Windows
Analysis Report
http://click.accesstrade.in.th/adv.php?rk=0004x800047v&url=https:**Ameatmsges.com__;Ly8!!A-_UObntj2w!QaK8Ys2rrckFvtTznas14mFLr084cyakGdHbg8v4lH7s_u2wOega8D9cHQmr_DS-qRAXTDGQjTVtl8BWj6uUFmWXCwuTnfPR1yWFgw$
Overview
General Information
Detection
Score: | 1 |
Range: | 0 - 100 |
Whitelisted: | false |
Confidence: | 80% |
Signatures
Classification
- System is w10x64
- chrome.exe (PID: 1656 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --st art-maximi zed "about :blank" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4) - chrome.exe (PID: 7104 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" --ty pe=utility --utility -sub-type= network.mo jom.Networ kService - -lang=en-U S --servic e-sandbox- type=none --mojo-pla tform-chan nel-handle =2132 --fi eld-trial- handle=200 4,i,474202 2834634490 862,740276 8169162969 925,262144 --disable -features= Optimizati onGuideMod elDownload ing,Optimi zationHint s,Optimiza tionHintsF etching,Op timization TargetPred iction /pr efetch:8 MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- chrome.exe (PID: 1988 cmdline:
"C:\Progra m Files\Go ogle\Chrom e\Applicat ion\chrome .exe" "htt p://click. accesstrad e.in.th/ad v.php?rk=0 004x800047 v&url=http s:**Ameatm sges.com__ ;Ly8!!A-_U Obntj2w!Qa K8Ys2rrckF vtTznas14m FLr084cyak GdHbg8v4lH 7s_u2wOega 8D9cHQmr_D S-qRAXTDGQ jTVtl8BWj6 uUFmWXCwuT nfPR1yWFgw $" MD5: 45DE480806D1B5D462A7DDE4DCEFC4E4)
- cleanup
Click to jump to signature section
There are no malicious signatures, click here to show all signatures.
Source: | HTTP Parser: |
Source: | HTTPS traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | TCP traffic: |
Source: | HTTPS traffic detected: |
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | TCP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: | ||
Source: | HTTP traffic detected: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | HTTP traffic detected: |
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: | ||
Source: | Network traffic detected: |
Source: | HTTPS traffic detected: | ||
Source: | HTTPS traffic detected: |
Source: | Classification label: |
Source: | File created: | Jump to behavior |
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | |||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior | ||
Source: | Process created: | Jump to behavior |
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: | ||
Source: | LNK file: |
Source: | Window detected: |
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior | ||
Source: | File created: | Jump to behavior |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | Acquire Infrastructure | Valid Accounts | Windows Management Instrumentation | 1 Registry Run Keys / Startup Folder | 1 Process Injection | 1 Masquerading | OS Credential Dumping | System Service Discovery | Remote Services | Data from Local System | 1 Encrypted Channel | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | 1 Registry Run Keys / Startup Folder | 1 Process Injection | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 3 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 4 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | Binary Padding | NTDS | System Network Configuration Discovery | Distributed Component Object Model | Input Capture | 3 Ingress Tool Transfer | Traffic Duplication | Data Destruction |
This section contains all screenshots as thumbnails, including those not shown in the slideshow.
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
bg.microsoft.map.fastly.net | 199.232.214.172 | true | false | unknown | |
click.accesstrade.in.th | 13.251.73.35 | true | false | unknown | |
www.google.com | 172.217.18.4 | true | false | unknown | |
fp2e7a.wpc.phicdn.net | 192.229.221.95 | true | false | unknown | |
18.31.95.13.in-addr.arpa | unknown | unknown | false | unknown |
Name | Malicious | Antivirus Detection | Reputation |
---|---|---|---|
false | unknown | ||
false | unknown | ||
false | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
239.255.255.250 | unknown | Reserved | unknown | unknown | false | |
13.251.73.35 | click.accesstrade.in.th | United States | 16509 | AMAZON-02US | false | |
172.217.18.4 | www.google.com | United States | 15169 | GOOGLEUS | false | |
54.251.25.96 | unknown | United States | 16509 | AMAZON-02US | false | |
142.250.81.228 | unknown | United States | 15169 | GOOGLEUS | false |
IP |
---|
192.168.2.8 |
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1524332 |
Start date and time: | 2024-10-02 17:32:14 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 4m 12s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | browseurl.jbs |
Sample URL: | http://click.accesstrade.in.th/adv.php?rk=0004x800047v&url=https:**Ameatmsges.com__;Ly8!!A-_UObntj2w!QaK8Ys2rrckFvtTznas14mFLr084cyakGdHbg8v4lH7s_u2wOega8D9cHQmr_DS-qRAXTDGQjTVtl8BWj6uUFmWXCwuTnfPR1yWFgw$ |
Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
Number of analysed new started processes analysed: | 10 |
Number of new started drivers analysed: | 0 |
Number of existing processes analysed: | 0 |
Number of existing drivers analysed: | 0 |
Number of injected processes analysed: | 0 |
Technologies: |
|
Analysis Mode: | default |
Analysis stop reason: | Timeout |
Detection: | CLEAN |
Classification: | clean1.win@17/13@11/6 |
- Exclude process from analysis (whitelisted): MpCmdRun.exe, dllhost.exe, SIHClient.exe, conhost.exe, svchost.exe
- Excluded IPs from analysis (whitelisted): 142.250.186.163, 142.250.185.206, 173.194.76.84, 34.104.35.123, 52.165.165.26, 199.232.214.172, 192.229.221.95, 13.85.23.206, 13.95.31.18, 20.114.59.183, 142.250.184.195
- Excluded domains from analysis (whitelisted): fs.microsoft.com, accounts.google.com, slscr.update.microsoft.com, ctldl.windowsupdate.com.delivery.microsoft.com, clientservices.googleapis.com, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com, fe3.delivery.mp.microsoft.com, clients2.google.com, edgedl.me.gvt1.com, ocsp.digicert.com, ocsp.edge.digicert.com, glb.cws.prod.dcat.dsp.trafficmanager.net, sls.update.microsoft.com, update.googleapis.com, clients.l.google.com, wu-b-net.trafficmanager.net, glb.sls.prod.dcat.dsp.trafficmanager.net
- Not all processes where analyzed, report is missing behavior information
- Report size getting too big, too many NtSetInformationFile calls found.
- VT rate limit hit for: http://click.accesstrade.in.th/adv.php?rk=0004x800047v&url=https:**Ameatmsges.com__;Ly8!!A-_UObntj2w!QaK8Ys2rrckFvtTznas14mFLr084cyakGdHbg8v4lH7s_u2wOega8D9cHQmr_DS-qRAXTDGQjTVtl8BWj6uUFmWXCwuTnfPR1yWFgw$
Input | Output |
---|---|
URL: https://click.accesstrade.in.th/**Ameatmsges.com__;Ly8!!A-_UObntj2w!QaK8Ys2rrckFvtTznas14mFLr084cyakGdHbg8v4lH7s_u2wOega8D9cHQmr_DS-qRAXTDGQjTVtl8BWj6uUFmWXCwuTnfPR1yWFgw$?atnct1=d645920e395fedad7bbbed0eca3fe2e0&atnct2=bdbfa4c9068bef11c2b43b91c0a60ddb&atn Model: jbxai | |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Docs.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2677 |
Entropy (8bit): | 3.9840694007485555 |
Encrypted: | false |
SSDEEP: | 48:8+0daKT6WdUHPidAKZdA1oehwiZUklqehyy+3:8+mXVdy |
MD5: | 09FC030FE0A6F5EF7F403AE0CA1B5219 |
SHA1: | DCA3323A790EDCC4A8AC6936F2F43C4EB49F4822 |
SHA-256: | C04957BD36D30C66369F1BA2D3FBD63C8D42B53B8DBD16B68A49EDAA42212DD4 |
SHA-512: | B1E5DF71C4EDAB7A2E577B968D72D21027C9C245A81D71286969D381996EDC92D6E586EF82FF8ECD92E685E596C9B09190EED9DC49EF260B2AB5BB0397CBB940 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Gmail.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2679 |
Entropy (8bit): | 4.00150943473987 |
Encrypted: | false |
SSDEEP: | 48:85V0daKT6WdUHPidAKZdA1leh/iZUkAQkqehNy+2:8fmXP9Qoy |
MD5: | 82DE550C5FED11D5F2D9782D1660C662 |
SHA1: | 3733D44F0C9629600F4EAA7B2A59DA6A5F5293BA |
SHA-256: | 360BCBEBE7FB38824FEDA801FB762D8C282460930CBBE2FCDD839D2A9C2A441F |
SHA-512: | 2087E09BEC490C5C211EFACFB31FF11A30ED363A687B1063D4A7029DC517080098688F40666822E5E41C940118E6CD8980492064CDBFECD73D7EBF80C6F493DD |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Google Drive.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2693 |
Entropy (8bit): | 4.01227948969697 |
Encrypted: | false |
SSDEEP: | 48:8k0daKT6WdbHPidAKZdA14t5eh7sFiZUkmgqeh7sDy+BX:8kmXmn5y |
MD5: | 40AFEB9D784AC422EE1D2E1597EE8602 |
SHA1: | 193A11A07E127A24D2906192CAF320CBB063F0D8 |
SHA-256: | 8A902843237BF36252769A6D4A2E735E4B507821651BBFFF2C177AFBAA6DBE13 |
SHA-512: | 65BC090901AA3FBBB6393C6EB575E2495C31AE2EBD51B6B5D481AE34763BAF2D055AAE6F4158F5BD634C7FEBDCA0C4763E3F377E15A50A1920453ECAF7207417 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Sheets.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.9982743797399074 |
Encrypted: | false |
SSDEEP: | 48:8S0daKT6WdUHPidAKZdA16ehDiZUkwqehBy+R:8SmX8Ly |
MD5: | A77679A1343D74A64101DCB27737E4B1 |
SHA1: | AB8464F2CFF090B39CE5DB50F872A565D52A3607 |
SHA-256: | B82571BAD0C667A2E10741A6508752CE3FB797C960B8CD33B8F72F2ED5F3E1E4 |
SHA-512: | 1A54C53CBCBE7E5705642B217E396FEE86FB0DCC394EC7ABF8F99254621CC81DAE7644BC2E0FDFAFE11A5E180D78DCD7A26FDE0768C9234784BF416293C472AA |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\Slides.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2681 |
Entropy (8bit): | 3.987167989581603 |
Encrypted: | false |
SSDEEP: | 48:8j0daKT6WdUHPidAKZdA1UehBiZUk1W1qeh/y+C:8jmXM9fy |
MD5: | 9CBDCB1FD93777AD3D147F51AA09144B |
SHA1: | 7CFBC07C26B925840BF5FBACEA1428A05907438E |
SHA-256: | 207FEF9AED324EB20CED42106E2DEA00081E7FD3A6BFB854E5666D26BCCF2A79 |
SHA-512: | E6972862ADE9A3CE2DF011A362FBE523F938C28329C280E88B9635770D83E41098E26360A1BB8AC629D2689A51369833A31285FF63FF81B024AA4BF7018A92E7 |
Malicious: | false |
Reputation: | low |
Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Chrome Apps\YouTube.lnk
Download File
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 2683 |
Entropy (8bit): | 4.000249195169578 |
Encrypted: | false |
SSDEEP: | 48:8ug0daKT6WdUHPidAKZdA1duTrehOuTbbiZUk5OjqehOuTb5y+yT+:8ugmXJTYTbxWOvTb5y7T |
MD5: | 484B50DFEFA992A5EEC7F99F3AA7DD32 |
SHA1: | 2C75EA131AB5C93F081E99438F66C7F009A98493 |
SHA-256: | CFB7627F575A170C30B5B88DDBC76C021758DA67207F4D7FA709DFBDEAD216D2 |
SHA-512: | 44A1BDFFCE55535737CF2338247CA70BFE3CAA5F64C0AC46B06142F876F963EE39B7C0CD97BBFC097D21221A790BA2FB712D3D9A2B59977FF6985F00FB213582 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 4286 |
Entropy (8bit): | 2.3246444565877185 |
Encrypted: | false |
SSDEEP: | 24:suZ6JyuwUmuXD9BNhJ3q9uWS7/zhNBrU5+pw1YxOzoQ7:H7ubmuXD9BDJ3xWk/zhNBrYgwexOP7 |
MD5: | CD64E018034FABD8C01FB0F6C2810FE9 |
SHA1: | 0885E08BADB57045A6B6D2466C7D2E4A645CC331 |
SHA-256: | 98774AD40253281EFA5F32133A027067E5E2282850EF7A9A49AD7ECD9AE97BAD |
SHA-512: | FDEF03E7BAE9F8345487B96A212F13904D84CA643DAFC539E180780574BC96560B7F01FCCD396D951DC82732494B02C659D57A5BC35B9FD802932035063F878D |
Malicious: | false |
Reputation: | low |
URL: | https://click.accesstrade.in.th/favicon.ico |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 734 |
Entropy (8bit): | 5.696481342189365 |
Encrypted: | false |
SSDEEP: | 12:GrYfXkaJziGjY15VgK6W9UoNqwrto2CHqIiKgK6W9UoNqwrto2Cb:GsfkapiN15VR6ufqqtLCHXiKR6ufqqt8 |
MD5: | 1CDFF3EF1DC4E130012DD81A449BCB65 |
SHA1: | 5214454AE7A0CF2940DAA75C7A5FB7367084BA6B |
SHA-256: | 98C3C1A5DBDF3FA0177E9C2ECFBFF6F4A688C084DA30D862B43387C5812C6B0E |
SHA-512: | D462F4B4D7A200A1D95B957C7D9CC4E36D29A2EEFC4A721807472EA623C88AF5365B7B9D54C908168A54F00A22315E61368D4BA2FF52518944CC7D8D2D18FCFA |
Malicious: | false |
Reputation: | low |
URL: | https://click.accesstrade.in.th/adv.php?rk=0004x800047v&url=https:**Ameatmsges.com__;Ly8!!A-_UObntj2w!QaK8Ys2rrckFvtTznas14mFLr084cyakGdHbg8v4lH7s_u2wOega8D9cHQmr_DS-qRAXTDGQjTVtl8BWj6uUFmWXCwuTnfPR1yWFgw$ |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | dropped |
Size (bytes): | 4286 |
Entropy (8bit): | 2.3246444565877185 |
Encrypted: | false |
SSDEEP: | 24:suZ6JyuwUmuXD9BNhJ3q9uWS7/zhNBrU5+pw1YxOzoQ7:H7ubmuXD9BDJ3xWk/zhNBrYgwexOP7 |
MD5: | CD64E018034FABD8C01FB0F6C2810FE9 |
SHA1: | 0885E08BADB57045A6B6D2466C7D2E4A645CC331 |
SHA-256: | 98774AD40253281EFA5F32133A027067E5E2282850EF7A9A49AD7ECD9AE97BAD |
SHA-512: | FDEF03E7BAE9F8345487B96A212F13904D84CA643DAFC539E180780574BC96560B7F01FCCD396D951DC82732494B02C659D57A5BC35B9FD802932035063F878D |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | C:\Program Files\Google\Chrome\Application\chrome.exe |
File Type: | |
Category: | downloaded |
Size (bytes): | 285 |
Entropy (8bit): | 5.210156731164111 |
Encrypted: | false |
SSDEEP: | 6:pn0+Dy9xwGObRmEr6VnetdzRx3G0CezoIRCwZkeWzEcXaoD:J0+oxBeRmR9etdzRxGezHtZkesEma+ |
MD5: | 5E1BD5770C8936C7AA23B420FA7C9FDF |
SHA1: | 78C0585954CC6A67EA869BFC76D9C595E27314AF |
SHA-256: | 53C4FB9DB6289EA0147A8DCB1518D43F3B8737B8065F97D88AE6853988750306 |
SHA-512: | CB522857EC56B4248B18D3A7497A735195A1EB3BD822196850DCD2E75C2DA62A3485ED6E43A2507598A752EC84336C35105E172A04EF62C413062834222632A3 |
Malicious: | false |
Reputation: | low |
URL: | https://click.accesstrade.in.th/**Ameatmsges.com__;Ly8!!A-_UObntj2w!QaK8Ys2rrckFvtTznas14mFLr084cyakGdHbg8v4lH7s_u2wOega8D9cHQmr_DS-qRAXTDGQjTVtl8BWj6uUFmWXCwuTnfPR1yWFgw$?atnct1=d645920e395fedad7bbbed0eca3fe2e0&atnct2=bdbfa4c9068bef11c2b43b91c0a60ddb&atnct3=u7vJ40004x800047v |
Preview: |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 17:33:12.248164892 CEST | 49673 | 443 | 192.168.2.8 | 23.206.229.226 |
Oct 2, 2024 17:33:12.591907978 CEST | 49672 | 443 | 192.168.2.8 | 23.206.229.226 |
Oct 2, 2024 17:33:14.443363905 CEST | 49676 | 443 | 192.168.2.8 | 52.182.143.211 |
Oct 2, 2024 17:33:17.216938019 CEST | 49677 | 80 | 192.168.2.8 | 192.229.211.108 |
Oct 2, 2024 17:33:19.699604988 CEST | 49710 | 80 | 192.168.2.8 | 13.251.73.35 |
Oct 2, 2024 17:33:19.699698925 CEST | 49711 | 80 | 192.168.2.8 | 13.251.73.35 |
Oct 2, 2024 17:33:19.704564095 CEST | 80 | 49710 | 13.251.73.35 | 192.168.2.8 |
Oct 2, 2024 17:33:19.704659939 CEST | 49710 | 80 | 192.168.2.8 | 13.251.73.35 |
Oct 2, 2024 17:33:19.704699993 CEST | 80 | 49711 | 13.251.73.35 | 192.168.2.8 |
Oct 2, 2024 17:33:19.704757929 CEST | 49711 | 80 | 192.168.2.8 | 13.251.73.35 |
Oct 2, 2024 17:33:19.731035948 CEST | 49712 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:19.731077909 CEST | 443 | 49712 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:19.731158018 CEST | 49712 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:19.731412888 CEST | 49712 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:19.731426954 CEST | 443 | 49712 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:20.773293972 CEST | 443 | 49712 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:20.786087036 CEST | 49712 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:20.786112070 CEST | 443 | 49712 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:20.787277937 CEST | 443 | 49712 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:20.787365913 CEST | 49712 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:20.798283100 CEST | 49712 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:20.798472881 CEST | 443 | 49712 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:20.798722029 CEST | 49712 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:20.798737049 CEST | 443 | 49712 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:20.848906040 CEST | 49712 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:21.507021904 CEST | 443 | 49712 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:21.507309914 CEST | 443 | 49712 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:21.507394075 CEST | 49712 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:21.511029959 CEST | 49712 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:21.511058092 CEST | 443 | 49712 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:21.696793079 CEST | 49715 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:21.696837902 CEST | 443 | 49715 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:21.696907997 CEST | 49715 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:21.697310925 CEST | 49716 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:21.697413921 CEST | 443 | 49716 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:21.697501898 CEST | 49716 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:21.697638035 CEST | 49715 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:21.697654009 CEST | 443 | 49715 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:21.697920084 CEST | 49716 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:21.697957039 CEST | 443 | 49716 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:21.861591101 CEST | 49673 | 443 | 192.168.2.8 | 23.206.229.226 |
Oct 2, 2024 17:33:22.196963072 CEST | 49672 | 443 | 192.168.2.8 | 23.206.229.226 |
Oct 2, 2024 17:33:22.379614115 CEST | 49717 | 443 | 192.168.2.8 | 172.217.18.4 |
Oct 2, 2024 17:33:22.379683018 CEST | 443 | 49717 | 172.217.18.4 | 192.168.2.8 |
Oct 2, 2024 17:33:22.379750013 CEST | 49717 | 443 | 192.168.2.8 | 172.217.18.4 |
Oct 2, 2024 17:33:22.380764961 CEST | 49717 | 443 | 192.168.2.8 | 172.217.18.4 |
Oct 2, 2024 17:33:22.380783081 CEST | 443 | 49717 | 172.217.18.4 | 192.168.2.8 |
Oct 2, 2024 17:33:22.715977907 CEST | 443 | 49716 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:22.726733923 CEST | 443 | 49715 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:22.754750013 CEST | 49715 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:22.754792929 CEST | 443 | 49715 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:22.754981041 CEST | 49716 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:22.755023003 CEST | 443 | 49716 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:22.755348921 CEST | 443 | 49715 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:22.756056070 CEST | 49715 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:22.756135941 CEST | 443 | 49715 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:22.756230116 CEST | 49715 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:22.756448984 CEST | 443 | 49716 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:22.757327080 CEST | 49716 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:22.757419109 CEST | 49716 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:22.757432938 CEST | 443 | 49716 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:22.757524014 CEST | 443 | 49716 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:22.803409100 CEST | 443 | 49715 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:22.810205936 CEST | 49715 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:22.810205936 CEST | 49716 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:23.024086952 CEST | 443 | 49717 | 172.217.18.4 | 192.168.2.8 |
Oct 2, 2024 17:33:23.067770004 CEST | 49717 | 443 | 192.168.2.8 | 172.217.18.4 |
Oct 2, 2024 17:33:23.088846922 CEST | 49717 | 443 | 192.168.2.8 | 172.217.18.4 |
Oct 2, 2024 17:33:23.088879108 CEST | 443 | 49717 | 172.217.18.4 | 192.168.2.8 |
Oct 2, 2024 17:33:23.090018034 CEST | 443 | 49717 | 172.217.18.4 | 192.168.2.8 |
Oct 2, 2024 17:33:23.090082884 CEST | 49717 | 443 | 192.168.2.8 | 172.217.18.4 |
Oct 2, 2024 17:33:23.149121046 CEST | 49717 | 443 | 192.168.2.8 | 172.217.18.4 |
Oct 2, 2024 17:33:23.149373055 CEST | 443 | 49717 | 172.217.18.4 | 192.168.2.8 |
Oct 2, 2024 17:33:23.192698956 CEST | 49717 | 443 | 192.168.2.8 | 172.217.18.4 |
Oct 2, 2024 17:33:23.192774057 CEST | 443 | 49717 | 172.217.18.4 | 192.168.2.8 |
Oct 2, 2024 17:33:23.239634991 CEST | 49717 | 443 | 192.168.2.8 | 172.217.18.4 |
Oct 2, 2024 17:33:23.284513950 CEST | 443 | 49716 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:23.284584999 CEST | 443 | 49716 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:23.284651041 CEST | 49716 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:23.284676075 CEST | 443 | 49716 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:23.284750938 CEST | 443 | 49716 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:23.284775972 CEST | 49716 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:23.284837008 CEST | 49716 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:23.295171976 CEST | 443 | 49715 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:23.295336962 CEST | 443 | 49715 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:23.295393944 CEST | 49715 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:23.405388117 CEST | 49715 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:23.405416012 CEST | 443 | 49715 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:23.444358110 CEST | 49716 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:23.444400072 CEST | 443 | 49716 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:23.880584002 CEST | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Oct 2, 2024 17:33:23.880670071 CEST | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Oct 2, 2024 17:33:24.232533932 CEST | 49719 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:24.232568979 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:24.232630968 CEST | 49719 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:24.234612942 CEST | 49719 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:24.234627008 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:25.036009073 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:25.036093950 CEST | 49719 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:25.432864904 CEST | 49719 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:25.432909966 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:25.433640957 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:25.465717077 CEST | 49720 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:25.465796947 CEST | 443 | 49720 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:25.465934992 CEST | 49720 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:25.467158079 CEST | 49721 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:25.467216015 CEST | 443 | 49721 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:25.467361927 CEST | 49721 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:25.467370987 CEST | 49720 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:25.467412949 CEST | 443 | 49720 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:25.467777014 CEST | 49721 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:25.467788935 CEST | 443 | 49721 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:25.505096912 CEST | 49719 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:25.532490015 CEST | 49719 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:25.575417042 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:25.726435900 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:25.726753950 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:25.726807117 CEST | 49719 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:25.726891994 CEST | 49719 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:25.726907969 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:25.726918936 CEST | 49719 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:25.726924896 CEST | 443 | 49719 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:25.761779070 CEST | 49722 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:25.761830091 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:25.761909008 CEST | 49722 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:25.762140989 CEST | 49722 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:25.762157917 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:26.416019917 CEST | 443 | 49720 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.416333914 CEST | 49720 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:26.416357994 CEST | 443 | 49720 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.417382002 CEST | 443 | 49720 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.417438984 CEST | 49720 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:26.418216944 CEST | 49720 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:26.418283939 CEST | 443 | 49720 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.418469906 CEST | 49720 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:26.418479919 CEST | 443 | 49720 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.437973976 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:26.438039064 CEST | 49722 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:26.440690994 CEST | 49722 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:26.440711975 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:26.440994978 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:26.443751097 CEST | 49722 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:26.481143951 CEST | 443 | 49721 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.481394053 CEST | 49721 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:26.481408119 CEST | 443 | 49721 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.482851982 CEST | 443 | 49721 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.482913971 CEST | 49721 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:26.483496904 CEST | 49721 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:26.483568907 CEST | 443 | 49721 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.491400003 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:26.601211071 CEST | 49721 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:26.601243973 CEST | 443 | 49721 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.616735935 CEST | 49720 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:26.710453033 CEST | 49721 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:26.719885111 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:26.719984055 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:26.720030069 CEST | 49722 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:26.720983982 CEST | 49722 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:26.721007109 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:26.721031904 CEST | 49722 | 443 | 192.168.2.8 | 184.28.90.27 |
Oct 2, 2024 17:33:26.721039057 CEST | 443 | 49722 | 184.28.90.27 | 192.168.2.8 |
Oct 2, 2024 17:33:26.994849920 CEST | 443 | 49720 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.994875908 CEST | 443 | 49720 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.995080948 CEST | 49720 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:26.995114088 CEST | 443 | 49720 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.995160103 CEST | 49720 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:26.995497942 CEST | 443 | 49720 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.995559931 CEST | 443 | 49720 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:26.995603085 CEST | 49720 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:27.007169008 CEST | 49720 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:33:27.007205963 CEST | 443 | 49720 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:33:32.927680016 CEST | 443 | 49717 | 172.217.18.4 | 192.168.2.8 |
Oct 2, 2024 17:33:32.927767038 CEST | 443 | 49717 | 172.217.18.4 | 192.168.2.8 |
Oct 2, 2024 17:33:32.927839041 CEST | 49717 | 443 | 192.168.2.8 | 172.217.18.4 |
Oct 2, 2024 17:33:34.551495075 CEST | 49717 | 443 | 192.168.2.8 | 172.217.18.4 |
Oct 2, 2024 17:33:34.551580906 CEST | 443 | 49717 | 172.217.18.4 | 192.168.2.8 |
Oct 2, 2024 17:33:34.671071053 CEST | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Oct 2, 2024 17:33:34.671164989 CEST | 49703 | 443 | 192.168.2.8 | 23.206.229.226 |
Oct 2, 2024 17:33:34.671487093 CEST | 49729 | 443 | 192.168.2.8 | 23.206.229.226 |
Oct 2, 2024 17:33:34.671535969 CEST | 443 | 49729 | 23.206.229.226 | 192.168.2.8 |
Oct 2, 2024 17:33:34.671653032 CEST | 49729 | 443 | 192.168.2.8 | 23.206.229.226 |
Oct 2, 2024 17:33:34.671875000 CEST | 49729 | 443 | 192.168.2.8 | 23.206.229.226 |
Oct 2, 2024 17:33:34.671885967 CEST | 443 | 49729 | 23.206.229.226 | 192.168.2.8 |
Oct 2, 2024 17:33:34.698165894 CEST | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Oct 2, 2024 17:33:34.698182106 CEST | 443 | 49703 | 23.206.229.226 | 192.168.2.8 |
Oct 2, 2024 17:33:35.297557116 CEST | 443 | 49729 | 23.206.229.226 | 192.168.2.8 |
Oct 2, 2024 17:33:35.297667980 CEST | 49729 | 443 | 192.168.2.8 | 23.206.229.226 |
Oct 2, 2024 17:33:45.575515985 CEST | 58262 | 53 | 192.168.2.8 | 162.159.36.2 |
Oct 2, 2024 17:33:45.580398083 CEST | 53 | 58262 | 162.159.36.2 | 192.168.2.8 |
Oct 2, 2024 17:33:45.580461979 CEST | 58262 | 53 | 192.168.2.8 | 162.159.36.2 |
Oct 2, 2024 17:33:45.580560923 CEST | 58262 | 53 | 192.168.2.8 | 162.159.36.2 |
Oct 2, 2024 17:33:45.585556030 CEST | 53 | 58262 | 162.159.36.2 | 192.168.2.8 |
Oct 2, 2024 17:33:46.236073971 CEST | 53 | 58262 | 162.159.36.2 | 192.168.2.8 |
Oct 2, 2024 17:33:46.237406969 CEST | 58262 | 53 | 192.168.2.8 | 162.159.36.2 |
Oct 2, 2024 17:33:46.242463112 CEST | 53 | 58262 | 162.159.36.2 | 192.168.2.8 |
Oct 2, 2024 17:33:46.242510080 CEST | 58262 | 53 | 192.168.2.8 | 162.159.36.2 |
Oct 2, 2024 17:33:54.491679907 CEST | 443 | 49729 | 23.206.229.226 | 192.168.2.8 |
Oct 2, 2024 17:33:54.491743088 CEST | 49729 | 443 | 192.168.2.8 | 23.206.229.226 |
Oct 2, 2024 17:34:04.709481001 CEST | 49710 | 80 | 192.168.2.8 | 13.251.73.35 |
Oct 2, 2024 17:34:04.709489107 CEST | 49711 | 80 | 192.168.2.8 | 13.251.73.35 |
Oct 2, 2024 17:34:04.714674950 CEST | 80 | 49710 | 13.251.73.35 | 192.168.2.8 |
Oct 2, 2024 17:34:04.714720011 CEST | 80 | 49711 | 13.251.73.35 | 192.168.2.8 |
Oct 2, 2024 17:34:11.615730047 CEST | 49721 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:34:11.615748882 CEST | 443 | 49721 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:34:20.429126024 CEST | 49710 | 80 | 192.168.2.8 | 13.251.73.35 |
Oct 2, 2024 17:34:20.429282904 CEST | 49711 | 80 | 192.168.2.8 | 13.251.73.35 |
Oct 2, 2024 17:34:20.434657097 CEST | 80 | 49710 | 13.251.73.35 | 192.168.2.8 |
Oct 2, 2024 17:34:20.434722900 CEST | 49710 | 80 | 192.168.2.8 | 13.251.73.35 |
Oct 2, 2024 17:34:20.435112000 CEST | 80 | 49711 | 13.251.73.35 | 192.168.2.8 |
Oct 2, 2024 17:34:20.435215950 CEST | 49711 | 80 | 192.168.2.8 | 13.251.73.35 |
Oct 2, 2024 17:34:22.423948050 CEST | 51262 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:34:22.428848028 CEST | 53 | 51262 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:34:22.428920984 CEST | 51262 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:34:22.428967953 CEST | 51262 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:34:22.433881044 CEST | 53 | 51262 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:34:23.684447050 CEST | 53 | 51262 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:34:23.684464931 CEST | 53 | 51262 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:34:23.684525967 CEST | 53 | 51262 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:34:23.684528112 CEST | 51262 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:34:23.684557915 CEST | 51262 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:34:23.685810089 CEST | 51262 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:34:23.688791037 CEST | 51263 | 443 | 192.168.2.8 | 142.250.81.228 |
Oct 2, 2024 17:34:23.688829899 CEST | 443 | 51263 | 142.250.81.228 | 192.168.2.8 |
Oct 2, 2024 17:34:23.688941956 CEST | 51263 | 443 | 192.168.2.8 | 142.250.81.228 |
Oct 2, 2024 17:34:23.689986944 CEST | 51263 | 443 | 192.168.2.8 | 142.250.81.228 |
Oct 2, 2024 17:34:23.690001965 CEST | 443 | 51263 | 142.250.81.228 | 192.168.2.8 |
Oct 2, 2024 17:34:23.694847107 CEST | 53 | 51262 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:34:23.694900036 CEST | 51262 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:34:24.159698963 CEST | 443 | 51263 | 142.250.81.228 | 192.168.2.8 |
Oct 2, 2024 17:34:24.160099030 CEST | 51263 | 443 | 192.168.2.8 | 142.250.81.228 |
Oct 2, 2024 17:34:24.160115004 CEST | 443 | 51263 | 142.250.81.228 | 192.168.2.8 |
Oct 2, 2024 17:34:24.160480022 CEST | 443 | 51263 | 142.250.81.228 | 192.168.2.8 |
Oct 2, 2024 17:34:24.161617994 CEST | 51263 | 443 | 192.168.2.8 | 142.250.81.228 |
Oct 2, 2024 17:34:24.161693096 CEST | 443 | 51263 | 142.250.81.228 | 192.168.2.8 |
Oct 2, 2024 17:34:24.209080935 CEST | 51263 | 443 | 192.168.2.8 | 142.250.81.228 |
Oct 2, 2024 17:34:26.297833920 CEST | 443 | 49721 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:34:26.297925949 CEST | 443 | 49721 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:34:26.298203945 CEST | 49721 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:34:26.430892944 CEST | 49721 | 443 | 192.168.2.8 | 54.251.25.96 |
Oct 2, 2024 17:34:26.430926085 CEST | 443 | 49721 | 54.251.25.96 | 192.168.2.8 |
Oct 2, 2024 17:34:34.061717987 CEST | 443 | 51263 | 142.250.81.228 | 192.168.2.8 |
Oct 2, 2024 17:34:34.061798096 CEST | 443 | 51263 | 142.250.81.228 | 192.168.2.8 |
Oct 2, 2024 17:34:34.061918974 CEST | 51263 | 443 | 192.168.2.8 | 142.250.81.228 |
Oct 2, 2024 17:34:34.654763937 CEST | 51263 | 443 | 192.168.2.8 | 142.250.81.228 |
Oct 2, 2024 17:34:34.654800892 CEST | 443 | 51263 | 142.250.81.228 | 192.168.2.8 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 2, 2024 17:33:18.231789112 CEST | 53 | 53734 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:33:18.270572901 CEST | 53 | 64637 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:33:19.263973951 CEST | 53 | 53597 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:33:19.619333029 CEST | 49272 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:33:19.619690895 CEST | 60383 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:33:19.626344919 CEST | 55398 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:33:19.626487017 CEST | 56067 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:33:19.652549982 CEST | 53 | 56067 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:33:19.677310944 CEST | 53 | 49272 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:33:19.730463028 CEST | 53 | 55398 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:33:19.821149111 CEST | 53 | 60383 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:33:22.368104935 CEST | 56958 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:33:22.370652914 CEST | 55470 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:33:22.375911951 CEST | 53 | 56958 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:33:22.377254963 CEST | 53 | 55470 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:33:24.599701881 CEST | 50269 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:33:24.600326061 CEST | 60042 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:33:25.125597954 CEST | 53 | 50269 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:33:25.243037939 CEST | 53 | 60042 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:33:36.529565096 CEST | 53 | 60634 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:33:45.574994087 CEST | 53 | 58935 | 162.159.36.2 | 192.168.2.8 |
Oct 2, 2024 17:33:46.246787071 CEST | 63080 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:33:46.258336067 CEST | 53 | 63080 | 1.1.1.1 | 192.168.2.8 |
Oct 2, 2024 17:33:55.262310982 CEST | 138 | 138 | 192.168.2.8 | 192.168.2.255 |
Oct 2, 2024 17:34:22.415762901 CEST | 65308 | 53 | 192.168.2.8 | 1.1.1.1 |
Oct 2, 2024 17:34:22.423172951 CEST | 53 | 65308 | 1.1.1.1 | 192.168.2.8 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Oct 2, 2024 17:33:19.821892977 CEST | 192.168.2.8 | 1.1.1.1 | c248 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 2, 2024 17:33:19.619333029 CEST | 192.168.2.8 | 1.1.1.1 | 0x8d2c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 17:33:19.619690895 CEST | 192.168.2.8 | 1.1.1.1 | 0x5991 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 17:33:19.626344919 CEST | 192.168.2.8 | 1.1.1.1 | 0x4d54 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 17:33:19.626487017 CEST | 192.168.2.8 | 1.1.1.1 | 0xcca1 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 17:33:22.368104935 CEST | 192.168.2.8 | 1.1.1.1 | 0x9d7d | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 17:33:22.370652914 CEST | 192.168.2.8 | 1.1.1.1 | 0x4111 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 17:33:24.599701881 CEST | 192.168.2.8 | 1.1.1.1 | 0xce | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 17:33:24.600326061 CEST | 192.168.2.8 | 1.1.1.1 | 0x63d8 | Standard query (0) | 65 | IN (0x0001) | false | |
Oct 2, 2024 17:33:46.246787071 CEST | 192.168.2.8 | 1.1.1.1 | 0x414e | Standard query (0) | PTR (Pointer record) | IN (0x0001) | false | |
Oct 2, 2024 17:34:22.415762901 CEST | 192.168.2.8 | 1.1.1.1 | 0x301c | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 2, 2024 17:34:22.428967953 CEST | 192.168.2.8 | 1.1.1.1 | 0x1 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 2, 2024 17:33:19.677310944 CEST | 1.1.1.1 | 192.168.2.8 | 0x8d2c | No error (0) | 13.251.73.35 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:33:19.677310944 CEST | 1.1.1.1 | 192.168.2.8 | 0x8d2c | No error (0) | 54.251.25.96 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:33:19.730463028 CEST | 1.1.1.1 | 192.168.2.8 | 0x4d54 | No error (0) | 54.251.25.96 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:33:19.730463028 CEST | 1.1.1.1 | 192.168.2.8 | 0x4d54 | No error (0) | 13.251.73.35 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:33:22.375911951 CEST | 1.1.1.1 | 192.168.2.8 | 0x9d7d | No error (0) | 172.217.18.4 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:33:22.377254963 CEST | 1.1.1.1 | 192.168.2.8 | 0x4111 | No error (0) | 65 | IN (0x0001) | false | |||
Oct 2, 2024 17:33:25.125597954 CEST | 1.1.1.1 | 192.168.2.8 | 0xce | No error (0) | 54.251.25.96 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:33:25.125597954 CEST | 1.1.1.1 | 192.168.2.8 | 0xce | No error (0) | 13.251.73.35 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:33:30.926745892 CEST | 1.1.1.1 | 192.168.2.8 | 0xf7b3 | No error (0) | 199.232.214.172 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:33:30.926745892 CEST | 1.1.1.1 | 192.168.2.8 | 0xf7b3 | No error (0) | 199.232.210.172 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:33:31.525470972 CEST | 1.1.1.1 | 192.168.2.8 | 0x4541 | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 17:33:31.525470972 CEST | 1.1.1.1 | 192.168.2.8 | 0x4541 | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:33:44.674200058 CEST | 1.1.1.1 | 192.168.2.8 | 0x473c | No error (0) | fp2e7a.wpc.phicdn.net | CNAME (Canonical name) | IN (0x0001) | false | ||
Oct 2, 2024 17:33:44.674200058 CEST | 1.1.1.1 | 192.168.2.8 | 0x473c | No error (0) | 192.229.221.95 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:33:46.258336067 CEST | 1.1.1.1 | 192.168.2.8 | 0x414e | Name error (3) | none | none | PTR (Pointer record) | IN (0x0001) | false | |
Oct 2, 2024 17:34:23.684447050 CEST | 1.1.1.1 | 192.168.2.8 | 0x1 | No error (0) | 142.250.81.228 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:34:23.684464931 CEST | 1.1.1.1 | 192.168.2.8 | 0x1 | No error (0) | 142.250.81.228 | A (IP address) | IN (0x0001) | false | ||
Oct 2, 2024 17:34:23.684525967 CEST | 1.1.1.1 | 192.168.2.8 | 0x1 | No error (0) | 142.250.81.228 | A (IP address) | IN (0x0001) | false |
|
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.8 | 49710 | 13.251.73.35 | 80 | 7104 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Oct 2, 2024 17:34:04.709481001 CEST | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.8 | 49711 | 13.251.73.35 | 80 | 7104 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
Oct 2, 2024 17:34:04.709489107 CEST | 6 | OUT |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
0 | 192.168.2.8 | 49712 | 54.251.25.96 | 443 | 7104 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 15:33:20 UTC | 839 | OUT | |
2024-10-02 15:33:21 UTC | 403 | IN | |
2024-10-02 15:33:21 UTC | 741 | IN | |
2024-10-02 15:33:21 UTC | 5 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
1 | 192.168.2.8 | 49715 | 54.251.25.96 | 443 | 7104 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 15:33:22 UTC | 1158 | OUT | |
2024-10-02 15:33:23 UTC | 180 | IN | |
2024-10-02 15:33:23 UTC | 285 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
2 | 192.168.2.8 | 49716 | 54.251.25.96 | 443 | 7104 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 15:33:22 UTC | 820 | OUT | |
2024-10-02 15:33:23 UTC | 265 | IN | |
2024-10-02 15:33:23 UTC | 4286 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
3 | 192.168.2.8 | 49719 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 15:33:25 UTC | 161 | OUT | |
2024-10-02 15:33:25 UTC | 466 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
4 | 192.168.2.8 | 49720 | 54.251.25.96 | 443 | 7104 | C:\Program Files\Google\Chrome\Application\chrome.exe |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 15:33:26 UTC | 403 | OUT | |
2024-10-02 15:33:26 UTC | 265 | IN | |
2024-10-02 15:33:26 UTC | 4286 | IN |
Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
---|---|---|---|---|---|---|
5 | 192.168.2.8 | 49722 | 184.28.90.27 | 443 |
Timestamp | Bytes transferred | Direction | Data |
---|---|---|---|
2024-10-02 15:33:26 UTC | 239 | OUT | |
2024-10-02 15:33:26 UTC | 514 | IN | |
2024-10-02 15:33:26 UTC | 55 | IN |
Click to jump to process
Click to jump to process
Click to jump to process
Target ID: | 0 |
Start time: | 11:33:12 |
Start date: | 02/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff678760000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 2 |
Start time: | 11:33:16 |
Start date: | 02/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff678760000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | false |
Target ID: | 3 |
Start time: | 11:33:18 |
Start date: | 02/10/2024 |
Path: | C:\Program Files\Google\Chrome\Application\chrome.exe |
Wow64 process (32bit): | false |
Commandline: | |
Imagebase: | 0x7ff678760000 |
File size: | 3'242'272 bytes |
MD5 hash: | 45DE480806D1B5D462A7DDE4DCEFC4E4 |
Has elevated privileges: | true |
Has administrator privileges: | true |
Programmed in: | C, C++ or other language |
Reputation: | low |
Has exited: | true |