Edit tour
Linux
Analysis Report
na.elf
Overview
General Information
Sample name: | na.elf |
Analysis ID: | 1528776 |
MD5: | 615fbcadc5b465ae186b6518b69935a4 |
SHA1: | bb6e32402317621b5b97c733809e8bb0ca0aee67 |
SHA256: | 1f6e95fad67e14cc81fb603ddfbfaa8beca8b0830648d909ce5161fb71461144 |
Tags: | elfMiraiuser-abuse_ch |
Infos: |
Detection
Score: | 64 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Connects to many ports of the same IP (likely port scanning)
Sends malformed DNS queries
Detected TCP or UDP traffic on non-standard ports
Found strings indicative of a multi-platform dropper
Sample has stripped symbol table
Sample listens on a socket
Uses the "uname" system call to query kernel version information (possible evasion)
Classification
Joe Sandbox version: | 41.0.0 Charoite |
Analysis ID: | 1528776 |
Start date and time: | 2024-10-08 10:43:37 +02:00 |
Joe Sandbox product: | CloudBasic |
Overall analysis duration: | 0h 5m 9s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | defaultlinuxfilecookbook.jbs |
Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
Analysis Mode: | default |
Sample name: | na.elf |
Detection: | MAL |
Classification: | mal64.troj.linELF@0/0@39/0 |
Command: | /tmp/na.elf |
PID: | 5483 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | thIs wEek on xLaB lEarNs nOthinG xd |
Standard Error: |
⊘No yara matches
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection |
---|
Source: | Avira: |
Source: | ReversingLabs: |
Source: | String: |
Networking |
---|
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: | ||
Source: | TCP traffic: |
Source: | Socket: | Jump to behavior |
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: | ||
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: | ||
Source: | DNS traffic detected: |
Source: | .symtab present: |
Source: | Classification label: |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: | ||
Source: | Binary or memory string: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | Windows Management Instrumentation | 1 Scripting | Path Interception | Direct Volume Access | OS Credential Dumping | 11 Security Software Discovery | Remote Services | Data from Local System | 1 Non-Standard Port | Exfiltration Over Other Network Medium | Abuse Accessibility Features |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | Rootkit | LSASS Memory | Application Window Discovery | Remote Desktop Protocol | Data from Removable Media | 1 Non-Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | Obfuscated Files or Information | Security Account Manager | Query Registry | SMB/Windows Admin Shares | Data from Network Shared Drive | 1 Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
⊘No configs have been found
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
26% | ReversingLabs | Linux.Backdoor.Mirai | ||
100% | Avira | EXP/ELF.Agent.J.8 |
⊘No Antivirus matches
Source | Detection | Scanner | Label | Link |
---|---|---|---|---|
0% | Virustotal | Browse | ||
7% | Virustotal | Browse | ||
0% | Virustotal | Browse |
⊘No Antivirus matches
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
daisy.ubuntu.com | 162.213.35.25 | true | false |
| unknown |
ru.coziest.lol | 38.60.198.180 | true | true | unknown | |
f.codingdrunk.cc | 38.54.57.248 | true | true |
| unknown |
2joints.libre | 156.244.7.75 | true | true | unknown | |
r3racegame.indy | 154.223.21.228 | true | true | unknown | |
kr3ddnsnet1.indy | 154.223.21.228 | true | true | unknown | |
kr2ddnsnet.dyn | 154.90.62.142 | true | true |
| unknown |
subcarrace.indy | 154.223.21.228 | true | true | unknown | |
nineteen.libre. [malformed] | unknown | unknown | true | unknown | |
imaverygoodbadboy.libre. [malformed] | unknown | unknown | true | unknown | |
fortyfivehundred.dyn. [malformed] | unknown | unknown | true | unknown | |
2joints.libre. [malformed] | unknown | unknown | true | unknown | |
eighteen.pirate | unknown | unknown | true | unknown | |
kr2ddnsnet.dyn. [malformed] | unknown | unknown | true | unknown | |
eighteen.pirate. [malformed] | unknown | unknown | true | unknown | |
r3racegame.indy. [malformed] | unknown | unknown | true | unknown | |
krddnsnet.dyn. [malformed] | unknown | unknown | true | unknown | |
21savage.dyn. [malformed] | unknown | unknown | true | unknown | |
ru.coziest.lol. [malformed] | unknown | unknown | true | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
38.54.57.248 | f.codingdrunk.cc | United States | 174 | COGENT-174US | true | |
154.90.62.142 | kr2ddnsnet.dyn | Seychelles | 40065 | CNSERVERSUS | true | |
156.244.7.75 | 2joints.libre | Seychelles | 132839 | POWERLINE-AS-APPOWERLINEDATACENTERHK | true | |
154.223.21.228 | r3racegame.indy | Seychelles | 134705 | ITACE-AS-APItaceInternationalLimitedHK | true | |
38.60.198.180 | ru.coziest.lol | United States | 174 | COGENT-174US | true |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
154.90.62.142 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
Get hash | malicious | Unknown | Browse | |||
38.60.198.180 | Get hash | malicious | Unknown | Browse | ||
154.223.21.228 | Get hash | malicious | Unknown | Browse | ||
Get hash | malicious | Unknown | Browse |
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
ru.coziest.lol | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
2joints.libre | Get hash | malicious | Unknown | Browse |
| |
f.codingdrunk.cc | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
daisy.ubuntu.com | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
|
Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
---|---|---|---|---|---|---|
POWERLINE-AS-APPOWERLINEDATACENTERHK | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Gafgyt | Browse |
| ||
Get hash | malicious | Gafgyt | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai, Moobot | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
COGENT-174US | Get hash | malicious | Mirai | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
CNSERVERSUS | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | FormBook | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
ITACE-AS-APItaceInternationalLimitedHK | Get hash | malicious | Unknown | Browse |
| |
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Unknown | Browse |
| ||
Get hash | malicious | Mirai | Browse |
| ||
Get hash | malicious | Phisher | Browse |
| ||
Get hash | malicious | BlackMoon | Browse |
| ||
Get hash | malicious | FormBook | Browse |
|
⊘No context
⊘No context
⊘No created / dropped files found
File type: | |
Entropy (8bit): | 5.314107667539213 |
TrID: |
|
File name: | na.elf |
File size: | 68'316 bytes |
MD5: | 615fbcadc5b465ae186b6518b69935a4 |
SHA1: | bb6e32402317621b5b97c733809e8bb0ca0aee67 |
SHA256: | 1f6e95fad67e14cc81fb603ddfbfaa8beca8b0830648d909ce5161fb71461144 |
SHA512: | 381ae92631cd205c4aa683f9720e6f76007b1c0277ded52658c611bad346301fa81dcb6f4a42f3d5453c8734c22028555ac05814f19a7799d9c42690a6f3bbcf |
SSDEEP: | 768:pWgBJUgZSqoScyn5OexTs0SzE6zSyzp4JIerVVmE2w+7OMkM5YM9z7N:wg0gLEyn5Oo6tzauerywULRzR |
TLSH: | 5F63960E3E258FBDF76D873487B34F26D79823C626E1D281D15CD9041E6428EA45FBA8 |
File Content Preview: | .ELF.....................@.`...4.........4. ...(.............@...@...........................E...E.....|..Kx........dt.Q............................<...'......!'.......................<...'......!... ....'9... ......................<...'......!........'9. |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 52 |
Program Header Offset: | 52 |
Program Header Size: | 32 |
Number of Program Headers: | 3 |
Section Header Offset: | 67796 |
Section Header Size: | 40 |
Number of Section Headers: | 13 |
Header String Table Index: | 12 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.init | PROGBITS | 0x400094 | 0x94 | 0x8c | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.text | PROGBITS | 0x400120 | 0x120 | 0xf1e0 | 0x0 | 0x6 | AX | 0 | 0 | 16 |
.fini | PROGBITS | 0x40f300 | 0xf300 | 0x5c | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.rodata | PROGBITS | 0x40f360 | 0xf360 | 0x970 | 0x0 | 0x2 | A | 0 | 0 | 16 |
.ctors | PROGBITS | 0x450000 | 0x10000 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.dtors | PROGBITS | 0x450008 | 0x10008 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data.rel.ro | PROGBITS | 0x450014 | 0x10014 | 0x5c | 0x0 | 0x3 | WA | 0 | 0 | 4 |
.data | PROGBITS | 0x450070 | 0x10070 | 0x340 | 0x0 | 0x3 | WA | 0 | 0 | 16 |
.got | PROGBITS | 0x4503b0 | 0x103b0 | 0x4cc | 0x4 | 0x10000003 | WAp | 0 | 0 | 16 |
.sbss | NOBITS | 0x45087c | 0x1087c | 0x3c | 0x0 | 0x10000003 | WAp | 0 | 0 | 4 |
.bss | NOBITS | 0x4508c0 | 0x1087c | 0x42b8 | 0x0 | 0x3 | WA | 0 | 0 | 16 |
.shstrtab | STRTAB | 0x0 | 0x1087c | 0x56 | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
LOAD | 0x0 | 0x400000 | 0x400000 | 0xfcd0 | 0xfcd0 | 5.3772 | 0x5 | R E | 0x10000 | .init .text .fini .rodata | |
LOAD | 0x10000 | 0x450000 | 0x450000 | 0x87c | 0x4b78 | 3.9577 | 0x6 | RW | 0x10000 | .ctors .dtors .data.rel.ro .data .got .sbss .bss | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x7 | RWE | 0x4 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 8, 2024 10:44:25.085088015 CEST | 41352 | 23789 | 192.168.2.14 | 156.244.7.75 |
Oct 8, 2024 10:44:25.090377092 CEST | 23789 | 41352 | 156.244.7.75 | 192.168.2.14 |
Oct 8, 2024 10:44:25.090449095 CEST | 41352 | 23789 | 192.168.2.14 | 156.244.7.75 |
Oct 8, 2024 10:44:25.095927954 CEST | 23789 | 41352 | 156.244.7.75 | 192.168.2.14 |
Oct 8, 2024 10:44:25.097232103 CEST | 41352 | 23789 | 192.168.2.14 | 156.244.7.75 |
Oct 8, 2024 10:44:25.103317976 CEST | 41352 | 23789 | 192.168.2.14 | 156.244.7.75 |
Oct 8, 2024 10:44:25.103467941 CEST | 41352 | 23789 | 192.168.2.14 | 156.244.7.75 |
Oct 8, 2024 10:44:25.108114958 CEST | 23789 | 41352 | 156.244.7.75 | 192.168.2.14 |
Oct 8, 2024 10:44:25.108185053 CEST | 23789 | 41352 | 156.244.7.75 | 192.168.2.14 |
Oct 8, 2024 10:44:51.626424074 CEST | 44540 | 32876 | 192.168.2.14 | 38.54.57.248 |
Oct 8, 2024 10:44:51.631407976 CEST | 32876 | 44540 | 38.54.57.248 | 192.168.2.14 |
Oct 8, 2024 10:44:51.631519079 CEST | 44540 | 32876 | 192.168.2.14 | 38.54.57.248 |
Oct 8, 2024 10:44:51.631551027 CEST | 44540 | 32876 | 192.168.2.14 | 38.54.57.248 |
Oct 8, 2024 10:44:51.636533022 CEST | 32876 | 44540 | 38.54.57.248 | 192.168.2.14 |
Oct 8, 2024 10:44:51.636889935 CEST | 32876 | 44540 | 38.54.57.248 | 192.168.2.14 |
Oct 8, 2024 10:44:52.660326958 CEST | 54046 | 38429 | 192.168.2.14 | 154.223.21.228 |
Oct 8, 2024 10:44:52.665241957 CEST | 38429 | 54046 | 154.223.21.228 | 192.168.2.14 |
Oct 8, 2024 10:44:52.665360928 CEST | 54046 | 38429 | 192.168.2.14 | 154.223.21.228 |
Oct 8, 2024 10:44:52.665395975 CEST | 54046 | 38429 | 192.168.2.14 | 154.223.21.228 |
Oct 8, 2024 10:44:52.670335054 CEST | 38429 | 54046 | 154.223.21.228 | 192.168.2.14 |
Oct 8, 2024 10:44:52.670612097 CEST | 38429 | 54046 | 154.223.21.228 | 192.168.2.14 |
Oct 8, 2024 10:45:19.410748005 CEST | 57444 | 54123 | 192.168.2.14 | 38.60.198.180 |
Oct 8, 2024 10:45:19.415508986 CEST | 54123 | 57444 | 38.60.198.180 | 192.168.2.14 |
Oct 8, 2024 10:45:19.415708065 CEST | 57444 | 54123 | 192.168.2.14 | 38.60.198.180 |
Oct 8, 2024 10:45:19.415755987 CEST | 57444 | 54123 | 192.168.2.14 | 38.60.198.180 |
Oct 8, 2024 10:45:19.420630932 CEST | 54123 | 57444 | 38.60.198.180 | 192.168.2.14 |
Oct 8, 2024 10:45:19.433497906 CEST | 54123 | 57444 | 38.60.198.180 | 192.168.2.14 |
Oct 8, 2024 10:45:41.194912910 CEST | 41976 | 7193 | 192.168.2.14 | 154.223.21.228 |
Oct 8, 2024 10:45:41.199778080 CEST | 7193 | 41976 | 154.223.21.228 | 192.168.2.14 |
Oct 8, 2024 10:45:41.199871063 CEST | 41976 | 7193 | 192.168.2.14 | 154.223.21.228 |
Oct 8, 2024 10:45:41.200042009 CEST | 41976 | 7193 | 192.168.2.14 | 154.223.21.228 |
Oct 8, 2024 10:45:41.204803944 CEST | 7193 | 41976 | 154.223.21.228 | 192.168.2.14 |
Oct 8, 2024 10:45:41.204849005 CEST | 7193 | 41976 | 154.223.21.228 | 192.168.2.14 |
Oct 8, 2024 10:45:57.438779116 CEST | 47872 | 7193 | 192.168.2.14 | 154.90.62.142 |
Oct 8, 2024 10:45:57.443908930 CEST | 7193 | 47872 | 154.90.62.142 | 192.168.2.14 |
Oct 8, 2024 10:45:57.444040060 CEST | 47872 | 7193 | 192.168.2.14 | 154.90.62.142 |
Oct 8, 2024 10:45:57.444051981 CEST | 47872 | 7193 | 192.168.2.14 | 154.90.62.142 |
Oct 8, 2024 10:45:57.448919058 CEST | 7193 | 47872 | 154.90.62.142 | 192.168.2.14 |
Oct 8, 2024 10:45:57.449238062 CEST | 7193 | 47872 | 154.90.62.142 | 192.168.2.14 |
Oct 8, 2024 10:45:58.655014038 CEST | 55918 | 27651 | 192.168.2.14 | 156.244.7.75 |
Oct 8, 2024 10:45:58.659913063 CEST | 27651 | 55918 | 156.244.7.75 | 192.168.2.14 |
Oct 8, 2024 10:45:58.660026073 CEST | 55918 | 27651 | 192.168.2.14 | 156.244.7.75 |
Oct 8, 2024 10:45:58.660181046 CEST | 55918 | 27651 | 192.168.2.14 | 156.244.7.75 |
Oct 8, 2024 10:45:58.665102005 CEST | 27651 | 55918 | 156.244.7.75 | 192.168.2.14 |
Oct 8, 2024 10:45:58.665251017 CEST | 27651 | 55918 | 156.244.7.75 | 192.168.2.14 |
Oct 8, 2024 10:46:19.909404039 CEST | 45910 | 61543 | 192.168.2.14 | 154.223.21.228 |
Oct 8, 2024 10:46:19.914225101 CEST | 61543 | 45910 | 154.223.21.228 | 192.168.2.14 |
Oct 8, 2024 10:46:19.914303064 CEST | 45910 | 61543 | 192.168.2.14 | 154.223.21.228 |
Oct 8, 2024 10:46:19.914345980 CEST | 45910 | 61543 | 192.168.2.14 | 154.223.21.228 |
Oct 8, 2024 10:46:19.919136047 CEST | 61543 | 45910 | 154.223.21.228 | 192.168.2.14 |
Oct 8, 2024 10:46:34.928577900 CEST | 45910 | 61543 | 192.168.2.14 | 154.223.21.228 |
Oct 8, 2024 10:46:34.933628082 CEST | 61543 | 45910 | 154.223.21.228 | 192.168.2.14 |
Oct 8, 2024 10:47:12.076862097 CEST | 61543 | 45910 | 154.223.21.228 | 192.168.2.14 |
Oct 8, 2024 10:47:12.077028036 CEST | 45910 | 61543 | 192.168.2.14 | 154.223.21.228 |
Oct 8, 2024 10:47:29.321646929 CEST | 61543 | 45910 | 154.223.21.228 | 192.168.2.14 |
Oct 8, 2024 10:47:29.321907997 CEST | 45910 | 61543 | 192.168.2.14 | 154.223.21.228 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Oct 8, 2024 10:44:25.060265064 CEST | 35561 | 53 | 192.168.2.14 | 130.61.69.123 |
Oct 8, 2024 10:44:25.067214012 CEST | 53 | 35561 | 130.61.69.123 | 192.168.2.14 |
Oct 8, 2024 10:44:26.132016897 CEST | 57774 | 53 | 192.168.2.14 | 162.243.19.47 |
Oct 8, 2024 10:44:26.219163895 CEST | 53 | 57774 | 162.243.19.47 | 192.168.2.14 |
Oct 8, 2024 10:44:26.228861094 CEST | 42310 | 53 | 192.168.2.14 | 130.61.64.122 |
Oct 8, 2024 10:44:26.235616922 CEST | 53 | 42310 | 130.61.64.122 | 192.168.2.14 |
Oct 8, 2024 10:44:26.249334097 CEST | 55598 | 53 | 192.168.2.14 | 54.36.111.116 |
Oct 8, 2024 10:44:31.255140066 CEST | 57135 | 5353 | 192.168.2.14 | 116.203.104.203 |
Oct 8, 2024 10:44:36.260535955 CEST | 56672 | 5353 | 192.168.2.14 | 185.84.81.194 |
Oct 8, 2024 10:44:41.266130924 CEST | 60069 | 5353 | 192.168.2.14 | 162.243.19.47 |
Oct 8, 2024 10:44:46.269510984 CEST | 59311 | 53 | 192.168.2.14 | 161.97.219.84 |
Oct 8, 2024 10:44:46.457942009 CEST | 53 | 59311 | 161.97.219.84 | 192.168.2.14 |
Oct 8, 2024 10:44:46.459157944 CEST | 33624 | 53 | 192.168.2.14 | 130.61.69.123 |
Oct 8, 2024 10:44:46.466280937 CEST | 53 | 33624 | 130.61.69.123 | 192.168.2.14 |
Oct 8, 2024 10:44:46.467046022 CEST | 32942 | 53 | 192.168.2.14 | 130.61.64.122 |
Oct 8, 2024 10:44:46.473817110 CEST | 53 | 32942 | 130.61.64.122 | 192.168.2.14 |
Oct 8, 2024 10:44:46.474591017 CEST | 47751 | 53 | 192.168.2.14 | 162.243.19.47 |
Oct 8, 2024 10:44:46.563203096 CEST | 53 | 47751 | 162.243.19.47 | 192.168.2.14 |
Oct 8, 2024 10:44:46.564244986 CEST | 40241 | 53 | 192.168.2.14 | 185.84.81.194 |
Oct 8, 2024 10:44:46.574400902 CEST | 53 | 40241 | 185.84.81.194 | 192.168.2.14 |
Oct 8, 2024 10:44:46.575066090 CEST | 38278 | 5353 | 192.168.2.14 | 116.203.104.203 |
Oct 8, 2024 10:44:51.581207037 CEST | 55056 | 53 | 192.168.2.14 | 8.8.8.8 |
Oct 8, 2024 10:44:51.587858915 CEST | 53 | 55056 | 8.8.8.8 | 192.168.2.14 |
Oct 8, 2024 10:44:51.588828087 CEST | 33576 | 53 | 192.168.2.14 | 8.8.8.8 |
Oct 8, 2024 10:44:51.595498085 CEST | 53 | 33576 | 8.8.8.8 | 192.168.2.14 |
Oct 8, 2024 10:44:51.596347094 CEST | 43066 | 53 | 192.168.2.14 | 8.8.8.8 |
Oct 8, 2024 10:44:51.602694035 CEST | 53 | 43066 | 8.8.8.8 | 192.168.2.14 |
Oct 8, 2024 10:44:51.603519917 CEST | 40965 | 53 | 192.168.2.14 | 8.8.8.8 |
Oct 8, 2024 10:44:51.609857082 CEST | 53 | 40965 | 8.8.8.8 | 192.168.2.14 |
Oct 8, 2024 10:44:51.610656023 CEST | 42438 | 53 | 192.168.2.14 | 8.8.8.8 |
Oct 8, 2024 10:44:51.617317915 CEST | 53 | 42438 | 8.8.8.8 | 192.168.2.14 |
Oct 8, 2024 10:44:51.618499994 CEST | 44089 | 53 | 192.168.2.14 | 8.8.8.8 |
Oct 8, 2024 10:44:51.625854015 CEST | 53 | 44089 | 8.8.8.8 | 192.168.2.14 |
Oct 8, 2024 10:44:52.639234066 CEST | 33242 | 53 | 192.168.2.14 | 116.203.104.203 |
Oct 8, 2024 10:44:52.650923014 CEST | 53 | 33242 | 116.203.104.203 | 192.168.2.14 |
Oct 8, 2024 10:44:52.651916981 CEST | 44303 | 53 | 192.168.2.14 | 130.61.69.123 |
Oct 8, 2024 10:44:52.659821987 CEST | 53 | 44303 | 130.61.69.123 | 192.168.2.14 |
Oct 8, 2024 10:44:53.673229933 CEST | 36632 | 5353 | 192.168.2.14 | 161.97.219.84 |
Oct 8, 2024 10:44:58.677828074 CEST | 56436 | 53 | 192.168.2.14 | 63.231.92.27 |
Oct 8, 2024 10:44:58.823698997 CEST | 53 | 56436 | 63.231.92.27 | 192.168.2.14 |
Oct 8, 2024 10:44:58.825805902 CEST | 42013 | 53 | 192.168.2.14 | 185.84.81.194 |
Oct 8, 2024 10:44:58.836750984 CEST | 53 | 42013 | 185.84.81.194 | 192.168.2.14 |
Oct 8, 2024 10:44:58.838321924 CEST | 59497 | 5353 | 192.168.2.14 | 116.203.104.203 |
Oct 8, 2024 10:45:03.844639063 CEST | 34789 | 53 | 192.168.2.14 | 54.36.111.116 |
Oct 8, 2024 10:45:03.851197004 CEST | 56086 | 53 | 192.168.2.14 | 161.97.219.84 |
Oct 8, 2024 10:45:04.038841963 CEST | 53 | 56086 | 161.97.219.84 | 192.168.2.14 |
Oct 8, 2024 10:45:04.040307045 CEST | 34548 | 53 | 192.168.2.14 | 116.203.104.203 |
Oct 8, 2024 10:45:04.051935911 CEST | 53 | 34548 | 116.203.104.203 | 192.168.2.14 |
Oct 8, 2024 10:45:04.053004980 CEST | 33559 | 5353 | 192.168.2.14 | 185.84.81.194 |
Oct 8, 2024 10:45:09.057816029 CEST | 42820 | 53 | 192.168.2.14 | 54.36.111.116 |
Oct 8, 2024 10:45:09.063973904 CEST | 36752 | 5353 | 192.168.2.14 | 116.203.104.203 |
Oct 8, 2024 10:45:14.069852114 CEST | 42752 | 53 | 192.168.2.14 | 116.203.104.203 |
Oct 8, 2024 10:45:14.079646111 CEST | 53 | 42752 | 116.203.104.203 | 192.168.2.14 |
Oct 8, 2024 10:45:14.080375910 CEST | 41358 | 5353 | 192.168.2.14 | 63.231.92.27 |
Oct 8, 2024 10:45:19.084942102 CEST | 41258 | 53 | 192.168.2.14 | 8.8.8.8 |
Oct 8, 2024 10:45:19.409491062 CEST | 53 | 41258 | 8.8.8.8 | 192.168.2.14 |
Oct 8, 2024 10:45:20.435551882 CEST | 60733 | 5353 | 192.168.2.14 | 63.231.92.27 |
Oct 8, 2024 10:45:25.442354918 CEST | 43279 | 5353 | 192.168.2.14 | 185.84.81.194 |
Oct 8, 2024 10:45:30.448661089 CEST | 40607 | 53 | 192.168.2.14 | 185.84.81.194 |
Oct 8, 2024 10:45:30.837460041 CEST | 53 | 40607 | 185.84.81.194 | 192.168.2.14 |
Oct 8, 2024 10:45:30.839596033 CEST | 33991 | 5353 | 192.168.2.14 | 162.243.19.47 |
Oct 8, 2024 10:45:35.845829964 CEST | 44876 | 53 | 192.168.2.14 | 161.97.219.84 |
Oct 8, 2024 10:45:36.037911892 CEST | 53 | 44876 | 161.97.219.84 | 192.168.2.14 |
Oct 8, 2024 10:45:36.041630030 CEST | 57306 | 5353 | 192.168.2.14 | 116.203.104.203 |
Oct 8, 2024 10:45:41.047930956 CEST | 49075 | 53 | 192.168.2.14 | 185.84.81.194 |
Oct 8, 2024 10:45:41.192831039 CEST | 53 | 49075 | 185.84.81.194 | 192.168.2.14 |
Oct 8, 2024 10:45:42.208986044 CEST | 50058 | 53 | 192.168.2.14 | 63.231.92.27 |
Oct 8, 2024 10:45:42.404866934 CEST | 53 | 50058 | 63.231.92.27 | 192.168.2.14 |
Oct 8, 2024 10:45:42.408463001 CEST | 60104 | 5353 | 192.168.2.14 | 130.61.64.122 |
Oct 8, 2024 10:45:47.415452957 CEST | 45694 | 5353 | 192.168.2.14 | 116.203.104.203 |
Oct 8, 2024 10:45:52.423150063 CEST | 54222 | 5353 | 192.168.2.14 | 130.61.64.122 |
Oct 8, 2024 10:45:57.426861048 CEST | 36779 | 53 | 192.168.2.14 | 185.84.81.194 |
Oct 8, 2024 10:45:57.437813997 CEST | 53 | 36779 | 185.84.81.194 | 192.168.2.14 |
Oct 8, 2024 10:45:58.453324080 CEST | 57765 | 53 | 192.168.2.14 | 54.36.111.116 |
Oct 8, 2024 10:45:58.460771084 CEST | 37974 | 53 | 192.168.2.14 | 192.3.165.37 |
Oct 8, 2024 10:45:58.566150904 CEST | 53 | 37974 | 192.3.165.37 | 192.168.2.14 |
Oct 8, 2024 10:45:58.568677902 CEST | 40129 | 53 | 192.168.2.14 | 162.243.19.47 |
Oct 8, 2024 10:45:58.653398037 CEST | 53 | 40129 | 162.243.19.47 | 192.168.2.14 |
Oct 8, 2024 10:45:59.669949055 CEST | 49382 | 53 | 192.168.2.14 | 116.203.104.203 |
Oct 8, 2024 10:45:59.679989100 CEST | 53 | 49382 | 116.203.104.203 | 192.168.2.14 |
Oct 8, 2024 10:45:59.682133913 CEST | 54231 | 5353 | 192.168.2.14 | 116.203.104.203 |
Oct 8, 2024 10:46:04.689943075 CEST | 41874 | 5353 | 192.168.2.14 | 130.61.64.122 |
Oct 8, 2024 10:46:09.696397066 CEST | 57406 | 5353 | 192.168.2.14 | 192.3.165.37 |
Oct 8, 2024 10:46:14.702785969 CEST | 40125 | 53 | 192.168.2.14 | 116.203.104.203 |
Oct 8, 2024 10:46:14.887164116 CEST | 53 | 40125 | 116.203.104.203 | 192.168.2.14 |
Oct 8, 2024 10:46:14.888535976 CEST | 47194 | 5353 | 192.168.2.14 | 130.61.69.123 |
Oct 8, 2024 10:46:19.894932985 CEST | 45397 | 53 | 192.168.2.14 | 54.36.111.116 |
Oct 8, 2024 10:46:19.901753902 CEST | 59201 | 53 | 192.168.2.14 | 130.61.69.123 |
Oct 8, 2024 10:46:19.908560038 CEST | 53 | 59201 | 130.61.69.123 | 192.168.2.14 |
Oct 8, 2024 10:47:07.021677971 CEST | 45522 | 53 | 192.168.2.14 | 1.1.1.1 |
Oct 8, 2024 10:47:07.021790981 CEST | 33151 | 53 | 192.168.2.14 | 1.1.1.1 |
Oct 8, 2024 10:47:07.028754950 CEST | 53 | 33151 | 1.1.1.1 | 192.168.2.14 |
Oct 8, 2024 10:47:07.028862953 CEST | 53 | 45522 | 1.1.1.1 | 192.168.2.14 |
Timestamp | Source IP | Dest IP | Checksum | Code | Type |
---|---|---|---|---|---|
Oct 8, 2024 10:45:03.849944115 CEST | 54.36.111.116 | 192.168.2.14 | 6586 | (Port unreachable) | Destination Unreachable |
Oct 8, 2024 10:45:09.062896967 CEST | 54.36.111.116 | 192.168.2.14 | 6587 | (Port unreachable) | Destination Unreachable |
Oct 8, 2024 10:45:58.458803892 CEST | 54.36.111.116 | 192.168.2.14 | 6584 | (Port unreachable) | Destination Unreachable |
Oct 8, 2024 10:46:19.900144100 CEST | 54.36.111.116 | 192.168.2.14 | 6585 | (Port unreachable) | Destination Unreachable |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Oct 8, 2024 10:44:25.060265064 CEST | 192.168.2.14 | 130.61.69.123 | 0x54e9 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 8, 2024 10:44:26.132016897 CEST | 192.168.2.14 | 162.243.19.47 | 0xe736 | Standard query (0) | 256 | 490 | false | |
Oct 8, 2024 10:44:26.228861094 CEST | 192.168.2.14 | 130.61.64.122 | 0x200a | Standard query (0) | 256 | 490 | false | |
Oct 8, 2024 10:44:26.249334097 CEST | 192.168.2.14 | 54.36.111.116 | 0x23ed | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 8, 2024 10:44:46.269510984 CEST | 192.168.2.14 | 161.97.219.84 | 0xc1e1 | Standard query (0) | 256 | 510 | false | |
Oct 8, 2024 10:44:46.459157944 CEST | 192.168.2.14 | 130.61.69.123 | 0xd7a0 | Standard query (0) | 256 | 510 | false | |
Oct 8, 2024 10:44:46.467046022 CEST | 192.168.2.14 | 130.61.64.122 | 0x4990 | Standard query (0) | 256 | 510 | false | |
Oct 8, 2024 10:44:46.474591017 CEST | 192.168.2.14 | 162.243.19.47 | 0xdc53 | Standard query (0) | 256 | 510 | false | |
Oct 8, 2024 10:44:46.564244986 CEST | 192.168.2.14 | 185.84.81.194 | 0x5bce | Standard query (0) | 256 | 510 | false | |
Oct 8, 2024 10:44:51.581207037 CEST | 192.168.2.14 | 8.8.8.8 | 0x7735 | Standard query (0) | 256 | 259 | false | |
Oct 8, 2024 10:44:51.588828087 CEST | 192.168.2.14 | 8.8.8.8 | 0x7735 | Standard query (0) | 256 | 259 | false | |
Oct 8, 2024 10:44:51.596347094 CEST | 192.168.2.14 | 8.8.8.8 | 0x7735 | Standard query (0) | 256 | 259 | false | |
Oct 8, 2024 10:44:51.603519917 CEST | 192.168.2.14 | 8.8.8.8 | 0x7735 | Standard query (0) | 256 | 259 | false | |
Oct 8, 2024 10:44:51.610656023 CEST | 192.168.2.14 | 8.8.8.8 | 0x7735 | Standard query (0) | 256 | 259 | false | |
Oct 8, 2024 10:44:51.618499994 CEST | 192.168.2.14 | 8.8.8.8 | 0xfabf | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 8, 2024 10:44:52.639234066 CEST | 192.168.2.14 | 116.203.104.203 | 0xf1fe | Standard query (0) | 256 | 260 | false | |
Oct 8, 2024 10:44:52.651916981 CEST | 192.168.2.14 | 130.61.69.123 | 0x1c56 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 8, 2024 10:44:58.677828074 CEST | 192.168.2.14 | 63.231.92.27 | 0x3dd1 | Standard query (0) | 256 | 266 | false | |
Oct 8, 2024 10:44:58.825805902 CEST | 192.168.2.14 | 185.84.81.194 | 0x9033 | Standard query (0) | 256 | 266 | false | |
Oct 8, 2024 10:45:03.844639063 CEST | 192.168.2.14 | 54.36.111.116 | 0xd9ef | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 8, 2024 10:45:03.851197004 CEST | 192.168.2.14 | 161.97.219.84 | 0x8732 | Standard query (0) | 256 | 272 | false | |
Oct 8, 2024 10:45:04.040307045 CEST | 192.168.2.14 | 116.203.104.203 | 0x4f01 | Standard query (0) | 256 | 272 | false | |
Oct 8, 2024 10:45:09.057816029 CEST | 192.168.2.14 | 54.36.111.116 | 0x2483 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 8, 2024 10:45:14.069852114 CEST | 192.168.2.14 | 116.203.104.203 | 0x46f8 | Standard query (0) | 256 | 282 | false | |
Oct 8, 2024 10:45:19.084942102 CEST | 192.168.2.14 | 8.8.8.8 | 0xa09e | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 8, 2024 10:45:30.448661089 CEST | 192.168.2.14 | 185.84.81.194 | 0x35c0 | Standard query (0) | 256 | 298 | false | |
Oct 8, 2024 10:45:35.845829964 CEST | 192.168.2.14 | 161.97.219.84 | 0x8c0a | Standard query (0) | 256 | 304 | false | |
Oct 8, 2024 10:45:41.047930956 CEST | 192.168.2.14 | 185.84.81.194 | 0xb58b | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 8, 2024 10:45:42.208986044 CEST | 192.168.2.14 | 63.231.92.27 | 0xdca9 | Standard query (0) | 256 | 310 | false | |
Oct 8, 2024 10:45:57.426861048 CEST | 192.168.2.14 | 185.84.81.194 | 0xdc32 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 8, 2024 10:45:58.453324080 CEST | 192.168.2.14 | 54.36.111.116 | 0x9c40 | Standard query (0) | 256 | 326 | false | |
Oct 8, 2024 10:45:58.460771084 CEST | 192.168.2.14 | 192.3.165.37 | 0x5042 | Standard query (0) | 256 | 326 | false | |
Oct 8, 2024 10:45:58.568677902 CEST | 192.168.2.14 | 162.243.19.47 | 0xbcb6 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 8, 2024 10:45:59.669949055 CEST | 192.168.2.14 | 116.203.104.203 | 0x7f66 | Standard query (0) | 256 | 327 | false | |
Oct 8, 2024 10:46:14.702785969 CEST | 192.168.2.14 | 116.203.104.203 | 0x806d | Standard query (0) | 256 | 342 | false | |
Oct 8, 2024 10:46:19.894932985 CEST | 192.168.2.14 | 54.36.111.116 | 0xf064 | Standard query (0) | 256 | 347 | false | |
Oct 8, 2024 10:46:19.901753902 CEST | 192.168.2.14 | 130.61.69.123 | 0xc72f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 8, 2024 10:47:07.021677971 CEST | 192.168.2.14 | 1.1.1.1 | 0x1a4f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
Oct 8, 2024 10:47:07.021790981 CEST | 192.168.2.14 | 1.1.1.1 | 0x8a11 | Standard query (0) | 28 | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Oct 8, 2024 10:44:25.067214012 CEST | 130.61.69.123 | 192.168.2.14 | 0x54e9 | No error (0) | 156.244.7.75 | A (IP address) | IN (0x0001) | false | ||
Oct 8, 2024 10:44:51.625854015 CEST | 8.8.8.8 | 192.168.2.14 | 0xfabf | No error (0) | 38.54.57.248 | A (IP address) | IN (0x0001) | false | ||
Oct 8, 2024 10:44:52.659821987 CEST | 130.61.69.123 | 192.168.2.14 | 0x1c56 | No error (0) | 154.223.21.228 | A (IP address) | IN (0x0001) | false | ||
Oct 8, 2024 10:45:19.409491062 CEST | 8.8.8.8 | 192.168.2.14 | 0xa09e | No error (0) | 38.60.198.180 | A (IP address) | IN (0x0001) | false | ||
Oct 8, 2024 10:45:41.192831039 CEST | 185.84.81.194 | 192.168.2.14 | 0xb58b | No error (0) | 154.223.21.228 | A (IP address) | IN (0x0001) | false | ||
Oct 8, 2024 10:45:57.437813997 CEST | 185.84.81.194 | 192.168.2.14 | 0xdc32 | No error (0) | 154.90.62.142 | A (IP address) | IN (0x0001) | false | ||
Oct 8, 2024 10:45:58.653398037 CEST | 162.243.19.47 | 192.168.2.14 | 0xbcb6 | No error (0) | 156.244.7.75 | A (IP address) | IN (0x0001) | false | ||
Oct 8, 2024 10:46:19.908560038 CEST | 130.61.69.123 | 192.168.2.14 | 0xc72f | No error (0) | 154.223.21.228 | A (IP address) | IN (0x0001) | false | ||
Oct 8, 2024 10:47:07.028862953 CEST | 1.1.1.1 | 192.168.2.14 | 0x1a4f | No error (0) | 162.213.35.25 | A (IP address) | IN (0x0001) | false | ||
Oct 8, 2024 10:47:07.028862953 CEST | 1.1.1.1 | 192.168.2.14 | 0x1a4f | No error (0) | 162.213.35.24 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 08:44:23 |
Start date (UTC): | 08/10/2024 |
Path: | /tmp/na.elf |
Arguments: | /tmp/na.elf |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 08:44:24 |
Start date (UTC): | 08/10/2024 |
Path: | /tmp/na.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |
Start time (UTC): | 08:44:24 |
Start date (UTC): | 08/10/2024 |
Path: | /tmp/na.elf |
Arguments: | - |
File size: | 5777432 bytes |
MD5 hash: | 0083f1f0e77be34ad27f849842bbb00c |