Edit tour
Windows
Analysis Report
file.exe
Overview
General Information
Detection
Credential Flusher
Score: | 72 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Multi AV Scanner detection for submitted file
Yara detected Credential Flusher
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected potential crypto function
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
Potential key logger detected (key state polling based)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Classification
- System is w10x64
- file.exe (PID: 6332 cmdline:
"C:\Users\ user\Deskt op\file.ex e" MD5: 9A7AB60C3DBE9CE509444CBAD406E780) - chrome.exe (PID: 6568 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ap p="https:/ /youtube.c om/account ?=https:// accounts.g oogle.com/ v3/signin/ challenge/ pwd" --sta rt-fullscr een --no-f irst-run - -disable-s ession-cra shed-bubbl e --disabl e-features =CrashReco very MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 1076 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2404 --fi eld-trial- handle=208 4,i,133029 3383195303 7132,58036 4574018837 8487,26214 4 --disabl e-features =CrashReco very /pref etch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7944 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= audio.mojo m.AudioSer vice --lan g=en-US -- service-sa ndbox-type =audio --m ojo-platfo rm-channel -handle=53 88 --field -trial-han dle=2084,i ,133029338 3195303713 2,58036457 4018837848 7,262144 - -disable-f eatures=Cr ashRecover y /prefetc h:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7956 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= video_capt ure.mojom. VideoCaptu reService --lang=en- US --servi ce-sandbox -type=none --mojo-pl atform-cha nnel-handl e=5444 --f ield-trial -handle=20 84,i,13302 9338319530 37132,5803 6457401883 78487,2621 44 --disab le-feature s=CrashRec overy /pre fetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
⊘No configs have been found
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_CredentialFlusher | Yara detected Credential Flusher | Joe Security |
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | ReversingLabs: |
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_0055DBBE | |
Source: | Code function: | 0_2_005668EE | |
Source: | Code function: | 0_2_0056698F | |
Source: | Code function: | 0_2_0055D076 | |
Source: | Code function: | 0_2_0055D3A9 | |
Source: | Code function: | 0_2_00569642 | |
Source: | Code function: | 0_2_0056979D | |
Source: | Code function: | 0_2_00569B2B | |
Source: | Code function: | 0_2_00565C97 |
Source: | IP Address: |
Source: | JA3 fingerprint: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: |
Source: | Code function: | 0_2_0056CE44 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_0056EAFF |
Source: | Code function: | 0_2_0056ED6A |
Source: | Code function: | 0_2_0056EAFF |
Source: | Code function: | 0_2_0055AA57 |
Source: | Code function: | 0_2_00589576 |
System Summary |
---|
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | memstr_e959bd08-9 | |
Source: | String found in binary or memory: | memstr_e2d9d049-8 | |
Source: | String found in binary or memory: | memstr_9fa2b8fb-2 | |
Source: | String found in binary or memory: | memstr_d19bfa8c-3 |
Source: | Code function: | 0_2_0055D5EB |
Source: | Code function: | 0_2_00551201 |
Source: | Code function: | 0_2_0055E8F6 |
Source: | Code function: | 0_2_004FBF40 | |
Source: | Code function: | 0_2_00562046 | |
Source: | Code function: | 0_2_004F8060 | |
Source: | Code function: | 0_2_00558298 | |
Source: | Code function: | 0_2_0052E4FF | |
Source: | Code function: | 0_2_0052676B | |
Source: | Code function: | 0_2_00584873 | |
Source: | Code function: | 0_2_004FCAF0 | |
Source: | Code function: | 0_2_0051CAA0 | |
Source: | Code function: | 0_2_0050CC39 | |
Source: | Code function: | 0_2_00526DD9 | |
Source: | Code function: | 0_2_0050B119 | |
Source: | Code function: | 0_2_004F91C0 | |
Source: | Code function: | 0_2_00511394 | |
Source: | Code function: | 0_2_00511706 | |
Source: | Code function: | 0_2_0051781B | |
Source: | Code function: | 0_2_0050997D | |
Source: | Code function: | 0_2_004F7920 | |
Source: | Code function: | 0_2_005119B0 | |
Source: | Code function: | 0_2_00517A4A | |
Source: | Code function: | 0_2_00511C77 | |
Source: | Code function: | 0_2_00517CA7 | |
Source: | Code function: | 0_2_0057BE44 | |
Source: | Code function: | 0_2_00529EEE | |
Source: | Code function: | 0_2_00511F32 |
Source: | Code function: | ||
Source: | Code function: |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_005637B5 |
Source: | Code function: | 0_2_005510BF | |
Source: | Code function: | 0_2_005516C3 |
Source: | Code function: | 0_2_005651CD |
Source: | Code function: | 0_2_0055D4DC |
Source: | Code function: | 0_2_0056648E |
Source: | Code function: | 0_2_004F42A2 |
Source: | Static PE information: |
Source: | Key opened: | Jump to behavior |
Source: | ReversingLabs: |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Window detected: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_004F42DE |
Source: | Code function: | 0_2_00510A89 |
Source: | Code function: | 0_2_0050F98E | |
Source: | Code function: | 0_2_00581C41 |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Sandbox detection routine: | graph_0-69596 |
Source: | API coverage: |
Source: | Code function: | 0_2_0055DBBE | |
Source: | Code function: | 0_2_005668EE | |
Source: | Code function: | 0_2_0056698F | |
Source: | Code function: | 0_2_0055D076 | |
Source: | Code function: | 0_2_0055D3A9 | |
Source: | Code function: | 0_2_00569642 | |
Source: | Code function: | 0_2_0056979D | |
Source: | Code function: | 0_2_00569B2B | |
Source: | Code function: | 0_2_00565C97 |
Source: | Code function: | 0_2_004F42DE |
Source: | Process information queried: | Jump to behavior |
Source: | Code function: | 0_2_0056EAA2 |
Source: | Code function: | 0_2_00522622 |
Source: | Code function: | 0_2_004F42DE |
Source: | Code function: | 0_2_00514CE8 |
Source: | Code function: | 0_2_00550B62 |
Source: | Code function: | 0_2_00522622 | |
Source: | Code function: | 0_2_0051083F | |
Source: | Code function: | 0_2_005109D5 | |
Source: | Code function: | 0_2_00510C21 |
Source: | Code function: | 0_2_00551201 |
Source: | Code function: | 0_2_00532BA5 |
Source: | Code function: | 0_2_0055B226 |
Source: | Code function: | 0_2_005722DA |
Source: | Code function: | 0_2_00550B62 |
Source: | Code function: | 0_2_00551663 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00510698 |
Source: | Code function: | 0_2_00568195 |
Source: | Code function: | 0_2_0052BB6F |
Source: | Code function: | 0_2_004F42DE |
Stealing of Sensitive Information |
---|
Source: | File source: |
Remote Access Functionality |
---|
Source: | File source: |
Source: | Code function: | 0_2_00571204 | |
Source: | Code function: | 0_2_00571806 |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 2 Valid Accounts | 1 Native API | 2 Valid Accounts | 2 Valid Accounts | 2 Valid Accounts | 21 Input Capture | 2 System Time Discovery | Remote Services | 21 Input Capture | 11 Encrypted Channel | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 1 Virtualization/Sandbox Evasion | LSASS Memory | 12 Security Software Discovery | Remote Desktop Protocol | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 21 Access Token Manipulation | 1 Disable or Modify Tools | Security Account Manager | 1 Virtualization/Sandbox Evasion | SMB/Windows Admin Shares | 3 Clipboard Data | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 2 Process Injection | 21 Access Token Manipulation | NTDS | 3 Process Discovery | Distributed Component Object Model | Input Capture | 4 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 1 DLL Side-Loading | 2 Process Injection | LSA Secrets | 1 Application Window Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 1 Deobfuscate/Decode Files or Information | Cached Domain Credentials | 1 File and Directory Discovery | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 2 Obfuscated Files or Information | DCSync | 15 System Information Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 1 DLL Side-Loading | Proc Filesystem | System Owner/User Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
13% | ReversingLabs | |||
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
youtube-ui.l.google.com | 142.250.185.174 | true | false | unknown | |
www3.l.google.com | 142.250.186.174 | true | false | unknown | |
play.google.com | 142.250.185.238 | true | false | unknown | |
www.google.com | 216.58.206.68 | true | false | unknown | |
youtube.com | 172.217.16.142 | true | false | unknown | |
accounts.youtube.com | unknown | unknown | false | unknown | |
www.youtube.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.186.174 | www3.l.google.com | United States | 15169 | GOOGLEUS | false | |
142.250.185.238 | play.google.com | United States | 15169 | GOOGLEUS | false | |
216.58.206.68 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.185.174 | youtube-ui.l.google.com | United States | 15169 | GOOGLEUS | false | |
172.217.16.142 | youtube.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.4 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1523617 |
Start date and time: | 2024-10-01 20:53:08 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 35s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 10 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | file.exe |
Detection: | MAL |
Classification: | mal72.troj.evad.winEXE@31/30@12/7 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 216.58.206.67, 142.250.181.238, 108.177.15.84, 34.104.35.123, 142.250.186.67, 142.250.186.131, 142.250.181.234, 216.58.212.138, 142.250.185.106, 142.250.185.138, 142.250.185.170, 142.250.185.74, 142.250.186.106, 142.250.186.42, 142.250.186.74, 172.217.18.10, 216.58.206.42, 142.250.184.234, 142.250.186.170, 142.250.184.202, 142.250.185.202, 142.250.185.234, 172.217.16.202, 142.250.74.202, 172.217.16.138, 142.250.186.138, 216.58.206.74, 199.232.210.172, 192.229.221.95, 142.250.184.227, 74.125.71.84, 142.250.186.142
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, optimizationguide-pa.googleapis.com
- Not all processes where analyzed, report is missing behavior information
- Report size exceeded maximum capacity and may have missing disassembly code.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: file.exe
⊘No simulations
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | HTMLPhisher | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | LummaC, Go Injector, LummaC Stealer | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | LummaC | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | PureLog Stealer | Browse |
⊘No context
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | LummaC, Go Injector, LummaC Stealer | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | LummaC | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
⊘No context
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3131 |
Entropy (8bit): | 5.3750044852869046 |
Encrypted: | false |
SSDEEP: | 48:o7zfN/cD498xdg+Y5jNQ8js6npwk0OmNAEZbpMzR4EQBcW5QcHj9KWfGAeFKRrw:oCD9dA5jOEGh+EFqR4rhqUhzff9w |
MD5: | 39693D34EE3D1829DBB1627C4FC6687B |
SHA1: | A03303C2F027F3749B48D5134D1F8FB3E495C6E9 |
SHA-256: | 03B0C1B4E402E0BCF75D530DD9085B25357EEFD09E238453DE1F3A042542C076 |
SHA-512: | AC0749EDC33DA0EC0E40470388DD797B6528AD08B8FAC1C2AC42F85198131052BA1B533E90409D35DA237607E8B07D591FA6BA580B6A90B0D0AB2282A01F7585 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZwDk9d,RMhBfe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 32499 |
Entropy (8bit): | 5.361345284201954 |
Encrypted: | false |
SSDEEP: | 768:mLX1O+aL6fgyIiREM4RKmh90toLoTswtF3ATcbDR6kIsnJd9DPyMv/FI:U2M4oltoLoTswtFoc/tIsnXFLI |
MD5: | D5C3FB8EAE24AB7E40009338B5078496 |
SHA1: | 5638BF5986A6445A88CD79A9B690B744B126BEC2 |
SHA-256: | 597C14D360D690BCFDC2B8D315E6BB8879AEF33DE6C30D274743079BDB63C6B0 |
SHA-512: | 6AE434850D473BEF15AA694AB4862596982CDDA6BD3991991D3ADD8F4A5F61DFBF8756D0DA98B72EF083909D68CF7B6B148A6488E9381F92FBF15CCB20176A0E |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=_b,_tp/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1608 |
Entropy (8bit): | 5.280977407061266 |
Encrypted: | false |
SSDEEP: | 48:o7YNJvl3WlENrpB3stYCIgMxILNH/wf7DVTBpdQrw:oApB8iDwYlGw |
MD5: | 4FB66582D37D04933F00E49C2FBA34D4 |
SHA1: | 3DB09C53BBEB1EEB045A001356E498D8EF30915D |
SHA-256: | A97DAC01ABFE3EB75C7C97D504E21BDDDADDB6EBE0B56B6A9A10CD3700CAB41B |
SHA-512: | 2AEB3A6CFFBF6EFA626EBDC9E11ACBAC04BFE986F98FBC050B2501898B289C67D392ED195D16ACC9565EF8784401ADA1E88188CDE3A7AB12D98BB5ED7D8A5711 |
Malicious: | false |
Reputation: | moderate, very likely benign file |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=w9hDv,ZDZcre,A7fCU" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4070 |
Entropy (8bit): | 5.362700670482359 |
Encrypted: | false |
SSDEEP: | 96:GUpT+TmXtdW1qsHFcn7t7CnyWYvNTcLaQOw:lpT+qXW1PFcn7tGnyWY1TGb |
MD5: | ED368A20CB303C0E7C6A3E6E43C2E14F |
SHA1: | 429A5C538B45221F80405163D1F87912DD73C05A |
SHA-256: | 93BA77AD4B11E0A70C0D36576F0DF24E27F50001EA02BAA6D357E034532D97F2 |
SHA-512: | DE74BBADE910475DD245FFEFD4E1FD10137DE710B1C920D33BA52554911496E1339EF3C1F6D9D315CBC98A60ABE5687A3E7D8BEE483708E18D25722E794BDBE9 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=sOXFj,q0xTif,ZZ4WUe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5430 |
Entropy (8bit): | 3.6534652184263736 |
Encrypted: | false |
SSDEEP: | 48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B |
MD5: | F3418A443E7D841097C714D69EC4BCB8 |
SHA1: | 49263695F6B0CDD72F45CF1B775E660FDC36C606 |
SHA-256: | 6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770 |
SHA-512: | 82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563 |
Malicious: | false |
URL: | https://www.google.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52280 |
Entropy (8bit): | 7.995413196679271 |
Encrypted: | true |
SSDEEP: | 1536:1rvqtK8DZilXxwJ8mMwAZy7phqsFLdG3B4d:xytBZits8bw4wzbFxG3B4d |
MD5: | F61F0D4D0F968D5BBA39A84C76277E1A |
SHA1: | AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2 |
SHA-256: | 57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC |
SHA-512: | 6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487 |
Malicious: | false |
URL: | https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 697429 |
Entropy (8bit): | 5.593310312179182 |
Encrypted: | false |
SSDEEP: | 6144:TYNlxfbDTYDhzCTNoygVWyJb5eGpbL2Mp15gI8seqfh53p+rrvV7i:T25bDTYB+qeGB+Nu |
MD5: | 92F0F5E28355D863ACB77313F1E675DE |
SHA1: | 8AD6F9B535D5B8952A4ADCCC57E4A4E0723F1E8D |
SHA-256: | F903AE346609A2872554A3D8FFBDB1836CB5C8B7AAAED4C3F8296B887E03D833 |
SHA-512: | 0C81A6CD850C6ACDBE9CCCBA00BBA34CDE1E09E8572814AE8E55DBED3C2B56F0B020359841F8217843B3403847DF46FA1C82229684F762A73C8110CE45898DAF |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,XVq9Qb,STuCOe,njlZCf,m9oV,vjKJJ,y5vRwf,iyZMqd,NTMZac,mzzZzc,rCcCxc,vvMGie,K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc,NOeYWe,O6y8ed,L9OGUe,PrPYRd,MpJwZc,qPfo0c,cYShmd,hc6Ubd,Rkm0ef,KUM7Z,oLggrd,inNHtf,L1AAkb,WpP9Yc,lwddkf,gJzDyc,SpsfSb,aC1iue,tUnxGc,aW3pY,ZakeSe,EFQ78c,xQtZb,I6YDgd,zbML3c,zr1jrb,vHEMJe,YHI3We,YTxL4,bSspM,Uas9Hd,zy0vNb,K0PMbc,AvtSve,qmdT9,MY7mZe,xBaz7b,GwYlN,eVCnO,EIOG1e,LDQI" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3471 |
Entropy (8bit): | 5.5174491302699495 |
Encrypted: | false |
SSDEEP: | 96:ojAmjTJ/fJgpIcB7Fd2tilGBEMO/A6VxV08w:vUTJpgDJXM0ApJ |
MD5: | 2D999C87DD54C7FE6400D267C33FBB23 |
SHA1: | 414C3A329C2760325EDBACBD7A221D7F8DBFEEE8 |
SHA-256: | 76D55A1AFC1D39CB04D60EB04E45A538A0E75EE2871561C84CC89B1C13596BCC |
SHA-512: | 72D923BB71DD147139962FF8E2BD0E336E0F6409C212AC2F25387D0F3B4FC9365F5A6D40E2980BB1065534888362C97D6B7663E362D29166B5915D2A9DA7D238 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,wg1P6b,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1858 |
Entropy (8bit): | 5.253939888205379 |
Encrypted: | false |
SSDEEP: | 48:o7BNJfeFb8L3A6FHqIy5Z+d70OCzSfvi/3fM/r8ZQzRrw:oFuILhFHrVCz0vLZz9w |
MD5: | 10FF6F99E3228E96AFD6E2C30EF97C0A |
SHA1: | 4AE3DCB8D1F5A0C302D5BAD9DFF5050A7A5E8130 |
SHA-256: | 95E5546E1C7F311D07BB5050CC456A973E43BCC4777BA6014757376016537679 |
SHA-512: | 116C0B1CAC98A27044100005545AB66BE5F4801D75DC259093A9F145B3A4ACD8DC1C360AF525F6DC8421CD54B675A78023D2ED8B57F5946A3969543758C673C9 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=iAskyc,ziXSP" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22827 |
Entropy (8bit): | 5.420322672717721 |
Encrypted: | false |
SSDEEP: | 384:/jqdWXWfyA20UUjDE8BSUxDJs16KHvSN34kaHaN+587SaXD2mLR0H:/jqdWXAUUjDE84Wi6KPSKjHaN+58+0J2 |
MD5: | 2B29741A316862EE788996DD29116DD5 |
SHA1: | 9D5551916D4452E977C39B8D69CF88DF2AAA462B |
SHA-256: | 62955C853976B722EFBB4C116A10DB3FF54580EDD7495D280177550B8F4289AB |
SHA-512: | 6E37C3258F07F29909763728DADE0CD40A3602D55D9099F78B37756926FCF2A50008B82876B518FEAF3E56617F0F7D1D37A73C346A99A58E6AD8BCD6689E9B15 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5049 |
Entropy (8bit): | 5.317800104741948 |
Encrypted: | false |
SSDEEP: | 96:oHX9gPiPrfnHhsB0TR6kg1oDPJzLmM18Vh1z2fEZ54TZtnqj6w:EtEAr6BmPZtOeEvW/ncP |
MD5: | CE53EF566B68CCF2D62FA044CFB0D138 |
SHA1: | F48EC60289F2B55E8B388601206888F8295B1EB1 |
SHA-256: | E6CC5114D92811D5DE0663266D4B63F367834AFA0FC3BAFA54F707038C59D010 |
SHA-512: | 20B434881DE971E263669E6096C01665D4D35B0FBFF47D312A4A442645EE962A8CE6AD7E68246D4EE9691BD30D9B1DDCF7059226492E1B58CD3191B63B001E4D |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=wg1P6b" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 84 |
Entropy (8bit): | 4.875266466142591 |
Encrypted: | false |
SSDEEP: | 3:DZFJu0+WVTBCq2Bjdw2KsJJuYHSKnZ:lFJuuVTBudw29nu4SKZ |
MD5: | 87B6333E98B7620EA1FF98D1A837A39E |
SHA1: | 105DE6815B0885357DE1414BFC0D77FCC9E924EF |
SHA-256: | DCD3C133C5C40BECD4100BBE6EDAE84C9735E778E4234A5E8395C56FF8A733BA |
SHA-512: | 867D7943D813685FAA76394E53199750C55817E836FD19C933F74D11E9657CE66719A6D6B2E39EE1DE62358BCE364E38A55F4E138DF92337DE6985DDCD5D0994 |
Malicious: | false |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioBw==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 603951 |
Entropy (8bit): | 5.789949489744101 |
Encrypted: | false |
SSDEEP: | 3072:x0pApkygA62bwwdnO2YflNYhFGOizdGj008PpVVM96C5bMEPQUhts6FV8eKqtVAT:xlgNmwwdnOsF98oNGuQRAYqXsI1+ |
MD5: | 036BC6CEC1912EAA63C716C2A7494AFC |
SHA1: | C32891F55B0D7A86DCE1BDBB7B84DB21C2A09F4F |
SHA-256: | 1A6181C3DFAEE5919CE57152DCFFCDC4B151C5FB2969CFD62168C1711FF202CF |
SHA-512: | 0AAA2285D109114921B5FD8A15F9A3D1F218AF8C61054B3925965E6753F8A49B45798326EA986C4A6B6180B6C36292A4652E2BA730C7505684DAAA4B5C314675 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlGsNipZrCRRMFQh1-tVmHSsIDzQTA/m=_b,_tp" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1460 |
Entropy (8bit): | 5.316515499943097 |
Encrypted: | false |
SSDEEP: | 24:kMYD7DduJqrxsNL90YIzFK/Hb5eNhz1uktdDuvKKKGbLZ99GbSSF/ZR8OkdnprGJ:o7DQJopFN+ASCKKGbF99GbSS3RY7rw |
MD5: | D97AB4594FC610665FF2763A650EE6A8 |
SHA1: | 5C7459CA838D27BE45745571D8D96D156F4B9F8D |
SHA-256: | 767D778369623FD8F5FB98D3BCC3130D05D02CBE0B9B88DD226F43281B14E9AF |
SHA-512: | CE4941B41C3A8CC983C1BBCC87EF682823CB9DB24EA7A570E35BBF832046340D433F7D47211384B61FA38F3527CC35C195A6068CCB24B48E1F492C5B4D4192A1 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=P6sQOc" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9210 |
Entropy (8bit): | 5.3872171131917925 |
Encrypted: | false |
SSDEEP: | 192:FK/pAzN7GZ068Hqhqu6DQaVapzYjgKItwdiwUsYRTi1j1t9bRl9:FqI7GZ04dRYjghtgisYYbt9ll9 |
MD5: | AB70454DE18E1CE16E61EAC290FC304D |
SHA1: | 68532B5E8B262D7E14B8F4507AA69A61146B3C18 |
SHA-256: | B32D746867CC4FA21FD39437502F401D952D0A3E8DC708DFB7D58B85F256C0F1 |
SHA-512: | A123C517380BEF0B47F23A5A6E1D16650FE39D9C701F9FA5ADD79294973C118E8EA3A7BA32CB63C3DFC0CE0F843FB86BFFCAA2AAE987629E7DFF84F176DEBB98 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en._s1fC-CLCMs.es5.O/ck=boq-identity.AccountsSignInUi.gkspycgpiCY.L.B1.O/am=xIFgKBimEQjEE86BHlAUCBkAAAAAAAAAALQBAIBm/d=1/exm=AvtSve,CMcBD,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PrPYRd,Rkm0ef,SCuOPb,STuCOe,SpsfSb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,byfTOb,cYShmd,eVCnO,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,qPfo0c,qmdT9,rCcCxc,siKnQd,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlGbG-r9dBZftM0U0ZDPTNCqugT4jw/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,yRXbo,bTi8wc,ywOR5c,PHUIyb" |
Preview: |
File type: | |
Entropy (8bit): | 6.579812006017445 |
TrID: |
|
File name: | file.exe |
File size: | 917'504 bytes |
MD5: | 9a7ab60c3dbe9ce509444cbad406e780 |
SHA1: | 98a3cb0741ef82e1a40c322876f469eb1c0e2464 |
SHA256: | 7623a2671d712b7e06555134bc022d04ca40320536d318cd9e2def298b819b9b |
SHA512: | 0c6fc4f1c7418cce3716d4d6b7db71444ae44ea53121bf825509e77a86214d534a26d6f5b1563c3171211bc5439aa801e9f986cfb02ed49ff9acff1f734def50 |
SSDEEP: | 12288:DqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgaCTc:DqDEvCTbMWu7rQYlBQcBiT6rprG8aic |
TLSH: | 10159E0273D1C062FFAB92334B5AF6515BBC69260123E61F13981DB9BE701B1563E7A3 |
File Content Preview: | MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z.... |
Icon Hash: | aaf3e3e3938382a0 |
Entrypoint: | 0x420577 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x66FC441F [Tue Oct 1 18:49:03 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | 948cc502fe9226992dce9417f952fce3 |
Instruction |
---|
call 00007F2D5483F5B3h |
jmp 00007F2D5483EEBFh |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007F2D5483F09Dh |
mov dword ptr [esi], 0049FDF0h |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FDF8h |
mov dword ptr [ecx], 0049FDF0h |
ret |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007F2D5483F06Ah |
mov dword ptr [esi], 0049FE0Ch |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FE14h |
mov dword ptr [ecx], 0049FE0Ch |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
and dword ptr [eax], 00000000h |
and dword ptr [eax+04h], 00000000h |
push eax |
mov eax, dword ptr [ebp+08h] |
add eax, 04h |
push eax |
call 00007F2D54841C5Dh |
pop ecx |
pop ecx |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
lea eax, dword ptr [ecx+04h] |
mov dword ptr [ecx], 0049FDD0h |
push eax |
call 00007F2D54841CA8h |
pop ecx |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
push eax |
call 00007F2D54841C91h |
test byte ptr [ebp+08h], 00000001h |
pop ecx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xc8e64 | 0x17c | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd4000 | 0x95ac | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xde000 | 0x7594 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xb0ff0 | 0x1c | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0xc3400 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xb1010 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x9c000 | 0x894 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x9ab1d | 0x9ac00 | 0a1473f3064dcbc32ef93c5c8a90f3a6 | False | 0.565500681542811 | data | 6.668273581389308 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x9c000 | 0x2fb82 | 0x2fc00 | c9cf2468b60bf4f80f136ed54b3989fb | False | 0.35289185209424084 | data | 5.691811547483722 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xcc000 | 0x706c | 0x4800 | 53b9025d545d65e23295e30afdbd16d9 | False | 0.04356553819444445 | DOS executable (block device driver @\273\) | 0.5846666986982398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0xd4000 | 0x95ac | 0x9600 | 1c4b16972f534753e7e316851641af13 | False | 0.28596354166666665 | data | 5.164467572781099 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0xde000 | 0x7594 | 0x7600 | c68ee8931a32d45eb82dc450ee40efc3 | False | 0.7628111758474576 | data | 6.7972128181359786 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0xd45a8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
RT_ICON | 0xd46d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
RT_ICON | 0xd47f8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.3885135135135135 |
RT_ICON | 0xd4920 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 0 | English | Great Britain | 0.3333333333333333 |
RT_ICON | 0xd4c08 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 0 | English | Great Britain | 0.5 |
RT_ICON | 0xd4d30 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | English | Great Britain | 0.2835820895522388 |
RT_ICON | 0xd5bd8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | Great Britain | 0.37906137184115524 |
RT_ICON | 0xd6480 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | English | Great Britain | 0.23699421965317918 |
RT_ICON | 0xd69e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | English | Great Britain | 0.13858921161825727 |
RT_ICON | 0xd8f90 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | English | Great Britain | 0.25070356472795496 |
RT_ICON | 0xda038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | Great Britain | 0.3173758865248227 |
RT_MENU | 0xda4a0 | 0x50 | data | English | Great Britain | 0.9 |
RT_STRING | 0xda4f0 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
RT_STRING | 0xdaa84 | 0x68a | data | English | Great Britain | 0.2735961768219833 |
RT_STRING | 0xdb110 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
RT_STRING | 0xdb5a0 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
RT_STRING | 0xdbb9c | 0x65c | data | English | Great Britain | 0.34336609336609336 |
RT_STRING | 0xdc1f8 | 0x466 | data | English | Great Britain | 0.3605683836589698 |
RT_STRING | 0xdc660 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
RT_RCDATA | 0xdc7b8 | 0x872 | data | 1.0050878815911193 | ||
RT_GROUP_ICON | 0xdd02c | 0x76 | data | English | Great Britain | 0.6610169491525424 |
RT_GROUP_ICON | 0xdd0a4 | 0x14 | data | English | Great Britain | 1.25 |
RT_GROUP_ICON | 0xdd0b8 | 0x14 | data | English | Great Britain | 1.15 |
RT_GROUP_ICON | 0xdd0cc | 0x14 | data | English | Great Britain | 1.25 |
RT_VERSION | 0xdd0e0 | 0xdc | data | English | Great Britain | 0.6181818181818182 |
RT_MANIFEST | 0xdd1bc | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
DLL | Import |
---|---|
WSOCK32.dll | gethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect |
VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
MPR.dll | WNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W |
WININET.dll | HttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable |
PSAPI.DLL | GetProcessMemoryInfo |
IPHLPAPI.DLL | IcmpSendEcho, IcmpCloseHandle, IcmpCreateFile |
USERENV.dll | DestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile |
UxTheme.dll | IsThemeActive |
KERNEL32.dll | DuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW |
USER32.dll | GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient |
GDI32.dll | EndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath |
COMDLG32.dll | GetSaveFileNameW, GetOpenFileNameW |
ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW |
SHELL32.dll | DragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW |
ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket |
OLEAUT32.dll | CreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | Great Britain |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 1, 2024 20:53:59.925308943 CEST | 49731 | 443 | 192.168.2.4 | 172.217.16.142 |
Oct 1, 2024 20:53:59.925348997 CEST | 443 | 49731 | 172.217.16.142 | 192.168.2.4 |
Oct 1, 2024 20:53:59.925411940 CEST | 49731 | 443 | 192.168.2.4 | 172.217.16.142 |
Oct 1, 2024 20:53:59.926954031 CEST | 49731 | 443 | 192.168.2.4 | 172.217.16.142 |
Oct 1, 2024 20:53:59.926968098 CEST | 443 | 49731 | 172.217.16.142 | 192.168.2.4 |
Oct 1, 2024 20:54:00.600701094 CEST | 443 | 49731 | 172.217.16.142 | 192.168.2.4 |
Oct 1, 2024 20:54:00.602416992 CEST | 49731 | 443 | 192.168.2.4 | 172.217.16.142 |
Oct 1, 2024 20:54:00.602451086 CEST | 443 | 49731 | 172.217.16.142 | 192.168.2.4 |
Oct 1, 2024 20:54:00.602838039 CEST | 443 | 49731 | 172.217.16.142 | 192.168.2.4 |
Oct 1, 2024 20:54:00.602899075 CEST | 49731 | 443 | 192.168.2.4 | 172.217.16.142 |
Oct 1, 2024 20:54:00.603523970 CEST | 443 | 49731 | 172.217.16.142 | 192.168.2.4 |
Oct 1, 2024 20:54:00.603581905 CEST | 49731 | 443 | 192.168.2.4 | 172.217.16.142 |
Oct 1, 2024 20:54:00.605359077 CEST | 49731 | 443 | 192.168.2.4 | 172.217.16.142 |
Oct 1, 2024 20:54:00.605418921 CEST | 443 | 49731 | 172.217.16.142 | 192.168.2.4 |
Oct 1, 2024 20:54:00.605508089 CEST | 49731 | 443 | 192.168.2.4 | 172.217.16.142 |
Oct 1, 2024 20:54:00.605516911 CEST | 443 | 49731 | 172.217.16.142 | 192.168.2.4 |
Oct 1, 2024 20:54:00.651832104 CEST | 49731 | 443 | 192.168.2.4 | 172.217.16.142 |
Oct 1, 2024 20:54:00.893836021 CEST | 443 | 49731 | 172.217.16.142 | 192.168.2.4 |
Oct 1, 2024 20:54:00.894032955 CEST | 443 | 49731 | 172.217.16.142 | 192.168.2.4 |
Oct 1, 2024 20:54:00.894084930 CEST | 49731 | 443 | 192.168.2.4 | 172.217.16.142 |
Oct 1, 2024 20:54:00.896131039 CEST | 49731 | 443 | 192.168.2.4 | 172.217.16.142 |
Oct 1, 2024 20:54:00.896148920 CEST | 443 | 49731 | 172.217.16.142 | 192.168.2.4 |
Oct 1, 2024 20:54:00.906972885 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 20:54:00.906994104 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 20:54:00.907057047 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 20:54:00.907252073 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 20:54:00.907264948 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 20:54:01.649287939 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 20:54:01.649652004 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 20:54:01.649682045 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 20:54:01.650105000 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 20:54:01.650434017 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 20:54:01.650834084 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 20:54:01.651947975 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 20:54:01.651947975 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 20:54:01.652015924 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 20:54:01.652143955 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 20:54:01.652152061 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 20:54:01.698489904 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 20:54:02.075073004 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 20:54:02.075093985 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 20:54:02.075191021 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 20:54:02.075229883 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 20:54:02.077486992 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 20:54:02.077486992 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 20:54:02.383207083 CEST | 49736 | 443 | 192.168.2.4 | 142.250.185.174 |
Oct 1, 2024 20:54:02.383236885 CEST | 443 | 49736 | 142.250.185.174 | 192.168.2.4 |
Oct 1, 2024 20:54:04.190146923 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:54:04.190200090 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:04.190264940 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:54:04.190494061 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:54:04.190507889 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:04.756365061 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:04.756429911 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:04.756500006 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:04.758131027 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:04.758147001 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:04.851352930 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:04.851808071 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:54:04.851845026 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:04.852899075 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:04.852967978 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:54:04.854346037 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:54:04.854418039 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:04.899008989 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:54:04.899027109 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:04.951157093 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:54:05.458724976 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:05.458790064 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:05.467505932 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:05.467523098 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:05.467721939 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:05.518039942 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:05.563311100 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:05.607407093 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:05.749433041 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:05.749492884 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:05.749547005 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:05.749682903 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:05.749690056 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:05.749703884 CEST | 49742 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:05.749708891 CEST | 443 | 49742 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:05.778371096 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:05.778408051 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:05.778487921 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:05.778724909 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:05.778738022 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:06.431186914 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:06.431257010 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:06.435029984 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:06.435040951 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:06.435270071 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:06.436687946 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:06.483443975 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:06.707060099 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:06.707128048 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:06.707602024 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:06.714445114 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:06.714445114 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 1, 2024 20:54:06.714462042 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:06.714489937 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 1, 2024 20:54:09.235184908 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:09.235212088 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:09.235290051 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:09.236397028 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:09.236409903 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:09.967901945 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:09.968133926 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:09.968158960 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:09.968494892 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:09.968561888 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:09.969089985 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:09.969144106 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:09.970002890 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:09.970058918 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:09.970244884 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:09.970251083 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.023468018 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.341501951 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.341686964 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.341749907 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.341777086 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.341851950 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.341875076 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.341881990 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.341922998 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.344489098 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.344552040 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.349639893 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.349714041 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.349778891 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.349828959 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.352196932 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.352307081 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.356894970 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.356929064 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.356971979 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.356976032 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.357053995 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.430242062 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.430305958 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.430608034 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.430665016 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.430887938 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.430938959 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.436523914 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.436578989 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.436619997 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.436666012 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.443000078 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.443070889 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.451323032 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.451431036 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.451438904 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.456949949 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.456995964 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.457000971 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.462013960 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.462075949 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.462080956 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.462106943 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.462151051 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.462280989 CEST | 49756 | 443 | 192.168.2.4 | 142.250.186.174 |
Oct 1, 2024 20:54:10.462291002 CEST | 443 | 49756 | 142.250.186.174 | 192.168.2.4 |
Oct 1, 2024 20:54:10.504931927 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:10.504986048 CEST | 443 | 49761 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:10.505053997 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:10.505230904 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:10.505276918 CEST | 443 | 49761 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:10.547827005 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:10.547837973 CEST | 443 | 49762 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:10.547908068 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:10.548275948 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:10.548289061 CEST | 443 | 49762 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.158416033 CEST | 443 | 49761 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.159006119 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.159024000 CEST | 443 | 49761 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.159780979 CEST | 443 | 49761 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.159846067 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.160387993 CEST | 443 | 49761 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.160444975 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.161602020 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.161655903 CEST | 443 | 49761 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.162051916 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.162060022 CEST | 443 | 49761 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.213071108 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.221961975 CEST | 443 | 49762 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.222225904 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.222245932 CEST | 443 | 49762 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.222623110 CEST | 443 | 49762 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.222687006 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.223324060 CEST | 443 | 49762 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.223398924 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.223532915 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.223603010 CEST | 443 | 49762 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.223757029 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.223773003 CEST | 443 | 49762 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.275353909 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.478183031 CEST | 443 | 49761 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.478717089 CEST | 443 | 49761 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.478779078 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.480627060 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.480680943 CEST | 443 | 49761 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.480709076 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.480734110 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.482577085 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.482604980 CEST | 443 | 49766 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.482672930 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.483047962 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.483057976 CEST | 443 | 49766 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.524049997 CEST | 443 | 49762 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.524696112 CEST | 443 | 49762 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.524756908 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.525463104 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.525480032 CEST | 443 | 49762 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.527312994 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.527340889 CEST | 443 | 49767 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:11.527419090 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.528405905 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:11.528419971 CEST | 443 | 49767 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.176290035 CEST | 443 | 49766 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.176517963 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.176575899 CEST | 443 | 49766 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.177093029 CEST | 443 | 49766 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.177165985 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.178108931 CEST | 443 | 49766 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.178177118 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.178380013 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.178462982 CEST | 443 | 49766 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.178553104 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.178575993 CEST | 443 | 49766 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.178612947 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.216186047 CEST | 443 | 49767 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.216433048 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.216450930 CEST | 443 | 49767 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.216826916 CEST | 443 | 49767 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.216896057 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.217556953 CEST | 443 | 49767 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.217612982 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.217756987 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.217817068 CEST | 443 | 49767 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.217926979 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.217936039 CEST | 443 | 49767 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.217955112 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.219448090 CEST | 443 | 49766 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.228543043 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.259411097 CEST | 443 | 49767 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.259455919 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.393035889 CEST | 443 | 49766 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.394294977 CEST | 443 | 49766 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.394368887 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.409590006 CEST | 49766 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.409631014 CEST | 443 | 49766 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.416112900 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:54:12.435513020 CEST | 443 | 49767 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.437025070 CEST | 443 | 49767 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.437073946 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.437730074 CEST | 49767 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:12.437746048 CEST | 443 | 49767 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:12.459410906 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:12.629276991 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:12.629321098 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:12.629347086 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:12.629415989 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:54:12.629446983 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:12.629489899 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:54:12.629739046 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:12.629842997 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:12.629887104 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:54:12.638586998 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:54:12.638602018 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:54:15.764612913 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:15.764667034 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:15.764847994 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:15.766709089 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:15.766724110 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:16.619636059 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:16.619698048 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:16.628123999 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:16.628142118 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:16.628370047 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:16.680093050 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:17.623327971 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:17.663433075 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:17.884054899 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:17.884076118 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:17.884083033 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:17.884094954 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:17.884102106 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:17.884105921 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:17.884176016 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:17.884223938 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:17.884275913 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:17.884330988 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:17.884391069 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:17.884397984 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:17.884465933 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:17.884517908 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:18.257565975 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:18.257602930 CEST | 443 | 49778 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:18.257878065 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:18.258155107 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:18.258172989 CEST | 443 | 49778 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:18.479195118 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:18.479223967 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:18.479302883 CEST | 49773 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:18.479309082 CEST | 443 | 49773 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:18.884649038 CEST | 443 | 49778 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:18.886920929 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:18.886940002 CEST | 443 | 49778 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:18.887350082 CEST | 443 | 49778 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:18.887933016 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:18.888008118 CEST | 443 | 49778 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:18.888348103 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:18.888411999 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:18.888417959 CEST | 443 | 49778 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:19.124078035 CEST | 443 | 49778 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:19.125188112 CEST | 443 | 49778 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:19.125294924 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:19.126902103 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:19.126920938 CEST | 443 | 49778 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:41.105087042 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:41.105144024 CEST | 443 | 49781 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:41.105242014 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:41.105644941 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:41.105664015 CEST | 443 | 49781 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:41.419961929 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:41.420031071 CEST | 443 | 49782 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:41.420133114 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:41.420475006 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:41.420495033 CEST | 443 | 49782 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:41.450356960 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:41.450404882 CEST | 443 | 49783 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:41.450480938 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:41.450876951 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:41.450892925 CEST | 443 | 49783 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:41.800371885 CEST | 443 | 49781 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:41.800908089 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:41.800944090 CEST | 443 | 49781 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:41.801305056 CEST | 443 | 49781 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:41.801697969 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:41.801767111 CEST | 443 | 49781 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:41.801920891 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:41.801947117 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:41.801954031 CEST | 443 | 49781 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.099322081 CEST | 443 | 49782 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.099692106 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.099760056 CEST | 443 | 49782 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.099781036 CEST | 443 | 49781 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.100111008 CEST | 443 | 49782 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.100560904 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.100632906 CEST | 443 | 49782 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.100749016 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.100788116 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.100800037 CEST | 443 | 49782 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.100886106 CEST | 443 | 49781 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.100967884 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.101051092 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.101083994 CEST | 443 | 49781 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.132697105 CEST | 443 | 49783 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.132972002 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.132997036 CEST | 443 | 49783 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.133491039 CEST | 443 | 49783 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.133557081 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.134483099 CEST | 443 | 49783 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.134543896 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.134682894 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.134759903 CEST | 443 | 49783 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.135130882 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.135138988 CEST | 443 | 49783 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.135202885 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.175448895 CEST | 443 | 49783 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.182594061 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.358396053 CEST | 443 | 49783 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.358545065 CEST | 443 | 49783 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.358606100 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.359340906 CEST | 49783 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.359359980 CEST | 443 | 49783 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.400393963 CEST | 443 | 49782 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.401088953 CEST | 443 | 49782 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:42.401170969 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.401294947 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 1, 2024 20:54:42.401336908 CEST | 443 | 49782 | 142.250.185.238 | 192.168.2.4 |
Oct 1, 2024 20:54:55.414824009 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:55.414875031 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:55.414949894 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:55.415332079 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:55.415347099 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:56.202896118 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:56.202966928 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:56.207947016 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:56.207962990 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:56.208182096 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:56.219841003 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:56.267410040 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:56.538218975 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:56.538247108 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:56.538259983 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:56.538451910 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:56.538481951 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:56.538537979 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:56.539637089 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:56.539697886 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:56.539700985 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:56.539719105 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:56.539752007 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:56.539875984 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:56.539917946 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:56.544114113 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:56.544130087 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:54:56.544147968 CEST | 49784 | 443 | 192.168.2.4 | 4.175.87.197 |
Oct 1, 2024 20:54:56.544152975 CEST | 443 | 49784 | 4.175.87.197 | 192.168.2.4 |
Oct 1, 2024 20:55:04.243824005 CEST | 49786 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:55:04.243871927 CEST | 443 | 49786 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:55:04.243984938 CEST | 49786 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:55:04.244275093 CEST | 49786 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:55:04.244291067 CEST | 443 | 49786 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:55:04.889272928 CEST | 443 | 49786 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:55:04.889590025 CEST | 49786 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:55:04.889607906 CEST | 443 | 49786 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:55:04.890072107 CEST | 443 | 49786 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:55:04.890347004 CEST | 49786 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:55:04.890441895 CEST | 443 | 49786 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:55:04.944948912 CEST | 49786 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:55:10.354026079 CEST | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
Oct 1, 2024 20:55:10.664442062 CEST | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
Oct 1, 2024 20:55:11.273701906 CEST | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
Oct 1, 2024 20:55:11.539891005 CEST | 80 | 49723 | 199.232.214.172 | 192.168.2.4 |
Oct 1, 2024 20:55:11.539940119 CEST | 80 | 49723 | 199.232.214.172 | 192.168.2.4 |
Oct 1, 2024 20:55:11.539951086 CEST | 80 | 49723 | 199.232.214.172 | 192.168.2.4 |
Oct 1, 2024 20:55:11.539998055 CEST | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
Oct 1, 2024 20:55:11.540827990 CEST | 80 | 49723 | 199.232.214.172 | 192.168.2.4 |
Oct 1, 2024 20:55:11.540877104 CEST | 49723 | 80 | 192.168.2.4 | 199.232.214.172 |
Oct 1, 2024 20:55:11.546945095 CEST | 80 | 49723 | 199.232.214.172 | 192.168.2.4 |
Oct 1, 2024 20:55:14.802176952 CEST | 443 | 49786 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:55:14.802253008 CEST | 443 | 49786 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:55:14.802331924 CEST | 49786 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:55:28.445657969 CEST | 49786 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:55:28.445702076 CEST | 443 | 49786 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:56:04.306121111 CEST | 49794 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:56:04.306163073 CEST | 443 | 49794 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:56:04.306246996 CEST | 49794 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:56:04.306601048 CEST | 49794 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 1, 2024 20:56:04.306616068 CEST | 443 | 49794 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:56:05.106683016 CEST | 443 | 49794 | 216.58.206.68 | 192.168.2.4 |
Oct 1, 2024 20:56:05.148397923 CEST | 49794 | 443 | 192.168.2.4 | 216.58.206.68 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 1, 2024 20:53:59.903976917 CEST | 58450 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 20:53:59.904217958 CEST | 58075 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 20:53:59.911494017 CEST | 53 | 58450 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:53:59.912137032 CEST | 53 | 50264 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:53:59.912214041 CEST | 53 | 58075 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:53:59.936718941 CEST | 53 | 63570 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:00.898621082 CEST | 54132 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 20:54:00.899322987 CEST | 50973 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 20:54:00.905515909 CEST | 53 | 54132 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:00.906482935 CEST | 53 | 50973 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:00.940085888 CEST | 53 | 51546 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:04.181104898 CEST | 59349 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 20:54:04.181266069 CEST | 52246 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 20:54:04.188561916 CEST | 53 | 59349 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:04.189502001 CEST | 53 | 52246 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:06.622824907 CEST | 53 | 56467 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:09.223963022 CEST | 57708 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 20:54:09.224098921 CEST | 65035 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 20:54:09.231441975 CEST | 53 | 57708 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:09.234739065 CEST | 53 | 65035 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:10.496944904 CEST | 50835 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 20:54:10.497082949 CEST | 64587 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 20:54:10.503967047 CEST | 53 | 64587 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:10.504553080 CEST | 53 | 50835 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:12.067197084 CEST | 53 | 61323 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:17.835619926 CEST | 53 | 64688 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:21.937952995 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Oct 1, 2024 20:54:36.720938921 CEST | 53 | 56331 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:59.456259012 CEST | 53 | 57471 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:54:59.500484943 CEST | 53 | 50880 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:55:11.540028095 CEST | 53 | 61531 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:55:11.590785027 CEST | 51363 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 20:55:11.590971947 CEST | 58588 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 1, 2024 20:55:11.598130941 CEST | 53 | 58588 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:55:11.598217964 CEST | 53 | 51363 | 1.1.1.1 | 192.168.2.4 |
Oct 1, 2024 20:55:28.454504013 CEST | 53 | 51558 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 1, 2024 20:53:59.903976917 CEST | 192.168.2.4 | 1.1.1.1 | 0x8acc | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 20:53:59.904217958 CEST | 192.168.2.4 | 1.1.1.1 | 0xa96a | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 20:54:00.898621082 CEST | 192.168.2.4 | 1.1.1.1 | 0x92e4 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 20:54:00.899322987 CEST | 192.168.2.4 | 1.1.1.1 | 0xb42d | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 20:54:04.181104898 CEST | 192.168.2.4 | 1.1.1.1 | 0xe649 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 20:54:04.181266069 CEST | 192.168.2.4 | 1.1.1.1 | 0x838 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 20:54:09.223963022 CEST | 192.168.2.4 | 1.1.1.1 | 0xa166 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 20:54:09.224098921 CEST | 192.168.2.4 | 1.1.1.1 | 0x9f14 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 20:54:10.496944904 CEST | 192.168.2.4 | 1.1.1.1 | 0xa31e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 20:54:10.497082949 CEST | 192.168.2.4 | 1.1.1.1 | 0x7e51 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 1, 2024 20:55:11.590785027 CEST | 192.168.2.4 | 1.1.1.1 | 0xeddb | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 1, 2024 20:55:11.590971947 CEST | 192.168.2.4 | 1.1.1.1 | 0x5b91 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 1, 2024 20:53:59.911494017 CEST | 1.1.1.1 | 192.168.2.4 | 0x8acc | No error (0) | 172.217.16.142 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:53:59.912214041 CEST | 1.1.1.1 | 192.168.2.4 | 0xa96a | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 142.250.185.174 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 142.250.181.238 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 142.250.185.78 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 142.250.185.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 142.250.185.238 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 142.250.185.110 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 172.217.16.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 142.250.185.142 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 216.58.206.46 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 142.250.74.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 216.58.212.142 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 142.250.184.238 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 142.250.184.206 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 142.250.186.142 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.905515909 CEST | 1.1.1.1 | 192.168.2.4 | 0x92e4 | No error (0) | 172.217.18.110 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.906482935 CEST | 1.1.1.1 | 192.168.2.4 | 0xb42d | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:00.906482935 CEST | 1.1.1.1 | 192.168.2.4 | 0xb42d | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 20:54:04.188561916 CEST | 1.1.1.1 | 192.168.2.4 | 0xe649 | No error (0) | 216.58.206.68 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:04.189502001 CEST | 1.1.1.1 | 192.168.2.4 | 0x838 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 1, 2024 20:54:09.231441975 CEST | 1.1.1.1 | 192.168.2.4 | 0xa166 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:09.231441975 CEST | 1.1.1.1 | 192.168.2.4 | 0xa166 | No error (0) | 142.250.186.174 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:09.234739065 CEST | 1.1.1.1 | 192.168.2.4 | 0x9f14 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 1, 2024 20:54:10.504553080 CEST | 1.1.1.1 | 192.168.2.4 | 0xa31e | No error (0) | 142.250.185.238 | A (IP address) | IN (0x0001) | false | ||
Oct 1, 2024 20:55:11.598217964 CEST | 1.1.1.1 | 192.168.2.4 | 0xeddb | No error (0) | 142.250.181.238 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49731 | 172.217.16.142 | 443 | 1076 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-01 18:54:00 UTC | 851 | OUT | |
2024-10-01 18:54:00 UTC | 1704 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49736 | 142.250.185.174 | 443 | 1076 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-01 18:54:01 UTC | 869 | OUT | |
2024-10-01 18:54:02 UTC | 2634 | IN |