Edit tour
Windows
Analysis Report
file.exe
Overview
General Information
Detection
Credential Flusher
Score: | 64 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 100% |
Signatures
Yara detected Credential Flusher
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Found API chain indicative of sandbox detection
Machine Learning detection for sample
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the PEB
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Detected potential crypto function
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
IP address seen in connection with other malware
JA3 SSL client fingerprint seen in connection with other malware
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Sample execution stops while process was sleeping (likely an evasion)
Uses 32bit PE files
Uses code obfuscation techniques (call, push, ret)
Classification
- System is w10x64
- file.exe (PID: 7292 cmdline:
"C:\Users\ user\Deskt op\file.ex e" MD5: C3D56C65AD5DB36D2DCCB9CC2AC8577E) - chrome.exe (PID: 7312 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ap p="https:/ /youtube.c om/account ?=https:// accounts.g oogle.com/ v3/signin/ challenge/ pwd" --sta rt-fullscr een --no-f irst-run - -disable-s ession-cra shed-bubbl e --disabl e-features =CrashReco very MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7528 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =1728 --fi eld-trial- handle=175 2,i,138666 7543347340 3451,18282 2747656642 96240,2621 44 --disab le-feature s=CrashRec overy /pre fetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7180 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= audio.mojo m.AudioSer vice --lan g=en-US -- service-sa ndbox-type =audio --m ojo-platfo rm-channel -handle=51 32 --field -trial-han dle=1752,i ,138666754 3347340345 1,18282274 7656642962 40,262144 --disable- features=C rashRecove ry /prefet ch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7280 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= video_capt ure.mojom. VideoCaptu reService --lang=en- US --servi ce-sandbox -type=none --mojo-pl atform-cha nnel-handl e=5408 --f ield-trial -handle=17 52,i,13866 6754334734 03451,1828 2274765664 296240,262 144 --disa ble-featur es=CrashRe covery /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - conhost.exe (PID: 2312 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
- cleanup
⊘No configs have been found
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_CredentialFlusher | Yara detected Credential Flusher | Joe Security | ||
JoeSecurity_CredentialFlusher | Yara detected Credential Flusher | Joe Security | ||
JoeSecurity_CredentialFlusher | Yara detected Credential Flusher | Joe Security |
⊘No Sigma rule has matched
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Integrated Neural Analysis Model: |
Source: | Joe Sandbox ML: |
Source: | Static PE information: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_00C4DBBE | |
Source: | Code function: | 0_2_00C568EE | |
Source: | Code function: | 0_2_00C5698F | |
Source: | Code function: | 0_2_00C4D076 | |
Source: | Code function: | 0_2_00C4D3A9 | |
Source: | Code function: | 0_2_00C59642 | |
Source: | Code function: | 0_2_00C5979D | |
Source: | Code function: | 0_2_00C59B2B | |
Source: | Code function: | 0_2_00C55C97 |
Source: | IP Address: |
Source: | JA3 fingerprint: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | Code function: | 0_2_00C5CE44 |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Code function: | 0_2_00C5EAFF |
Source: | Code function: | 0_2_00C5ED6A |
Source: | Code function: | 0_2_00C5EAFF |
Source: | Code function: | 0_2_00C4AA57 |
Source: | Code function: | 0_2_00C79576 |
System Summary |
---|
Source: | String found in binary or memory: | ||
Source: | String found in binary or memory: | memstr_4ffd6d06-d | |
Source: | String found in binary or memory: | memstr_c096f413-c | |
Source: | String found in binary or memory: | memstr_f3ff2f9a-7 | |
Source: | String found in binary or memory: | memstr_678ef23e-1 |
Source: | Code function: | 0_2_00C4D5EB |
Source: | Code function: | 0_2_00C41201 |
Source: | Code function: | 0_2_00C4E8F6 |
Source: | Code function: | 0_2_00C52046 | |
Source: | Code function: | 0_2_00BE8060 | |
Source: | Code function: | 0_2_00C48298 | |
Source: | Code function: | 0_2_00C1E4FF | |
Source: | Code function: | 0_2_00C1676B | |
Source: | Code function: | 0_2_00C74873 | |
Source: | Code function: | 0_2_00BECAF0 | |
Source: | Code function: | 0_2_00C0CAA0 | |
Source: | Code function: | 0_2_00BFCC39 | |
Source: | Code function: | 0_2_00C16DD9 | |
Source: | Code function: | 0_2_00BE91C0 | |
Source: | Code function: | 0_2_00BFB119 | |
Source: | Code function: | 0_2_00C01394 | |
Source: | Code function: | 0_2_00C01706 | |
Source: | Code function: | 0_2_00C0781B | |
Source: | Code function: | 0_2_00C019B0 | |
Source: | Code function: | 0_2_00BE7920 | |
Source: | Code function: | 0_2_00BF997D | |
Source: | Code function: | 0_2_00C07A4A | |
Source: | Code function: | 0_2_00C07CA7 | |
Source: | Code function: | 0_2_00C01C77 | |
Source: | Code function: | 0_2_00C19EEE | |
Source: | Code function: | 0_2_00C6BE44 | |
Source: | Code function: | 0_2_00C01F32 |
Source: | Code function: | ||
Source: | Code function: |
Source: | Static PE information: |
Source: | Classification label: |
Source: | Code function: | 0_2_00C537B5 |
Source: | Code function: | 0_2_00C410BF | |
Source: | Code function: | 0_2_00C416C3 |
Source: | Code function: | 0_2_00C551CD |
Source: | Code function: | 0_2_00C4D4DC |
Source: | Code function: | 0_2_00C5648E |
Source: | Code function: | 0_2_00BE42A2 |
Source: | File created: | Jump to behavior |
Source: | Mutant created: |
Source: | Static PE information: |
Source: | Key opened: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior | ||
Source: | Section loaded: | Jump to behavior |
Source: | Window detected: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Static PE information: |
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: | ||
Source: | Static PE information: |
Source: | Code function: | 0_2_00BE42DE |
Source: | Code function: | 0_2_00C00A89 | |
Source: | Code function: | 0_2_00BED01E | |
Source: | Code function: | 0_2_00BF1266 | |
Source: | Code function: | 0_2_00BF1262 | |
Source: | Code function: | 0_2_00BF1256 | |
Source: | Code function: | 0_2_00BF1252 | |
Source: | Code function: | 0_2_00BF124E | |
Source: | Code function: | 0_2_00BF124A | |
Source: | Code function: | 0_2_00C356DA | |
Source: | Code function: | 0_2_00C356EA | |
Source: | Code function: | 0_2_00C357E2 | |
Source: | Code function: | 0_2_00C357FE | |
Source: | Code function: | 0_2_00C3179D | |
Source: | Code function: | 0_2_00C31789 | |
Source: | Code function: | 0_2_00C3578A | |
Source: | Code function: | 0_2_00C3579A | |
Source: | Code function: | 0_2_00C317A1 | |
Source: | Code function: | 0_2_00C317A5 | |
Source: | Code function: | 0_2_00C317A9 | |
Source: | Code function: | 0_2_00C317AD | |
Source: | Code function: | 0_2_00C317B1 | |
Source: | Code function: | 0_2_00C357B6 | |
Source: | Code function: | 0_2_00C35742 | |
Source: | Code function: | 0_2_00C3575E | |
Source: | Code function: | 0_2_00C3576E | |
Source: | Code function: | 0_2_00C35712 | |
Source: | Code function: | 0_2_00C35706 | |
Source: | Code function: | 0_2_00C35732 | |
Source: | Code function: | 0_2_00C35802 | |
Source: | Code function: | 0_2_00C35806 | |
Source: | Code function: | 0_2_00C3580A |
Source: | Code function: | 0_2_00BFF98E | |
Source: | Code function: | 0_2_00C71C41 |
Source: | Process information set: | Jump to behavior | ||
Source: | Process information set: | Jump to behavior |
Malware Analysis System Evasion |
---|
Source: | Sandbox detection routine: | graph_0-95960 |
Source: | API coverage: |
Source: | Last function: |
Source: | Code function: | 0_2_00C4DBBE | |
Source: | Code function: | 0_2_00C568EE | |
Source: | Code function: | 0_2_00C5698F | |
Source: | Code function: | 0_2_00C4D076 | |
Source: | Code function: | 0_2_00C4D3A9 | |
Source: | Code function: | 0_2_00C59642 | |
Source: | Code function: | 0_2_00C5979D | |
Source: | Code function: | 0_2_00C59B2B | |
Source: | Code function: | 0_2_00C55C97 |
Source: | Code function: | 0_2_00BE42DE |
Source: | Process information queried: | Jump to behavior |
Source: | Code function: | 0_2_00C5EAA2 |
Source: | Code function: | 0_2_00C12622 |
Source: | Code function: | 0_2_00BE42DE |
Source: | Code function: | 0_2_00C04CE8 |
Source: | Code function: | 0_2_00C40B62 |
Source: | Code function: | 0_2_00C12622 | |
Source: | Code function: | 0_2_00C0083F | |
Source: | Code function: | 0_2_00C009D5 | |
Source: | Code function: | 0_2_00C00C21 |
Source: | Code function: | 0_2_00C41201 |
Source: | Code function: | 0_2_00C22BA5 |
Source: | Code function: | 0_2_00C4B226 |
Source: | Code function: | 0_2_00C622DA |
Source: | Code function: | 0_2_00C40B62 |
Source: | Code function: | 0_2_00C41663 |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Source: | Code function: | 0_2_00C00698 |
Source: | Code function: | 0_2_00C58195 |
Source: | Code function: | 0_2_00C3D27A |
Source: | Code function: | 0_2_00C1BB6F |
Source: | Code function: | 0_2_00BE42DE |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: | ||
Source: | File source: |
Source: | Code function: | 0_2_00C61204 | |
Source: | Code function: | 0_2_00C61806 |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | 2 Valid Accounts | 1 Native API | 1 DLL Side-Loading | 1 Exploitation for Privilege Escalation | 1 Disable or Modify Tools | 21 Input Capture | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
Credentials | Domains | Default Accounts | Scheduled Task/Job | 2 Valid Accounts | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 21 Input Capture | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | 2 Valid Accounts | 2 Obfuscated Files or Information | Security Account Manager | 1 File and Directory Discovery | SMB/Windows Admin Shares | 3 Clipboard Data | 3 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | 21 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 15 System Information Discovery | Distributed Component Object Model | Input Capture | 4 Application Layer Protocol | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 2 Process Injection | 1 Masquerading | LSA Secrets | 12 Security Software Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | RC Scripts | 2 Valid Accounts | Cached Domain Credentials | 1 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 1 Virtualization/Sandbox Evasion | DCSync | 3 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 21 Access Token Manipulation | Proc Filesystem | 1 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | 2 Process Injection | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
11% | ReversingLabs | |||
100% | Joe Sandbox ML |
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe | ||
0% | URL Reputation | safe |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
youtube-ui.l.google.com | 172.217.16.206 | true | false | unknown | |
www3.l.google.com | 142.250.185.238 | true | false | unknown | |
play.google.com | 142.250.185.78 | true | false | unknown | |
www.google.com | 216.58.206.68 | true | false | unknown | |
youtube.com | 142.250.185.142 | true | false | unknown | |
accounts.youtube.com | unknown | unknown | false | unknown | |
www.youtube.com | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown |
Name | Source | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false | unknown | |||
false | unknown | |||
false | unknown | |||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown | ||
false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
142.250.185.78 | play.google.com | United States | 15169 | GOOGLEUS | false | |
172.217.16.206 | youtube-ui.l.google.com | United States | 15169 | GOOGLEUS | false | |
172.217.18.14 | unknown | United States | 15169 | GOOGLEUS | false | |
142.250.185.238 | www3.l.google.com | United States | 15169 | GOOGLEUS | false | |
216.58.206.68 | www.google.com | United States | 15169 | GOOGLEUS | false | |
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
142.250.185.142 | youtube.com | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.4 |
192.168.2.5 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1523732 |
Start date and time: | 2024-10-02 00:36:07 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 38s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | default.jbs |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 11 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Sample name: | file.exe |
Detection: | MAL |
Classification: | mal64.troj.evad.winEXE@32/30@12/9 |
EGA Information: |
|
HCA Information: |
|
Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 172.217.16.195, 142.250.186.78, 64.233.167.84, 34.104.35.123, 142.250.74.195, 142.250.181.227, 142.250.185.106, 142.250.185.170, 172.217.23.106, 172.217.16.202, 142.250.186.106, 142.250.185.138, 216.58.206.74, 142.250.186.138, 142.250.185.74, 142.250.185.234, 142.250.186.42, 216.58.212.170, 142.250.185.202, 142.250.186.170, 172.217.18.106, 172.217.18.10, 142.250.186.74, 216.58.206.42, 142.250.181.234, 93.184.221.240, 192.229.221.95, 142.250.186.163, 64.233.166.84, 142.250.186.110
- Excluded domains from analysis (whitelisted): clients1.google.com, fs.microsoft.com, accounts.google.com, content-autofill.googleapis.com, slscr.update.microsoft.com, fonts.gstatic.com, ctldl.windowsupdate.com, clientservices.googleapis.com, fe3cr.delivery.mp.microsoft.com, clients2.google.com, ocsp.digicert.com, edgedl.me.gvt1.com, update.googleapis.com, clients.l.google.com, www.gstatic.com, optimizationguide-pa.googleapis.com
- Not all processes where analyzed, report is missing behavior information
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: file.exe
⊘No simulations
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
239.255.255.250 | Get hash | malicious | HTMLPhisher | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | NetSupport RAT, Lsass Dumper, Mimikatz, Nukesped, Quasar, Trickbot, Xmrig | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | HTMLPhisher | Browse | |||
Get hash | malicious | Credential Flusher | Browse | |||
Get hash | malicious | Credential Flusher | Browse |
⊘No context
⊘No context
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
28a2c9bd18a11de089ef85a160da29e4 | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | NetSupport RAT, Lsass Dumper, Mimikatz, Nukesped, Quasar, Trickbot, Xmrig | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | HTMLPhisher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
| ||
Get hash | malicious | Credential Flusher | Browse |
|
⊘No context
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1858 |
Entropy (8bit): | 5.298162049824456 |
Encrypted: | false |
SSDEEP: | 48:o7vGoolL3ALFKphnpiu7xOKAcfO/3d/rYh4vZorw:o/QLUFUL4KA+2y0Mw |
MD5: | CE055F881BDAB4EF6C1C8AA4B3890348 |
SHA1: | 2671741A70E9F5B608F690AAEEA4972003747654 |
SHA-256: | 9B91C23691D6032CDFE28863E369624B2EDB033E1487A1D1BB0977E3590E5462 |
SHA-512: | 8A22250628985C2E570E6FBADFC0D5CB6753F0735130F9E74962A409476C2859C5C81F8A0F5C427A9F13ED399C8E251FA43FF67AD5F16860640D45E7A538E857 |
Malicious: | false |
Reputation: | low |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=iAskyc,ziXSP" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3131 |
Entropy (8bit): | 5.355381206612617 |
Encrypted: | false |
SSDEEP: | 48:o7FEEM3MtH15jNQ8jsK3rnw0dkckTrKEp/OqLE9xz0W5Bzv3M6hIHYA+JITbwrF8:oq675jOArwoAmI/DLaxNPL5m+m6w |
MD5: | E2A7251AD83A0D0634FEA2703D10ED07 |
SHA1: | 90D72011F31FC40D3DA3748F2817F90A29EB5C01 |
SHA-256: | 1079B49C4AAF5C10E4F2E6A086623F40D200A71FF2A1F64E88AA6C91E4BE7A6F |
SHA-512: | CD6D75580EA8BD97CF7C7C0E0BD9D9A54FB6EA7DF1DDB5A95E94D38B260F9EE1425C640839ECD229B8D01E145CF2786CA374D31EC537EB8FE17FF415D5B985F5 |
Malicious: | false |
Reputation: | low |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ZwDk9d,RMhBfe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5430 |
Entropy (8bit): | 3.6534652184263736 |
Encrypted: | false |
SSDEEP: | 48:wIJct3xIAxG/7nvWDtZcdYLtX7B6QXL3aqG8Q:wIJct+A47v+rcqlBPG9B |
MD5: | F3418A443E7D841097C714D69EC4BCB8 |
SHA1: | 49263695F6B0CDD72F45CF1B775E660FDC36C606 |
SHA-256: | 6DA5620880159634213E197FAFCA1DDE0272153BE3E4590818533FAB8D040770 |
SHA-512: | 82D017C4B7EC8E0C46E8B75DA0CA6A52FD8BCE7FCF4E556CBDF16B49FC81BE9953FE7E25A05F63ECD41C7272E8BB0A9FD9AEDF0AC06CB6032330B096B3702563 |
Malicious: | false |
Reputation: | high, very likely benign file |
URL: | https://www.google.com/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 698314 |
Entropy (8bit): | 5.595120835898624 |
Encrypted: | false |
SSDEEP: | 6144:TJvaKtQfcxene0F2HhPM8RGYcBlKmd5r6XISxi7SlncOpYMSrBg5X3O4mAEFD7:TJyKtkIct842ISxXJ09 |
MD5: | F82438F9EAD5F57493C673008EED9E09 |
SHA1: | E4681E68FD66D8C76C6ACBC21E2C45F36FD645BC |
SHA-256: | B4B092F54EAAA82BFAA159B8D61FB867B51C3067CBD60F4904A205A11F503250 |
SHA-512: | 89027A7B1B3A080D40411F2E6E3B62BF57AC60879223566E71BD41D900C17051F0A058EFE04F8F1FED5E05DC54617D7A86F83D21BDED0F79347795C8B980B4B2 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=LEikZe,_b,_tp,byfTOb,lsjVmc/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=n73qwf,SCuOPb,IZT63,vfuNJf,UUJqVe,ws9Tlc,siKnQd,XVq9Qb,STuCOe,njlZCf,m9oV,vjKJJ,y5vRwf,iyZMqd,NTMZac,mzzZzc,rCcCxc,vvMGie,K1ZKnb,ziZ8Mc,b3kMqb,mvkUhe,CMcBD,Fndnac,t2srLd,EN3i8d,z0u0L,xiZRqc,NOeYWe,O6y8ed,L9OGUe,PrPYRd,MpJwZc,qPfo0c,cYShmd,hc6Ubd,Rkm0ef,KUM7Z,oLggrd,inNHtf,L1AAkb,WpP9Yc,lwddkf,gJzDyc,SpsfSb,aC1iue,tUnxGc,aW3pY,ZakeSe,EFQ78c,xQtZb,I6YDgd,zbML3c,zr1jrb,vHEMJe,YHI3We,YTxL4,bSspM,Uas9Hd,zy0vNb,K0PMbc,AvtSve,qmdT9,MY7mZe,xBaz7b,GwYlN,eVCnO,EIOG1e,LDQI" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 22833 |
Entropy (8bit): | 5.425034548615223 |
Encrypted: | false |
SSDEEP: | 384:7lFo6ZEdpgtmyiPixV9OX9gMBpHkHnfst9lZulagGcwYHiRFjJzN7:77o6ZviPixV8xpEHn89l4IgGcwYCRtb7 |
MD5: | 749B18538FE32BFE0815D75F899F5B21 |
SHA1: | AF95A019211AF69F752A43CAA54A83C2AFD41D28 |
SHA-256: | 116B2687C1D5E00DB56A79894AB0C12D4E2E000B9379B7E7AD751B84DF611F3F |
SHA-512: | E4B6F4556AA0FD9979BB52681508F5E26FFB256473803F74F7F5C8D93FA3636D7D0A5835618FBC6123022805CE0D9616A7451A0F302C665E28A6090B5D588505 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,Rkm0ef,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=RqjULd" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4066 |
Entropy (8bit): | 5.363016925556486 |
Encrypted: | false |
SSDEEP: | 96:G2CiFZX5BReR68ujioIRVrqtyzBeTV6SfyAKLif9c7w:bCMZXVeR6jiosVrqtyzBaImyAKw9x |
MD5: | FC5E597D923838E10390DADD12651A81 |
SHA1: | C9959F8D539DB5DF07B8246EC12539B6A9CC101F |
SHA-256: | A7EBD5280C50AE93C061EAE1E9727329E015E97531F8F2D82D0E3EA76ADB37B4 |
SHA-512: | 784CA572808F184A849388723FBB3701E6981D885BBA8A330A933F90BF0B36A2E4A491D4463A27911B1D9F7A7134F23E15F187FC7CB4554EAE9BC252513EED7C |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=sOXFj,q0xTif,ZZ4WUe" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 52280 |
Entropy (8bit): | 7.995413196679271 |
Encrypted: | true |
SSDEEP: | 1536:1rvqtK8DZilXxwJ8mMwAZy7phqsFLdG3B4d:xytBZits8bw4wzbFxG3B4d |
MD5: | F61F0D4D0F968D5BBA39A84C76277E1A |
SHA1: | AA3693EA140ECA418B4B2A30F6A68F6F43B4BEB2 |
SHA-256: | 57147F08949ABABE7DEEF611435AE418475A693E3823769A25C2A39B6EAD9CCC |
SHA-512: | 6C3BD90F709BCF9151C9ED9FFEA55C4F6883E7FDA2A4E26BF018C83FE1CFBE4F4AA0DB080D6D024070D53B2257472C399C8AC44EEFD38B9445640EFA85D5C487 |
Malicious: | false |
URL: | https://fonts.gstatic.com/s/googlesans/v58/4UaRrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iq2vgCI.woff2 |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 9210 |
Entropy (8bit): | 5.404371326611379 |
Encrypted: | false |
SSDEEP: | 192:EEFZpeip4HzZlY0If0Ma23jcUcrhCx6VD1TYPi8:Es/p4jgjUhtD1TY68 |
MD5: | 21E893B65627B397E22619A9F5BB9662 |
SHA1: | F561B0F66211C1E7B22F94B4935C312AB7087E85 |
SHA-256: | FFA9B8BC8EF2CDFF5EB4BA1A0BA1710A253A5B42535E2A369D5026967DCF4673 |
SHA-512: | 3DE3CD6A4E9B06AB3EB324E90A40B5F2AEEA8D7D6A2651C310E993CF79EEB5AC6E2E33C587F46B2DD20CC862354FD1A61AEBB9B990E6805F6629404BA285F8FA |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PrPYRd,Rkm0ef,SCuOPb,STuCOe,SpsfSb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,ZakeSe,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,byfTOb,cYShmd,eVCnO,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,qPfo0c,qmdT9,rCcCxc,siKnQd,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=ltDFwf,SD8Jgb,rmumx,E87wgc,qPYxq,Tbb4sb,pxq3x,f8Gu1e,soHxf,YgOFye,yRXbo,bTi8wc,ywOR5c,PHUIyb" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1460 |
Entropy (8bit): | 5.291808298251231 |
Encrypted: | false |
SSDEEP: | 24:kMYD7DuZvuhqCsNRxoYTY9/qoVk7hz1l2p6vDMW94uEQOeGbCx4VGbgCSFBV87OU:o7DuZWhv6oy12kvwKEeGbC6GbHSh/Hrw |
MD5: | 4CA7ADFE744A690411EA4D3EA8DB9E4B |
SHA1: | 2CF1777A199E25378D330DA68BED1871B5C5BC32 |
SHA-256: | 128129BA736B3094323499B0498A5B3A909C1529717461C34B70080A5B1603BD |
SHA-512: | 8BD3477AF41D1F0FE74AFFCB177BEC0F5F4FDCBBA6BD29D9C2567E6FFDEF5DEB7FF74BF348F33209C39D7BB4958E748DF6731D3DC8F6947352276BC92EAF9E79 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=P6sQOc" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 743936 |
Entropy (8bit): | 5.791086230020914 |
Encrypted: | false |
SSDEEP: | 6144:YVXWBQkPdzg5pTX1ROv/duPzd8C3s891/N:Nfd8j91/N |
MD5: | 1A3606C746E7B1C949D9078E8E8C1244 |
SHA1: | 56A3EB1E93E61ACD7AAD39DC3526CB60E23651B1 |
SHA-256: | 5F49AE5162183E2EF6F082B29EC99F18DB0212B8ADDB03699B1BFB0AC7869742 |
SHA-512: | F2D15243311C472331C5F3F083BB6C18D38EC0247A3F3CBAFD96DBA40E4EAE489CDA04176672E39FE3760EF7347596B2A5EAB0FB0125E881EF514475C99863B9 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/excm=_b,_tp,identifierview/ed=1/dg=0/wt=2/ujg=1/rs=AOaEmlE6O04h0gj7Nu50q-nmaRKM6WWcJw/m=_b,_tp" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 3467 |
Entropy (8bit): | 5.514745431912774 |
Encrypted: | false |
SSDEEP: | 96:ozbld2fNUmeqJNizhNtt1W8t//loyIpXmdVE2w:onSKE8PWe/Cy4X3j |
MD5: | 8DEF399E8355ABC23E64505281005099 |
SHA1: | 24FF74C3AEFD7696D84FF148465DF4B1B60B1696 |
SHA-256: | F128D7218E1286B05DF11310AD3C8F4CF781402698E45448850D2A3A22F5F185 |
SHA-512: | 33721DD47658D8E12ADF6BD9E9316EB89F5B6297927F7FD60F954E04B829DCBF0E1AE6DDD9A3401F45E0011AE4B1397B960C218238A3D0F633A2173D8E604082 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,wg1P6b,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 84 |
Entropy (8bit): | 4.875266466142591 |
Encrypted: | false |
SSDEEP: | 3:DZFJu0+WVTBCq2Bjdw2KsJJuYHSKnZ:lFJuuVTBudw29nu4SKZ |
MD5: | 87B6333E98B7620EA1FF98D1A837A39E |
SHA1: | 105DE6815B0885357DE1414BFC0D77FCC9E924EF |
SHA-256: | DCD3C133C5C40BECD4100BBE6EDAE84C9735E778E4234A5E8395C56FF8A733BA |
SHA-512: | 867D7943D813685FAA76394E53199750C55817E836FD19C933F74D11E9657CE66719A6D6B2E39EE1DE62358BCE364E38A55F4E138DF92337DE6985DDCD5D0994 |
Malicious: | false |
URL: | https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTE3LjAuNTkzOC4xMzISHgmA6QC9dWevzxIFDRkBE_oSBQ3oIX6GEgUN05ioBw==?alt=proto |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 1608 |
Entropy (8bit): | 5.257113147606035 |
Encrypted: | false |
SSDEEP: | 48:o72ZrNZ4yNAbU+15fMxIdf5WENoBCbw7DbG2bEJrw:oyNNAY+1i4HoBNG2Ilw |
MD5: | F06E2DC5CC446B39F878B5F8E4D78418 |
SHA1: | 9F1F34FDD8F8DAB942A9B95D9F720587B6F6AD48 |
SHA-256: | 118E4D2FE7CEF205F9AFC87636554C6D8220882B158333EE3D1990282D158B8F |
SHA-512: | 893C4F883CD1C88C6AAF5A6E7F232D62823A53E1FFDE5C1C52BB066D75781DD041F4D281CDBF18070D921CE862652D8863E2B9D5E0190CFA4128890D62C44168 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=w9hDv,ZDZcre,A7fCU" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 5050 |
Entropy (8bit): | 5.289052544075544 |
Encrypted: | false |
SSDEEP: | 96:o4We0hP7OBFXYvB1sig3Fd8HkaXzLmUrv8Vh1WJlLQXT2v2gqw:655758Fd8HkaPZ0GmAD |
MD5: | 26E26FD11772DFF5C7004BEA334289CC |
SHA1: | 638DAAF541BDE31E95AEE4F8ADA677434D7051DB |
SHA-256: | ADFE3E4960982F5EF4C043052A9990D8683C5FC2B590E817B6B1A5774DDE2CE3 |
SHA-512: | C31929EB6D1C60D6A84A2574FF60490394A6D6F9B354972F3328952F570D80B3F2AEC916B0E1B66DDB1AC056EB75BFAC477E7AF631D0AD1810EDBAF025465D66 |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=A7fCU,AvtSve,CMcBD,E87wgc,EFQ78c,EIOG1e,EN3i8d,Fndnac,GwYlN,I6YDgd,IZT63,K0PMbc,K1ZKnb,KUM7Z,L1AAkb,L9OGUe,LDQI,LEikZe,MY7mZe,MpJwZc,NOeYWe,NTMZac,O6y8ed,P6sQOc,PHUIyb,PrPYRd,RMhBfe,Rkm0ef,RqjULd,SCuOPb,SD8Jgb,STuCOe,SpsfSb,Tbb4sb,UUJqVe,Uas9Hd,WpP9Yc,XVq9Qb,YHI3We,YTxL4,YgOFye,ZDZcre,ZZ4WUe,ZakeSe,ZwDk9d,_b,_tp,aC1iue,aW3pY,b3kMqb,bSspM,bTi8wc,byfTOb,cYShmd,eVCnO,f8Gu1e,gJzDyc,hc6Ubd,iAskyc,inNHtf,iyZMqd,lsjVmc,ltDFwf,lwddkf,m9oV,mvkUhe,mzzZzc,n73qwf,njlZCf,oLggrd,pxq3x,q0xTif,qPYxq,qPfo0c,qmdT9,rCcCxc,rmumx,sOXFj,siKnQd,soHxf,t2srLd,tUnxGc,vHEMJe,vfuNJf,vjKJJ,vvMGie,w9hDv,ws9Tlc,xBaz7b,xQtZb,xiZRqc,y5vRwf,yRXbo,ywOR5c,z0u0L,zbML3c,ziXSP,ziZ8Mc,zr1jrb,zy0vNb/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=wg1P6b" |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 32500 |
Entropy (8bit): | 5.378903546681047 |
Encrypted: | false |
SSDEEP: | 768:zYlbuROstb0e39nKGrkysU0smpu4OLOdzIf1p/5GeSsngurz6aKEEEGo/:zYl61Cysbu4OLOdzIfrIen72ZFo/ |
MD5: | BF4BF9728A7C302FBA5B14F3D0F1878B |
SHA1: | 2607CA7A93710D629400077FF3602CB207E6F53D |
SHA-256: | 8981E7B228DF7D6A8797C0CD1E9B0F1F88337D5F0E1C27A04E7A57D2C4309798 |
SHA-512: | AC9E170FC3AFDC0CF6BB8E926B93EF129A5FAD1BBA51B60BABCF3555E9B652E98F86A00FB099879DED35DD3FFE72ECFA597E20E6CA8CF402BEDEC40F78412EDA |
Malicious: | false |
URL: | "https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.RgRbaBHDctU.es5.O/ck=boq-identity.AccountsSignInUi.gAiX_O5afVA.L.B1.O/am=xIFgKBi2EQjEE54DekBRIOQAAAAAAAAAAKANAAB0DA/d=1/exm=_b,_tp/excm=_b,_tp,identifierview/ed=1/wt=2/ujg=1/rs=AOaEmlG_aYNE-Dz95N0OV63231Yfi4Jf5g/ee=ASJRFf:DAnQ7e;Al0B8:kibjWe;DaIJ8c:iAskyc;EVNhjf:pw70Gc;EkYFhd:GwYlN;EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SMDL4c:K0PMbc;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;UpnZUd:nnwwYc;Uvc8o:VDovNc;XdiAjb:NLiXbe;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;nAFL3:NTMZac;nTuGK:JKNPM;oGtAuc:sOXFj;oSUNyd:K0PMbc;oXZmbc:tUnxGc;pXdRYb:L9OGUe;qafBPd:yDVVkb;qddgKe:xQtZb;vNjB7d:YTxL4;wR5FRb:siKnQd;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe" |
Preview: |
File type: | |
Entropy (8bit): | 6.581089870788196 |
TrID: |
|
File name: | file.exe |
File size: | 918'016 bytes |
MD5: | c3d56c65ad5db36d2dccb9cc2ac8577e |
SHA1: | ff3510dbdd291084aff47d373ff9ee799a258b90 |
SHA256: | 2896008f0fc7eb35149aa261b1b22f85e5529c6dccfe3c54bb128f2f049bc0c2 |
SHA512: | fd8392ea234d3667a8f17b3ab2b3121b1aee665ef7030c66b6141974e03b3196a36f76c1391bb8ee6d205c1f66165f2c4f2cb6299106f6579cd9f1a8734545d9 |
SSDEEP: | 12288:FqDEvFo+yo4DdbbMWu/jrQu4M9lBAlKhQcDGB3cuBNGE6iOrpfe4JdaDgaTTE:FqDEvCTbMWu7rQYlBQcBiT6rprG8anE |
TLSH: | A0159E0273D1C062FFAB92334B5AF6515BBC69260123E61F13981DB9BE701B1563E7A3 |
File Content Preview: | MZ......................@................................... ...........!..L.!This program cannot be run in DOS mode....$.......................j:......j:..C...j:......@.*...............................n.......~.............{.......{.......{.........z.... |
Icon Hash: | aaf3e3e3938382a0 |
Entrypoint: | 0x420577 |
Entrypoint Section: | .text |
Digitally signed: | false |
Imagebase: | 0x400000 |
Subsystem: | windows gui |
Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE, 32BIT_MACHINE |
DLL Characteristics: | DYNAMIC_BASE, TERMINAL_SERVER_AWARE |
Time Stamp: | 0x66FC7618 [Tue Oct 1 22:22:16 2024 UTC] |
TLS Callbacks: | |
CLR (.Net) Version: | |
OS Version Major: | 5 |
OS Version Minor: | 1 |
File Version Major: | 5 |
File Version Minor: | 1 |
Subsystem Version Major: | 5 |
Subsystem Version Minor: | 1 |
Import Hash: | 948cc502fe9226992dce9417f952fce3 |
Instruction |
---|
call 00007F7EBC89FA33h |
jmp 00007F7EBC89F33Fh |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007F7EBC89F51Dh |
mov dword ptr [esi], 0049FDF0h |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FDF8h |
mov dword ptr [ecx], 0049FDF0h |
ret |
push ebp |
mov ebp, esp |
push esi |
push dword ptr [ebp+08h] |
mov esi, ecx |
call 00007F7EBC89F4EAh |
mov dword ptr [esi], 0049FE0Ch |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
and dword ptr [ecx+04h], 00000000h |
mov eax, ecx |
and dword ptr [ecx+08h], 00000000h |
mov dword ptr [ecx+04h], 0049FE14h |
mov dword ptr [ecx], 0049FE0Ch |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
and dword ptr [eax], 00000000h |
and dword ptr [eax+04h], 00000000h |
push eax |
mov eax, dword ptr [ebp+08h] |
add eax, 04h |
push eax |
call 00007F7EBC8A20DDh |
pop ecx |
pop ecx |
mov eax, esi |
pop esi |
pop ebp |
retn 0004h |
lea eax, dword ptr [ecx+04h] |
mov dword ptr [ecx], 0049FDD0h |
push eax |
call 00007F7EBC8A2128h |
pop ecx |
ret |
push ebp |
mov ebp, esp |
push esi |
mov esi, ecx |
lea eax, dword ptr [esi+04h] |
mov dword ptr [esi], 0049FDD0h |
push eax |
call 00007F7EBC8A2111h |
test byte ptr [ebp+08h], 00000001h |
pop ecx |
Programming Language: |
|
Name | Virtual Address | Virtual Size | Is in Section |
---|---|---|---|
IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IMPORT | 0xc8e64 | 0x17c | .rdata |
IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xd4000 | 0x9750 | .rsrc |
IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_BASERELOC | 0xde000 | 0x7594 | .reloc |
IMAGE_DIRECTORY_ENTRY_DEBUG | 0xb0ff0 | 0x1c | .rdata |
IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_TLS | 0xc3400 | 0x18 | .rdata |
IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xb1010 | 0x40 | .rdata |
IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_IAT | 0x9c000 | 0x894 | .rdata |
IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
---|---|---|---|---|---|---|---|---|---|
.text | 0x1000 | 0x9ab1d | 0x9ac00 | 0a1473f3064dcbc32ef93c5c8a90f3a6 | False | 0.565500681542811 | data | 6.668273581389308 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
.rdata | 0x9c000 | 0x2fb82 | 0x2fc00 | c9cf2468b60bf4f80f136ed54b3989fb | False | 0.35289185209424084 | data | 5.691811547483722 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.data | 0xcc000 | 0x706c | 0x4800 | 53b9025d545d65e23295e30afdbd16d9 | False | 0.04356553819444445 | DOS executable (block device driver @\273\) | 0.5846666986982398 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
.rsrc | 0xd4000 | 0x9750 | 0x9800 | 05c5c3185d0f77512415dc3111cc48fc | False | 0.29422800164473684 | data | 5.225835707169579 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
.reloc | 0xde000 | 0x7594 | 0x7600 | c68ee8931a32d45eb82dc450ee40efc3 | False | 0.7628111758474576 | data | 6.7972128181359786 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
---|---|---|---|---|---|---|
RT_ICON | 0xd45a8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
RT_ICON | 0xd46d0 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
RT_ICON | 0xd47f8 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.3885135135135135 |
RT_ICON | 0xd4920 | 0x2e8 | Device independent bitmap graphic, 32 x 64 x 4, image size 0 | English | Great Britain | 0.3333333333333333 |
RT_ICON | 0xd4c08 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 0 | English | Great Britain | 0.5 |
RT_ICON | 0xd4d30 | 0xea8 | Device independent bitmap graphic, 48 x 96 x 8, image size 0 | English | Great Britain | 0.2835820895522388 |
RT_ICON | 0xd5bd8 | 0x8a8 | Device independent bitmap graphic, 32 x 64 x 8, image size 0 | English | Great Britain | 0.37906137184115524 |
RT_ICON | 0xd6480 | 0x568 | Device independent bitmap graphic, 16 x 32 x 8, image size 0 | English | Great Britain | 0.23699421965317918 |
RT_ICON | 0xd69e8 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 0 | English | Great Britain | 0.13858921161825727 |
RT_ICON | 0xd8f90 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 0 | English | Great Britain | 0.25070356472795496 |
RT_ICON | 0xda038 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 0 | English | Great Britain | 0.3173758865248227 |
RT_MENU | 0xda4a0 | 0x50 | data | English | Great Britain | 0.9 |
RT_STRING | 0xda4f0 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
RT_STRING | 0xdaa84 | 0x68a | data | English | Great Britain | 0.2735961768219833 |
RT_STRING | 0xdb110 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
RT_STRING | 0xdb5a0 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
RT_STRING | 0xdbb9c | 0x65c | data | English | Great Britain | 0.34336609336609336 |
RT_STRING | 0xdc1f8 | 0x466 | data | English | Great Britain | 0.3605683836589698 |
RT_STRING | 0xdc660 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
RT_RCDATA | 0xdc7b8 | 0xa18 | data | 1.0042569659442724 | ||
RT_GROUP_ICON | 0xdd1d0 | 0x76 | data | English | Great Britain | 0.6610169491525424 |
RT_GROUP_ICON | 0xdd248 | 0x14 | data | English | Great Britain | 1.25 |
RT_GROUP_ICON | 0xdd25c | 0x14 | data | English | Great Britain | 1.15 |
RT_GROUP_ICON | 0xdd270 | 0x14 | data | English | Great Britain | 1.25 |
RT_VERSION | 0xdd284 | 0xdc | data | English | Great Britain | 0.6181818181818182 |
RT_MANIFEST | 0xdd360 | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
DLL | Import |
---|---|
WSOCK32.dll | gethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect |
VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
MPR.dll | WNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W |
WININET.dll | HttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable |
PSAPI.DLL | GetProcessMemoryInfo |
IPHLPAPI.DLL | IcmpSendEcho, IcmpCloseHandle, IcmpCreateFile |
USERENV.dll | DestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile |
UxTheme.dll | IsThemeActive |
KERNEL32.dll | DuplicateHandle, CreateThread, WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, IsDebuggerPresent, CopyFileExW, MoveFileW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, GetCurrentThread, EnterCriticalSection, LeaveCriticalSection, GetStdHandle, CreatePipe, InterlockedExchange, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, GetCurrentDirectoryW, lstrcmpiW, DecodePointer, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, InterlockedDecrement, InterlockedIncrement, ResetEvent, WaitForSingleObjectEx, IsProcessorFeaturePresent, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetCurrentProcess, CloseHandle, GetFullPathNameW, GetStartupInfoW, GetSystemTimeAsFileTime, InitializeSListHead, RtlUnwind, SetLastError, TlsAlloc, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, SetCurrentDirectoryW, FindNextFileW, WriteConsoleW |
USER32.dll | GetKeyboardLayoutNameW, IsCharAlphaW, IsCharAlphaNumericW, IsCharLowerW, IsCharUpperW, GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, SetMenuDefaultItem, InsertMenuItemW, IsMenu, ClientToScreen, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, SystemParametersInfoW, LockWindowUpdate, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowLongW, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, GetWindowRect, SetUserObjectSecurity, CloseDesktop, CloseWindowStation, OpenDesktopW, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, CloseClipboard, GetClipboardData, IsClipboardFormatAvailable, OpenClipboard, BlockInput, TrackPopupMenuEx, GetMessageW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, DispatchMessageW, keybd_event, TranslateMessage, ScreenToClient |
GDI32.dll | EndPath, DeleteObject, GetTextExtentPoint32W, ExtCreatePen, StrokeAndFillPath, GetDeviceCaps, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, CreateCompatibleBitmap, CreateCompatibleDC, PolyDraw, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, SelectObject, StretchBlt, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StrokePath |
COMDLG32.dll | GetSaveFileNameW, GetOpenFileNameW |
ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegSetValueExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegCreateKeyExW, GetSecurityDescriptorDacl, GetAclInformation, GetUserNameW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW |
SHELL32.dll | DragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW |
ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket |
OLEAUT32.dll | CreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, SysReAllocString, SysFreeString, VariantChangeType, SafeArrayDestroyData, SafeArrayUnaccessData, SafeArrayAccessData, SafeArrayAllocData, SafeArrayAllocDescriptorEx, SafeArrayCreateVector, SysStringLen, QueryPathOfRegTypeLib, SysAllocString, VariantInit, VariantClear, DispCallFunc, VariantTimeToSystemTime, VarR8FromDec, SafeArrayGetVartype, SafeArrayDestroyDescriptor, VariantCopy, OleLoadPicture |
Language of compilation system | Country where language is spoken | Map |
---|---|---|
English | Great Britain |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 00:36:59.963304996 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 00:36:59.963334084 CEST | 443 | 49732 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 00:36:59.963396072 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 00:36:59.964911938 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 00:36:59.964922905 CEST | 443 | 49732 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 00:37:00.624212980 CEST | 443 | 49732 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 00:37:00.664489031 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 00:37:00.698690891 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 00:37:00.698712111 CEST | 443 | 49732 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 00:37:00.699249983 CEST | 443 | 49732 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 00:37:00.699312925 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 00:37:00.700349092 CEST | 443 | 49732 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 00:37:00.700661898 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 00:37:00.704787970 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 00:37:00.704854965 CEST | 443 | 49732 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 00:37:00.709775925 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 00:37:00.709784985 CEST | 443 | 49732 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 00:37:00.758183956 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 00:37:00.919435978 CEST | 443 | 49732 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 00:37:00.919492006 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 00:37:00.919549942 CEST | 443 | 49732 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 00:37:00.919593096 CEST | 443 | 49732 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 00:37:00.919636011 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 00:37:00.924035072 CEST | 49732 | 443 | 192.168.2.4 | 142.250.185.142 |
Oct 2, 2024 00:37:00.924052954 CEST | 443 | 49732 | 142.250.185.142 | 192.168.2.4 |
Oct 2, 2024 00:37:00.940047979 CEST | 49736 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 2, 2024 00:37:00.940085888 CEST | 443 | 49736 | 172.217.16.206 | 192.168.2.4 |
Oct 2, 2024 00:37:00.940145969 CEST | 49736 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 2, 2024 00:37:00.940515995 CEST | 49736 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 2, 2024 00:37:00.940527916 CEST | 443 | 49736 | 172.217.16.206 | 192.168.2.4 |
Oct 2, 2024 00:37:01.596805096 CEST | 443 | 49736 | 172.217.16.206 | 192.168.2.4 |
Oct 2, 2024 00:37:01.597407103 CEST | 49736 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 2, 2024 00:37:01.597443104 CEST | 443 | 49736 | 172.217.16.206 | 192.168.2.4 |
Oct 2, 2024 00:37:01.597834110 CEST | 443 | 49736 | 172.217.16.206 | 192.168.2.4 |
Oct 2, 2024 00:37:01.597902060 CEST | 49736 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 2, 2024 00:37:01.598527908 CEST | 443 | 49736 | 172.217.16.206 | 192.168.2.4 |
Oct 2, 2024 00:37:01.598576069 CEST | 49736 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 2, 2024 00:37:01.600027084 CEST | 49736 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 2, 2024 00:37:01.600086927 CEST | 443 | 49736 | 172.217.16.206 | 192.168.2.4 |
Oct 2, 2024 00:37:01.600531101 CEST | 49736 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 2, 2024 00:37:01.600538015 CEST | 443 | 49736 | 172.217.16.206 | 192.168.2.4 |
Oct 2, 2024 00:37:01.648844004 CEST | 49736 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 2, 2024 00:37:01.896157026 CEST | 443 | 49736 | 172.217.16.206 | 192.168.2.4 |
Oct 2, 2024 00:37:01.896177053 CEST | 443 | 49736 | 172.217.16.206 | 192.168.2.4 |
Oct 2, 2024 00:37:01.896390915 CEST | 49736 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 2, 2024 00:37:01.896410942 CEST | 443 | 49736 | 172.217.16.206 | 192.168.2.4 |
Oct 2, 2024 00:37:01.896456957 CEST | 443 | 49736 | 172.217.16.206 | 192.168.2.4 |
Oct 2, 2024 00:37:01.898791075 CEST | 49736 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 2, 2024 00:37:01.898799896 CEST | 443 | 49736 | 172.217.16.206 | 192.168.2.4 |
Oct 2, 2024 00:37:01.898837090 CEST | 49736 | 443 | 192.168.2.4 | 172.217.16.206 |
Oct 2, 2024 00:37:03.136621952 CEST | 49675 | 443 | 192.168.2.4 | 173.222.162.32 |
Oct 2, 2024 00:37:04.511218071 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:37:04.511257887 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:04.511332035 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:37:04.511641979 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:37:04.511656046 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:04.827030897 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:04.827071905 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:04.827137947 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:04.829629898 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:04.829648018 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:05.172305107 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:05.172584057 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:37:05.172612906 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:05.173477888 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:05.173547983 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:37:05.174513102 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:37:05.174570084 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:05.222276926 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:37:05.222295046 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:05.275913000 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:37:05.498316050 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:05.498379946 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:05.511770964 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:05.511786938 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:05.512020111 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:05.551851988 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:05.725008965 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:05.767412901 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:05.915159941 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:05.915307999 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:05.915368080 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:05.915431976 CEST | 49743 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:05.915451050 CEST | 443 | 49743 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:05.951339006 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:05.951375961 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:05.951495886 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:05.951842070 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:05.951855898 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:06.591196060 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:06.591289043 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:06.592628002 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:06.592642069 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:06.592888117 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:06.594167948 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:06.635413885 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:06.867782116 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:06.867868900 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:06.868029118 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:06.869330883 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:06.869350910 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:06.869359970 CEST | 49745 | 443 | 192.168.2.4 | 184.28.90.27 |
Oct 2, 2024 00:37:06.869364977 CEST | 443 | 49745 | 184.28.90.27 | 192.168.2.4 |
Oct 2, 2024 00:37:08.781060934 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:08.781110048 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:08.781197071 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:08.782109022 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:08.782123089 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.510869026 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.511039972 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.511059046 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.511559963 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.511624098 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.512273073 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.512331963 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.513559103 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.513632059 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.513870955 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.513878107 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.555418968 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.828267097 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.828322887 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.828481913 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.828505993 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.828557968 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.829101086 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.829184055 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.834889889 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.834964991 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.840797901 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.840847015 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.840919018 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.840934992 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.840979099 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.846900940 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.846976995 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.853080034 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.853115082 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.853179932 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.853188992 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.853225946 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.915528059 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.915560007 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.915623903 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.915643930 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.915688038 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.917026997 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.917088985 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.923094034 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.923156023 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.923222065 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.923275948 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.929538965 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.929608107 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.935714006 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.935817957 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.935827971 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.942173004 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.942219019 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.942226887 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.948863029 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.948926926 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.948935032 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.949044943 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.949099064 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.971797943 CEST | 49756 | 443 | 192.168.2.4 | 142.250.185.238 |
Oct 2, 2024 00:37:09.971820116 CEST | 443 | 49756 | 142.250.185.238 | 192.168.2.4 |
Oct 2, 2024 00:37:09.979542017 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:09.979635000 CEST | 443 | 49761 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:09.979681969 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:09.979707956 CEST | 443 | 49762 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:09.979732990 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:09.979794025 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:09.980005980 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:09.980041981 CEST | 443 | 49762 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:09.980175018 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:09.980201006 CEST | 443 | 49761 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:10.611341000 CEST | 443 | 49762 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:10.611505985 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:10.611566067 CEST | 443 | 49762 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:10.611938000 CEST | 443 | 49762 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:10.612009048 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:10.612447023 CEST | 443 | 49761 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:10.612605095 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:10.612622023 CEST | 443 | 49761 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:10.612622976 CEST | 443 | 49762 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:10.612693071 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:10.613037109 CEST | 443 | 49761 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:10.613101959 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:10.613738060 CEST | 443 | 49761 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:10.613795996 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:10.613974094 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:10.614042997 CEST | 443 | 49762 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:10.614043951 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:10.614109039 CEST | 443 | 49761 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:10.614403009 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:10.614418983 CEST | 443 | 49762 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:10.614552021 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:10.614564896 CEST | 443 | 49761 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:10.666850090 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:10.666850090 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.045696974 CEST | 443 | 49762 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.045700073 CEST | 443 | 49761 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.045768023 CEST | 443 | 49762 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.045773029 CEST | 443 | 49761 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.045830965 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.045830965 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.046329975 CEST | 49761 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.046386003 CEST | 443 | 49761 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.046725035 CEST | 49762 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.046739101 CEST | 443 | 49762 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.047596931 CEST | 49764 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.047643900 CEST | 443 | 49764 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.047718048 CEST | 49764 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.048346996 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.048377991 CEST | 443 | 49765 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.048441887 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.049159050 CEST | 49764 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.049175978 CEST | 443 | 49764 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.049518108 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.049535990 CEST | 443 | 49765 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.687915087 CEST | 443 | 49765 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.688076019 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.688097000 CEST | 443 | 49765 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.688499928 CEST | 443 | 49765 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.688564062 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.689238071 CEST | 443 | 49765 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.689311981 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.689415932 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.689483881 CEST | 443 | 49765 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.689505100 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.689518929 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.689553022 CEST | 443 | 49765 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.693293095 CEST | 443 | 49764 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.693463087 CEST | 49764 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.693483114 CEST | 443 | 49764 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.693826914 CEST | 443 | 49764 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.693886995 CEST | 49764 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.694439888 CEST | 443 | 49764 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.694494963 CEST | 49764 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.694598913 CEST | 49764 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.694654942 CEST | 443 | 49764 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.694689035 CEST | 49764 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.694689035 CEST | 49764 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.694705963 CEST | 443 | 49764 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.742820024 CEST | 49764 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.742831945 CEST | 443 | 49764 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.742990017 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.743016958 CEST | 443 | 49765 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.789671898 CEST | 49764 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.789884090 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.910422087 CEST | 443 | 49765 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.911633968 CEST | 443 | 49765 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.911711931 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.912476063 CEST | 49765 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.912489891 CEST | 443 | 49765 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.916533947 CEST | 443 | 49764 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.917402029 CEST | 443 | 49764 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.917457104 CEST | 49764 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.917952061 CEST | 49764 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:11.917965889 CEST | 443 | 49764 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:11.972606897 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:37:12.015403986 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:12.244535923 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:12.244575977 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:12.244607925 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:12.244626999 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:37:12.244637966 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:12.244647980 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:12.244680882 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:37:12.245086908 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:12.245134115 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:37:12.246823072 CEST | 49741 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:37:12.246836901 CEST | 443 | 49741 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:37:16.007482052 CEST | 49773 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:16.007519960 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:16.007589102 CEST | 49773 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:16.008997917 CEST | 49773 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:16.009010077 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:16.802949905 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:16.803029060 CEST | 49773 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:16.806083918 CEST | 49773 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:16.806098938 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:16.806343079 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:16.851972103 CEST | 49773 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:17.525223017 CEST | 49773 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:17.567414999 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:17.783807039 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:17.783828974 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:17.783835888 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:17.783843994 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:17.783874035 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:17.783946991 CEST | 49773 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:17.783967972 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:17.783978939 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:17.784058094 CEST | 49773 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:17.784575939 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:17.784617901 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:17.785067081 CEST | 49773 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:17.903388977 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:17.903435946 CEST | 443 | 49778 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:17.904299021 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:17.904524088 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:17.904539108 CEST | 443 | 49778 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:18.436394930 CEST | 49773 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:18.436425924 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:18.436436892 CEST | 49773 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:18.436441898 CEST | 443 | 49773 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:18.565063000 CEST | 443 | 49778 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:18.565541983 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:18.565567017 CEST | 443 | 49778 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:18.565877914 CEST | 443 | 49778 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:18.566210985 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:18.566268921 CEST | 443 | 49778 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:18.566370964 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:18.566389084 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:18.566395044 CEST | 443 | 49778 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:18.896766901 CEST | 443 | 49778 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:18.897907019 CEST | 443 | 49778 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:18.897964001 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:18.898576975 CEST | 49778 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:18.898602009 CEST | 443 | 49778 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:19.488193989 CEST | 80 | 49723 | 178.79.238.128 | 192.168.2.4 |
Oct 2, 2024 00:37:19.488372087 CEST | 49723 | 80 | 192.168.2.4 | 178.79.238.128 |
Oct 2, 2024 00:37:19.488372087 CEST | 49723 | 80 | 192.168.2.4 | 178.79.238.128 |
Oct 2, 2024 00:37:19.493400097 CEST | 80 | 49723 | 178.79.238.128 | 192.168.2.4 |
Oct 2, 2024 00:37:34.266509056 CEST | 80 | 49724 | 178.79.238.128 | 192.168.2.4 |
Oct 2, 2024 00:37:34.266740084 CEST | 49724 | 80 | 192.168.2.4 | 178.79.238.128 |
Oct 2, 2024 00:37:34.266741037 CEST | 49724 | 80 | 192.168.2.4 | 178.79.238.128 |
Oct 2, 2024 00:37:34.272249937 CEST | 80 | 49724 | 178.79.238.128 | 192.168.2.4 |
Oct 2, 2024 00:37:40.246722937 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:40.246763945 CEST | 443 | 49781 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:40.246886015 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:40.247143030 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:40.247157097 CEST | 443 | 49781 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:40.276688099 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:40.276699066 CEST | 443 | 49782 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:40.276834965 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:40.277024984 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:40.277034044 CEST | 443 | 49782 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:40.885062933 CEST | 443 | 49781 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:40.885364056 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:40.885396957 CEST | 443 | 49781 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:40.885727882 CEST | 443 | 49781 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:40.886305094 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:40.886365891 CEST | 443 | 49781 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:40.886472940 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:40.886511087 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:40.886516094 CEST | 443 | 49781 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.029211998 CEST | 443 | 49782 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.029450893 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.029472113 CEST | 443 | 49782 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.030774117 CEST | 443 | 49782 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.031096935 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.031253099 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.031260014 CEST | 443 | 49782 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.031269073 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.031276941 CEST | 443 | 49782 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.069252968 CEST | 49784 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.069314003 CEST | 443 | 49784 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.069444895 CEST | 49784 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.069824934 CEST | 49784 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.069838047 CEST | 443 | 49784 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.071407080 CEST | 443 | 49782 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.083791018 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.184998035 CEST | 443 | 49781 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.185115099 CEST | 443 | 49781 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.185169935 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.185496092 CEST | 49781 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.185511112 CEST | 443 | 49781 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.331057072 CEST | 443 | 49782 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.332254887 CEST | 443 | 49782 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.332360983 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.332643032 CEST | 49782 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.332663059 CEST | 443 | 49782 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.719075918 CEST | 443 | 49784 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.719294071 CEST | 49784 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.719307899 CEST | 443 | 49784 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.719624996 CEST | 443 | 49784 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.719871998 CEST | 49784 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.719927073 CEST | 443 | 49784 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.719985962 CEST | 49784 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.720000982 CEST | 49784 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.720009089 CEST | 443 | 49784 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.943229914 CEST | 443 | 49784 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.943947077 CEST | 443 | 49784 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:41.944035053 CEST | 49784 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.944282055 CEST | 49784 | 443 | 192.168.2.4 | 142.250.185.78 |
Oct 2, 2024 00:37:41.944298983 CEST | 443 | 49784 | 142.250.185.78 | 192.168.2.4 |
Oct 2, 2024 00:37:55.075081110 CEST | 49785 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:55.075141907 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:55.075231075 CEST | 49785 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:55.075753927 CEST | 49785 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:55.075768948 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:55.845032930 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:55.845171928 CEST | 49785 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:55.849387884 CEST | 49785 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:55.849399090 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:55.849704027 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:55.859458923 CEST | 49785 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:55.907397985 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:56.165668964 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:56.165712118 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:56.165730953 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:56.165788889 CEST | 49785 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:56.165819883 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:56.165837049 CEST | 49785 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:56.165872097 CEST | 49785 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:56.167252064 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:56.167289019 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:56.167315960 CEST | 49785 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:56.167325020 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:56.167346001 CEST | 49785 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:56.167352915 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:56.167393923 CEST | 49785 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:56.170641899 CEST | 49785 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:56.170661926 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:37:56.170676947 CEST | 49785 | 443 | 192.168.2.4 | 4.245.163.56 |
Oct 2, 2024 00:37:56.170684099 CEST | 443 | 49785 | 4.245.163.56 | 192.168.2.4 |
Oct 2, 2024 00:38:04.556451082 CEST | 49787 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:38:04.556519985 CEST | 443 | 49787 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:38:04.556637049 CEST | 49787 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:38:04.557002068 CEST | 49787 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:38:04.557020903 CEST | 443 | 49787 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:38:05.189393044 CEST | 443 | 49787 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:38:05.189894915 CEST | 49787 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:38:05.189927101 CEST | 443 | 49787 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:38:05.190259933 CEST | 443 | 49787 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:38:05.190562010 CEST | 49787 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:38:05.190623045 CEST | 443 | 49787 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:38:05.242683887 CEST | 49787 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:38:10.865025997 CEST | 49789 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:10.865073919 CEST | 443 | 49789 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:10.865140915 CEST | 49789 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:10.865398884 CEST | 49789 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:10.865412951 CEST | 443 | 49789 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.337508917 CEST | 49791 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:11.337635994 CEST | 443 | 49791 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.337738037 CEST | 49791 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:11.338721991 CEST | 49791 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:11.338773966 CEST | 443 | 49791 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.518171072 CEST | 443 | 49789 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.518618107 CEST | 49789 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:11.518630028 CEST | 443 | 49789 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.519135952 CEST | 443 | 49789 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.519438028 CEST | 49789 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:11.519526005 CEST | 443 | 49789 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.519612074 CEST | 49789 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:11.519623995 CEST | 49789 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:11.519639015 CEST | 443 | 49789 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.821962118 CEST | 443 | 49789 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.822628975 CEST | 443 | 49789 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.822695971 CEST | 49789 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:11.822815895 CEST | 49789 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:11.822830915 CEST | 443 | 49789 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.994741917 CEST | 443 | 49791 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.995105028 CEST | 49791 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:11.995162964 CEST | 443 | 49791 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.995498896 CEST | 443 | 49791 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.995804071 CEST | 49791 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:11.995871067 CEST | 443 | 49791 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:11.995976925 CEST | 49791 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:11.996015072 CEST | 49791 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:11.996026993 CEST | 443 | 49791 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:12.299196005 CEST | 443 | 49791 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:12.299478054 CEST | 443 | 49791 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:12.299643040 CEST | 49791 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:12.301008940 CEST | 49791 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:12.301053047 CEST | 443 | 49791 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:15.105006933 CEST | 443 | 49787 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:38:15.105078936 CEST | 443 | 49787 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:38:15.105223894 CEST | 49787 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:38:28.791915894 CEST | 49787 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:38:28.791953087 CEST | 443 | 49787 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:38:40.902496099 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:40.902601957 CEST | 443 | 49793 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:40.902707100 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:40.902977943 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:40.903002024 CEST | 443 | 49793 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:41.536688089 CEST | 443 | 49793 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:41.537101030 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:41.537127018 CEST | 443 | 49793 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:41.537492990 CEST | 443 | 49793 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:41.537887096 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:41.537945032 CEST | 443 | 49793 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:41.537965059 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:41.537997961 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:41.538006067 CEST | 443 | 49793 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:41.835728884 CEST | 443 | 49793 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:41.835917950 CEST | 443 | 49793 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:41.835973024 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:41.836328030 CEST | 49793 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:41.836368084 CEST | 443 | 49793 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:43.026493073 CEST | 49794 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:43.026586056 CEST | 443 | 49794 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:43.026683092 CEST | 49794 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:43.026958942 CEST | 49794 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:43.026995897 CEST | 443 | 49794 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:43.683300972 CEST | 443 | 49794 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:43.683585882 CEST | 49794 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:43.683629990 CEST | 443 | 49794 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:43.684006929 CEST | 443 | 49794 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:43.684416056 CEST | 49794 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:43.684479952 CEST | 443 | 49794 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:43.684598923 CEST | 49794 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:43.684634924 CEST | 49794 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:43.684645891 CEST | 443 | 49794 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:43.989069939 CEST | 443 | 49794 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:43.990092993 CEST | 443 | 49794 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:38:43.990168095 CEST | 49794 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:43.990312099 CEST | 49794 | 443 | 192.168.2.4 | 172.217.18.14 |
Oct 2, 2024 00:38:43.990341902 CEST | 443 | 49794 | 172.217.18.14 | 192.168.2.4 |
Oct 2, 2024 00:39:04.613444090 CEST | 49795 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:39:04.613488913 CEST | 443 | 49795 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:39:04.613553047 CEST | 49795 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:39:04.613857031 CEST | 49795 | 443 | 192.168.2.4 | 216.58.206.68 |
Oct 2, 2024 00:39:04.613871098 CEST | 443 | 49795 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:39:05.333673000 CEST | 443 | 49795 | 216.58.206.68 | 192.168.2.4 |
Oct 2, 2024 00:39:05.383543015 CEST | 49795 | 443 | 192.168.2.4 | 216.58.206.68 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 00:36:59.895057917 CEST | 57480 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 00:36:59.895212889 CEST | 49395 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 00:36:59.900965929 CEST | 53 | 50838 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:36:59.901743889 CEST | 53 | 57480 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:36:59.902152061 CEST | 53 | 49395 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:36:59.904505014 CEST | 53 | 50168 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:00.927470922 CEST | 60737 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 00:37:00.927601099 CEST | 55807 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 00:37:00.934422016 CEST | 53 | 55807 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:00.934827089 CEST | 53 | 60737 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:00.981393099 CEST | 53 | 52859 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:04.503001928 CEST | 52285 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 00:37:04.503262997 CEST | 56062 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 00:37:04.509757996 CEST | 53 | 52285 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:04.510097027 CEST | 53 | 56062 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:06.244436979 CEST | 53 | 50892 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:08.770756006 CEST | 49346 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 00:37:08.770922899 CEST | 49693 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 00:37:08.779064894 CEST | 53 | 49346 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:08.780227900 CEST | 53 | 49693 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:09.876513958 CEST | 62979 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 00:37:09.876707077 CEST | 49974 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 00:37:09.885452032 CEST | 53 | 49974 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:09.885493994 CEST | 53 | 62979 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:12.387917042 CEST | 53 | 63815 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:17.906400919 CEST | 53 | 60300 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:20.171458006 CEST | 138 | 138 | 192.168.2.4 | 192.168.2.255 |
Oct 2, 2024 00:37:36.643400908 CEST | 53 | 61742 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:59.264184952 CEST | 53 | 54164 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:37:59.800369978 CEST | 53 | 58141 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:38:07.895442963 CEST | 53 | 63779 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:38:10.857079029 CEST | 60399 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 00:38:10.857225895 CEST | 54172 | 53 | 192.168.2.4 | 1.1.1.1 |
Oct 2, 2024 00:38:10.864363909 CEST | 53 | 60399 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:38:10.864626884 CEST | 53 | 54172 | 1.1.1.1 | 192.168.2.4 |
Oct 2, 2024 00:38:28.799439907 CEST | 53 | 58098 | 1.1.1.1 | 192.168.2.4 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 2, 2024 00:36:59.895057917 CEST | 192.168.2.4 | 1.1.1.1 | 0x51d7 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 00:36:59.895212889 CEST | 192.168.2.4 | 1.1.1.1 | 0x9d16 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 00:37:00.927470922 CEST | 192.168.2.4 | 1.1.1.1 | 0x4db5 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 00:37:00.927601099 CEST | 192.168.2.4 | 1.1.1.1 | 0xa65d | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 00:37:04.503001928 CEST | 192.168.2.4 | 1.1.1.1 | 0xb921 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 00:37:04.503262997 CEST | 192.168.2.4 | 1.1.1.1 | 0x28ca | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 00:37:08.770756006 CEST | 192.168.2.4 | 1.1.1.1 | 0xf349 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 00:37:08.770922899 CEST | 192.168.2.4 | 1.1.1.1 | 0x5cbd | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 00:37:09.876513958 CEST | 192.168.2.4 | 1.1.1.1 | 0xa64a | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 00:37:09.876707077 CEST | 192.168.2.4 | 1.1.1.1 | 0x2fb0 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 00:38:10.857079029 CEST | 192.168.2.4 | 1.1.1.1 | 0x7d40 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 00:38:10.857225895 CEST | 192.168.2.4 | 1.1.1.1 | 0xf9b1 | Standard query (0) | 65 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 2, 2024 00:36:59.901743889 CEST | 1.1.1.1 | 192.168.2.4 | 0x51d7 | No error (0) | 142.250.185.142 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:36:59.902152061 CEST | 1.1.1.1 | 192.168.2.4 | 0x9d16 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 00:37:00.934422016 CEST | 1.1.1.1 | 192.168.2.4 | 0xa65d | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934422016 CEST | 1.1.1.1 | 192.168.2.4 | 0xa65d | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | youtube-ui.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 172.217.16.206 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 142.250.74.206 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 142.250.186.142 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 142.250.181.238 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 142.250.185.110 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 216.58.212.174 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 142.250.185.78 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 172.217.18.14 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 216.58.206.78 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 142.250.186.46 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 142.250.186.174 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 142.250.186.110 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 216.58.212.142 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 142.250.186.78 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 216.58.206.46 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:00.934827089 CEST | 1.1.1.1 | 192.168.2.4 | 0x4db5 | No error (0) | 172.217.18.110 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:04.509757996 CEST | 1.1.1.1 | 192.168.2.4 | 0xb921 | No error (0) | 216.58.206.68 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:04.510097027 CEST | 1.1.1.1 | 192.168.2.4 | 0x28ca | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 00:37:08.779064894 CEST | 1.1.1.1 | 192.168.2.4 | 0xf349 | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:08.779064894 CEST | 1.1.1.1 | 192.168.2.4 | 0xf349 | No error (0) | 142.250.185.238 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:08.780227900 CEST | 1.1.1.1 | 192.168.2.4 | 0x5cbd | No error (0) | www3.l.google.com | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 00:37:09.885493994 CEST | 1.1.1.1 | 192.168.2.4 | 0xa64a | No error (0) | 142.250.185.78 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 00:38:10.864363909 CEST | 1.1.1.1 | 192.168.2.4 | 0x7d40 | No error (0) | 172.217.18.14 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.4 | 49732 | 142.250.185.142 | 443 | 7528 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-01 22:37:00 UTC | 851 | OUT | |
2024-10-01 22:37:00 UTC | 1704 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.4 | 49736 | 172.217.16.206 | 443 | 7528 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-01 22:37:01 UTC | 869 | OUT | |
2024-10-01 22:37:01 UTC | 2656 | IN |