 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.917031050 CEST | 443 | 49760 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.918872118 CEST | 49764 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.918910027 CEST | 443 | 49764 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:11.918981075 CEST | 49764 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.919579029 CEST | 49764 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:11.919589996 CEST | 443 | 49764 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.018534899 CEST | 443 | 49761 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.018917084 CEST | 443 | 49761 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.018987894 CEST | 49761 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.019334078 CEST | 49761 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.019418955 CEST | 443 | 49761 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.019454002 CEST | 49761 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.019484043 CEST | 49761 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.020378113 CEST | 49767 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.020426035 CEST | 443 | 49767 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.020482063 CEST | 49767 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.020972013 CEST | 49767 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.020992994 CEST | 443 | 49767 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.559669018 CEST | 443 | 49764 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.560024977 CEST | 49764 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.560045004 CEST | 443 | 49764 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.560559034 CEST | 443 | 49764 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.560614109 CEST | 49764 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.561613083 CEST | 443 | 49764 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.561664104 CEST | 49764 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.562374115 CEST | 49764 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.562465906 CEST | 443 | 49764 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.564254999 CEST | 49764 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.564260960 CEST | 443 | 49764 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.564275980 CEST | 49764 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.607397079 CEST | 443 | 49764 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.608484030 CEST | 49764 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.650129080 CEST | 443 | 49767 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.650429010 CEST | 49767 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.650453091 CEST | 443 | 49767 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.650806904 CEST | 443 | 49767 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.650873899 CEST | 49767 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.651499987 CEST | 443 | 49767 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.651551962 CEST | 49767 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.651729107 CEST | 49767 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.651791096 CEST | 443 | 49767 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.651937008 CEST | 49767 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.651947021 CEST | 443 | 49767 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.651963949 CEST | 49767 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.699398041 CEST | 443 | 49767 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.702240944 CEST | 49767 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.783354044 CEST | 443 | 49764 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.784523010 CEST | 443 | 49764 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.784624100 CEST | 49764 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.785353899 CEST | 49764 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.785368919 CEST | 443 | 49764 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.868359089 CEST | 443 | 49767 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.868908882 CEST | 443 | 49767 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.869426966 CEST | 49767 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.870498896 CEST | 49767 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:12.870512962 CEST | 443 | 49767 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:12.873569012 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:51:12.919415951 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:13.142111063 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:13.142185926 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:13.142347097 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:13.142353058 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:51:13.142375946 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:13.142424107 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:13.142474890 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:51:13.142493010 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:13.142541885 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:51:13.142842054 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:13.142894030 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:13.143754005 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:51:13.352720976 CEST | 49741 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:51:13.352780104 CEST | 443 | 49741 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:51:13.810976982 CEST | 49771 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:13.811022043 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:13.811110020 CEST | 49771 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:13.812649965 CEST | 49771 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:13.812676907 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:14.632312059 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:14.632400990 CEST | 49771 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:14.636750937 CEST | 49771 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:14.636764050 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:14.637003899 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:14.686800957 CEST | 49771 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:15.226342916 CEST | 49771 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:15.267410994 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:15.487421036 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:15.487443924 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:15.487452030 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:15.487468004 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:15.487500906 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:15.487694979 CEST | 49771 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:15.487694979 CEST | 49771 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:15.487719059 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:15.487773895 CEST | 49771 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:15.488545895 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:15.488625050 CEST | 49771 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:15.488632917 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:15.488856077 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:15.489816904 CEST | 49771 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:16.013531923 CEST | 49771 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:16.013562918 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:16.013576984 CEST | 49771 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:16.013582945 CEST | 443 | 49771 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:17.452034950 CEST | 49723 | 80 | 192.168.2.4 | 93.184.221.240 |
Oct 1, 2024 00:51:17.458110094 CEST | 80 | 49723 | 93.184.221.240 | 192.168.2.4 |
Oct 1, 2024 00:51:17.458194971 CEST | 49723 | 80 | 192.168.2.4 | 93.184.221.240 |
Oct 1, 2024 00:51:18.692179918 CEST | 49779 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:18.692225933 CEST | 443 | 49779 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:18.692329884 CEST | 49779 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:18.692739964 CEST | 49779 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:18.692758083 CEST | 443 | 49779 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:19.348006964 CEST | 443 | 49779 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:19.348308086 CEST | 49779 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:19.348361015 CEST | 443 | 49779 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:19.348673105 CEST | 443 | 49779 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:19.349067926 CEST | 49779 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:19.349136114 CEST | 443 | 49779 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:19.349237919 CEST | 49779 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:19.349256039 CEST | 49779 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:19.349265099 CEST | 443 | 49779 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:19.678854942 CEST | 443 | 49779 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:19.680104017 CEST | 443 | 49779 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:19.680226088 CEST | 49779 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:19.681375980 CEST | 49779 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:19.681396961 CEST | 443 | 49779 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:41.565838099 CEST | 49781 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:41.565875053 CEST | 443 | 49781 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:41.565977097 CEST | 49781 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:41.566243887 CEST | 49781 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:41.566258907 CEST | 443 | 49781 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:41.971707106 CEST | 49782 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:41.971796036 CEST | 443 | 49782 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:41.971889019 CEST | 49782 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:41.972168922 CEST | 49782 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:41.972203970 CEST | 443 | 49782 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.221014023 CEST | 443 | 49781 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.221898079 CEST | 49781 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:42.221956015 CEST | 443 | 49781 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.223208904 CEST | 443 | 49781 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.223536015 CEST | 49781 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:42.223686934 CEST | 49781 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:42.223705053 CEST | 443 | 49781 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.223728895 CEST | 49781 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:42.223728895 CEST | 443 | 49781 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.267786980 CEST | 49781 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:42.267813921 CEST | 443 | 49781 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.522140026 CEST | 443 | 49781 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.522895098 CEST | 443 | 49781 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.522953987 CEST | 49781 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:42.523113966 CEST | 49781 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:42.523154974 CEST | 443 | 49781 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.622334003 CEST | 443 | 49782 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.622713089 CEST | 49782 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:42.622746944 CEST | 443 | 49782 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.623115063 CEST | 443 | 49782 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.623477936 CEST | 49782 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:42.623550892 CEST | 443 | 49782 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.623619080 CEST | 49782 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:42.623653889 CEST | 49782 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:42.623667955 CEST | 443 | 49782 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.844645023 CEST | 443 | 49782 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.845331907 CEST | 443 | 49782 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:42.845434904 CEST | 49782 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:42.845721006 CEST | 49782 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:42.845753908 CEST | 443 | 49782 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:43.517930031 CEST | 49783 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:43.518023968 CEST | 443 | 49783 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:43.518131971 CEST | 49783 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:43.518373013 CEST | 49783 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:43.518405914 CEST | 443 | 49783 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:44.154864073 CEST | 443 | 49783 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:44.155199051 CEST | 49783 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:44.155260086 CEST | 443 | 49783 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:44.155802965 CEST | 443 | 49783 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:44.156280994 CEST | 49783 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:44.156372070 CEST | 443 | 49783 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:44.156471014 CEST | 49783 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:44.156471014 CEST | 49783 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:44.156510115 CEST | 443 | 49783 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:44.453429937 CEST | 443 | 49783 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:44.454106092 CEST | 443 | 49783 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:44.454216003 CEST | 49783 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:44.454612017 CEST | 49783 | 443 | 192.168.2.4 | 142.250.186.110 |
Oct 1, 2024 00:51:44.454669952 CEST | 443 | 49783 | 142.250.186.110 | 192.168.2.4 |
Oct 1, 2024 00:51:52.634716988 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:52.634830952 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:52.634893894 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:52.635512114 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:52.635546923 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:53.413645983 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:53.413769960 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:53.417541027 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:53.417565107 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:53.417903900 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:53.426913023 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:53.467420101 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:53.760946989 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:53.760974884 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:53.760993004 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:53.761096001 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:53.761132002 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:53.761188030 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:53.762434959 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:53.762486935 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:53.762514114 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:53.762531996 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:53.762556076 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:53.762574911 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:53.762624979 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:53.766529083 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:53.766561985 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:51:53.766587973 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 00:51:53.766604900 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 00:52:04.766808033 CEST | 49786 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:52:04.766836882 CEST | 443 | 49786 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:52:04.766911983 CEST | 49786 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:52:04.767169952 CEST | 49786 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:52:04.767183065 CEST | 443 | 49786 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:52:05.406610966 CEST | 443 | 49786 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:52:05.407205105 CEST | 49786 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:52:05.407217026 CEST | 443 | 49786 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:52:05.407511950 CEST | 443 | 49786 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:52:05.407998085 CEST | 49786 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:52:05.408055067 CEST | 443 | 49786 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:52:05.453165054 CEST | 49786 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:52:06.452907085 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Oct 1, 2024 00:52:06.460364103 CEST | 80 | 49724 | 93.184.221.240 | 192.168.2.4 |
Oct 1, 2024 00:52:06.460431099 CEST | 49724 | 80 | 192.168.2.4 | 93.184.221.240 |
Oct 1, 2024 00:52:13.903420925 CEST | 49788 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:13.903533936 CEST | 443 | 49788 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:13.903620958 CEST | 49788 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:13.903995991 CEST | 49788 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:13.904031038 CEST | 443 | 49788 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:13.987601042 CEST | 49789 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:13.987626076 CEST | 443 | 49789 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:13.987737894 CEST | 49789 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:13.988097906 CEST | 49789 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:13.988111973 CEST | 443 | 49789 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.532711029 CEST | 443 | 49788 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.533014059 CEST | 49788 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:14.533066034 CEST | 443 | 49788 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.533433914 CEST | 443 | 49788 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.533744097 CEST | 49788 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:14.533812046 CEST | 443 | 49788 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.533909082 CEST | 49788 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:14.533943892 CEST | 49788 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:14.533955097 CEST | 443 | 49788 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.627532005 CEST | 443 | 49789 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.627783060 CEST | 49789 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:14.627794981 CEST | 443 | 49789 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.628146887 CEST | 443 | 49789 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.628429890 CEST | 49789 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:14.628489971 CEST | 443 | 49789 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.628573895 CEST | 49789 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:14.628595114 CEST | 49789 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:14.628654957 CEST | 443 | 49789 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.832664013 CEST | 443 | 49788 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.832808018 CEST | 443 | 49788 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.832881927 CEST | 49788 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:14.833235025 CEST | 49788 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:14.833266973 CEST | 443 | 49788 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.932111025 CEST | 443 | 49789 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.932226896 CEST | 443 | 49789 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:14.932293892 CEST | 49789 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:14.932715893 CEST | 49789 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:14.932724953 CEST | 443 | 49789 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:15.353090048 CEST | 443 | 49786 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:52:15.353164911 CEST | 443 | 49786 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:52:15.353266954 CEST | 49786 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:52:27.828425884 CEST | 49786 | 443 | 192.168.2.4 | 142.250.185.132 |
Oct 1, 2024 00:52:27.828445911 CEST | 443 | 49786 | 142.250.185.132 | 192.168.2.4 |
Oct 1, 2024 00:52:46.287194967 CEST | 49791 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:46.287266016 CEST | 443 | 49791 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:46.287354946 CEST | 49791 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:46.287967920 CEST | 49791 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:46.287986040 CEST | 443 | 49791 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:46.550601006 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:46.550658941 CEST | 443 | 49792 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:46.550762892 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:46.551882029 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:46.551897049 CEST | 443 | 49792 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:46.922476053 CEST | 443 | 49791 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:46.922806978 CEST | 49791 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:46.922836065 CEST | 443 | 49791 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:46.923182011 CEST | 443 | 49791 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:46.923705101 CEST | 49791 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:46.923763990 CEST | 443 | 49791 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:46.924015999 CEST | 49791 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:46.924056053 CEST | 49791 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:46.924056053 CEST | 49791 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:46.924062967 CEST | 443 | 49791 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:46.971440077 CEST | 443 | 49791 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:47.285258055 CEST | 443 | 49791 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:47.285391092 CEST | 443 | 49791 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:47.285450935 CEST | 49791 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:47.286756992 CEST | 443 | 49792 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:47.327785015 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:47.405967951 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:47.405986071 CEST | 443 | 49792 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:47.406426907 CEST | 443 | 49792 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:47.407289982 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:47.407351017 CEST | 443 | 49792 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:47.407373905 CEST | 49791 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:47.407406092 CEST | 443 | 49791 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:47.412749052 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:47.412779093 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:47.412785053 CEST | 443 | 49792 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:47.711421013 CEST | 443 | 49792 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:47.711914062 CEST | 443 | 49792 | 216.58.206.78 | 192.168.2.4 |
Oct 1, 2024 00:52:47.711977005 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:47.712263107 CEST | 49792 | 443 | 192.168.2.4 | 216.58.206.78 |
Oct 1, 2024 00:52:47.712285042 CEST | 443 | 49792 | 216.58.206.78 | 192.168.2.4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 1, 2024 00:51:00.595892906 CEST | 53 | 54297 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:00.596801043 CEST | 64075 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 00:51:00.596859932 CEST | 61766 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 00:51:00.603621006 CEST | 53 | 64075 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:00.604098082 CEST | 53 | 61766 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:00.605166912 CEST | 53 | 49383 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:01.668612957 CEST | 49966 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 00:51:01.668955088 CEST | 64376 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 00:51:01.676974058 CEST | 53 | 49966 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:01.677078962 CEST | 53 | 64376 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:01.711081028 CEST | 53 | 49628 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:04.704866886 CEST | 51954 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 00:51:04.705738068 CEST | 62299 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 00:51:04.711555004 CEST | 53 | 51954 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:04.712234020 CEST | 53 | 62299 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:06.895730972 CEST | 53 | 62197 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:09.650212049 CEST | 64052 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 00:51:09.650588036 CEST | 49335 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 00:51:09.656905890 CEST | 53 | 64052 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:09.657370090 CEST | 53 | 49335 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:10.960714102 CEST | 61013 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 00:51:10.961239100 CEST | 57662 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 00:51:10.967591047 CEST | 53 | 61013 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:10.967968941 CEST | 53 | 57662 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:12.570291042 CEST | 53 | 54173 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:17.879204035 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Oct 1, 2024 00:51:18.869689941 CEST | 53 | 50171 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:37.697432041 CEST | 53 | 57682 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:51:59.979768038 CEST | 53 | 64715 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:52:00.543906927 CEST | 53 | 54227 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:52:11.722316980 CEST | 53 | 53527 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:52:13.895642996 CEST | 62956 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 00:52:13.895843983 CEST | 57345 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 00:52:13.902431011 CEST | 53 | 62956 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:52:13.902597904 CEST | 53 | 57345 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 00:52:27.838131905 CEST | 53 | 63336 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 1, 2024 00:51:00.596801043 CEST | 192.168.2.4 | 1.1.1.1 | 0x5243 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 00:51:00.596859932 CEST | 192.168.2.4 | 1.1.1.1 | 0xc2bf | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 00:51:01.668612957 CEST | 192.168.2.4 | 1.1.1.1 | 0x412f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 00:51:01.668955088 CEST | 192.168.2.4 | 1.1.1.1 | 0x6226 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 00:51:04.704866886 CEST | 192.168.2.4 | 1.1.1.1 | 0x3cbc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 00:51:04.705738068 CEST | 192.168.2.4 | 1.1.1.1 | 0xfcde | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 00:51:09.650212049 CEST | 192.168.2.4 | 1.1.1.1 | 0xa633 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 00:51:09.650588036 CEST | 192.168.2.4 | 1.1.1.1 | 0x9a9a | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 00:51:10.960714102 CEST | 192.168.2.4 | 1.1.1.1 | 0x4fea | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 00:51:10.961239100 CEST | 192.168.2.4 | 1.1.1.1 | 0x1ddf | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 00:52:13.895642996 CEST | 192.168.2.4 | 1.1.1.1 | 0x5f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 00:52:13.895843983 CEST | 192.168.2.4 | 1.1.1.1 | 0x748a | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 1, 2024 00:51:00.603621006 CEST | 1.1.1.1 | 192.168.2.4 | 0x5243 | No error (0) | 216.58.206.46 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:00.604098082 CEST | 1.1.1.1 | 192.168.2.4 | 0xc2bf | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 142.250.185.174 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 142.250.184.238 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 142.250.186.142 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 142.250.185.110 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 142.250.185.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 142.250.186.110 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 172.217.16.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 142.250.186.78 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 172.217.18.110 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 142.250.185.78 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 172.217.18.14 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 142.250.185.238 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 142.250.185.142 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 142.250.186.46 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.676974058 CEST | 1.1.1.1 | 192.168.2.4 | 0x412f | No error (0) | 172.217.23.110 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.677078962 CEST | 1.1.1.1 | 192.168.2.4 | 0x6226 | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:01.677078962 CEST | 1.1.1.1 | 192.168.2.4 | 0x6226 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 00:51:04.711555004 CEST | 1.1.1.1 | 192.168.2.4 | 0x3cbc | No error (0) | 142.250.185.132 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:04.712234020 CEST | 1.1.1.1 | 192.168.2.4 | 0xfcde | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 00:51:09.656905890 CEST | 1.1.1.1 | 192.168.2.4 | 0xa633 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:09.656905890 CEST | 1.1.1.1 | 192.168.2.4 | 0xa633 | No error (0) | 172.217.18.14 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:09.657370090 CEST | 1.1.1.1 | 192.168.2.4 | 0x9a9a | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 00:51:10.967591047 CEST | 1.1.1.1 | 192.168.2.4 | 0x4fea | No error (0) | 142.250.186.110 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 00:52:13.902431011 CEST | 1.1.1.1 | 192.168.2.4 | 0x5f | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49731 | 216.58.206.46 | 443 | 5320 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-30 22:51:01 UTC | 851 | OUT | |
2024-09-30 22:51:01 UTC | 1704 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49736 | 142.250.185.174 | 443 | 5320 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-09-30 22:51:02 UTC | 869 | OUT | |
2024-09-30 22:51:02 UTC | 2634 | IN |