Edit tour
Windows
Analysis Report
file.exe
Overview
General Information
| Sample name: | file.exe |
| Analysis ID: | 1528956 |
| MD5: | 1d2cf62e7874bb460b7258279a55ddf3 |
| SHA1: | 9a060f273aee924d7972a5ddd561a34f4510d64d |
| SHA256: | c5378718434462185d98c672106dbfd4efbc8d6b7a0c60efe79000f11c955ffa |
| Tags: | exeuser-Bitsight |
| Infos: |  |
 | |
Detection
| Score: | 100 |
| Range: | 0 - 100 |
| Whitelisted: | false |
| Confidence: | 100% |
Signatures
Multi AV Scanner detection for submitted file
Sigma detected: Drops script at startup location
AI detected suspicious sample
Binary is likely a compiled AutoIt script file
Bypasses PowerShell execution policy
Drops PE files to the user root directory
Drops PE files with a suspicious file extension
Machine Learning detection for sample
Sigma detected: Execution from Suspicious Folder
Sigma detected: Execution of Powershell Script in Public Folder
Sigma detected: Parent in Public Folder Suspicious Process
Sigma detected: Script Interpreter Execution From Suspicious Folder
Sigma detected: WScript or CScript Dropper
Sigma detected: Windows Shell/Scripting Application File Write to Suspicious Folder
Windows Scripting host queries suspicious COM object (likely to drop second stage)
Contains functionality for read data from the clipboard
Contains functionality to block mouse and keyboard input (often used to hinder debugging)
Contains functionality to check if a debugger is running (IsDebuggerPresent)
Contains functionality to check if a debugger is running (OutputDebugString,GetLastError)
Contains functionality to check if a window is minimized (may be used to check if an application is visible)
Contains functionality to communicate with device drivers
Contains functionality to dynamically determine API calls
Contains functionality to execute programs as a different user
Contains functionality to launch a process as a different user
Contains functionality to launch a program with higher privileges
Contains functionality to modify clipboard data
Contains functionality to open a port and listen for incoming connection (possibly a backdoor)
Contains functionality to query CPU information (cpuid)
Contains functionality to read the clipboard data
Contains functionality to retrieve information about pressed keystrokes
Contains functionality to shutdown / reboot the system
Contains functionality to simulate keystroke presses
Contains functionality to simulate mouse events
Contains functionality which may be used to detect a debugger (GetProcessHeap)
Contains long sleeps (>= 3 min)
Creates a process in suspended mode (likely to inject code)
Creates a start menu entry (Start Menu\Programs\Startup)
Detected potential crypto function
Dropped file seen in connection with other malware
Drops PE files
Drops PE files to the user directory
Enables debug privileges
Extensive use of GetProcAddress (often used to hide API calls)
Found WSH timer for Javascript or VBS script (likely evasive script)
Found a high number of Window / User specific system calls (may be a loop to detect user behavior)
Found evasive API chain (date check)
Found large amount of non-executed APIs
Found potential string decryption / allocating functions
JA3 SSL client fingerprint seen in connection with other malware
May sleep (evasive loops) to hinder dynamic analysis
OS version to string mapping found (often used in BOTs)
Potential key logger detected (key state polling based)
Queries the volume information (name, serial number etc) of a device
Sample file is different than original file name gathered from version info
Sigma detected: Change PowerShell Policies to an Insecure Level
Sigma detected: Execution of Suspicious File Type Extension
Sigma detected: WSF/JSE/JS/VBA/VBE File Execution Via Cscript/Wscript
Stores files to the Windows start menu directory
Uses a known web browser user agent for HTTP communication
Uses code obfuscation techniques (call, push, ret)
Very long cmdline option found, this is very uncommon (may be encrypted or packed)
Classification
- System is w10x64
file.exe (PID: 7432 cmdline: "C:\Users\ user\Deskt op\file.ex e" MD5: 1D2CF62E7874BB460B7258279A55DDF3) 
powershell.exe (PID: 7452 cmdline: powershell .exe -Exec utionPolic y Bypass - File "C:\U sers\Publi c\ProfileD etails.ps1 " MD5: 04029E121A0CFA5991749937DD22A1D9) 
conhost.exe (PID: 7460 cmdline: C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: 0D698AF330FD17BEE3BF90011D49251D) 
InformationCheck.exe (PID: 7680 cmdline: "C:\Users\ Public\Inf ormationCh eck.exe" C :\Users\Pu blic\Detai ls.au3 MD5: C56B5F0201A3B3DE53E561FE76912BFD) - cmd.exe (PID: 7724 cmdline:
cmd /k ech o [Interne tShortcut] > "C:\Use rs\user\Ap pData\Roam ing\Micros oft\Window s\Start Me nu\Program s\Startup\ SwiftWrite .url" & ec ho URL="C: \Users\use r\AppData\ Local\Word Genius Tec hnologies\ SwiftWrite .js" >> "C :\Users\us er\AppData \Roaming\M icrosoft\W indows\Sta rt Menu\Pr ograms\Sta rtup\Swift Write.url" & exit MD5: D0FCE3AFA6AA1D58CE9FA336CC2B675B) - conhost.exe (PID: 7732 cmdline:
C:\Windows \system32\ conhost.ex e 0xffffff ff -ForceV 1 MD5: 0D698AF330FD17BEE3BF90011D49251D)
wscript.exe (PID: 7856 cmdline: "C:\Window s\System32 \WScript.e xe" "C:\Us ers\user\A ppData\Loc al\WordGen ius Techno logies\Swi ftWrite.js " MD5: A47CBE969EA935BDD3AB568BB126BC80) - SwiftWrite.pif (PID: 7948 cmdline:
"C:\Users\ user\AppDa ta\Local\W ordGenius Technologi es\SwiftWr ite.pif" " C:\Users\u ser\AppDat a\Local\Wo rdGenius T echnologie s\G" MD5: C56B5F0201A3B3DE53E561FE76912BFD)
- cleanup
⊘No configs have been found
⊘No yara matches
System Summary |   |
|---|
| Source: | Author: Florian Roth (Nextron Systems), Tim Shelton: | ||
| Source: | Author: Max Altgelt (Nextron Systems): | ||
| Source: | Author: Florian Roth (Nextron Systems): | ||
| Source: | Author: Florian Roth (Nextron Systems), Nasreddine Bencherchali (Nextron Systems): | ||
| Source: | Author: Margaritis Dimitrios (idea), Florian Roth (Nextron Systems), oscd.community: | ||
| Source: | Author: Florian Roth (Nextron Systems): | ||
| Source: | Author: frack113: | ||
| Source: | Author: Max Altgelt (Nextron Systems): | ||
| Source: | Author: Michael Haag: | ||
| Source: | Author: Roberto Rodriguez @Cyb3rWard0g (rule), oscd.community (improvements): | ||
Data Obfuscation | |
|---|
| Source: | Author: Joe Security: | ||
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
AV Detection | |
|---|
| Source: | ReversingLabs: | ||
| Source: | Integrated Neural Analysis Model: | ||
| Source: | Joe Sandbox ML: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Static PE information: | ||
| Source: | Code function: | 0_2_00007FF7978AB7C0 | |
| Source: | Code function: | 0_2_00007FF7978B72A8 | |
| Source: | Code function: | 0_2_00007FF7978B71F4 | |
| Source: | Code function: | 0_2_00007FF7978ABC70 | |
| Source: | Code function: | 0_2_00007FF7978BA874 | |
| Source: | Code function: | 0_2_00007FF7978AC7C0 | |
| Source: | Code function: | 0_2_00007FF7978BA4F8 | |
| Source: | Code function: | 0_2_00007FF7978B6428 | |
| Source: | Code function: | 0_2_00007FF7978BA350 | |
| Source: | Code function: | 0_2_00007FF797872F50 | |
| Source: | Code function: | 3_2_004C4005 | |
| Source: | Code function: | 3_2_004C494A | |
| Source: | Code function: | 3_2_004CC2FF | |
| Source: | Code function: | 3_2_004CCD14 | |
| Source: | Code function: | 3_2_004CCD9F | |
| Source: | Code function: | 3_2_004CF5D8 | |
| Source: | Code function: | 3_2_004CF735 | |
| Source: | Code function: | 3_2_004CFA36 | |
| Source: | Code function: | 3_2_004C3CE2 | |
| Source: | Code function: | 8_2_00F84005 | |
| Source: | Code function: | 8_2_00F8494A | |
| Source: | Code function: | 8_2_00F8C2FF | |
| Source: | Code function: | 8_2_00F8CD9F | |
| Source: | Code function: | 8_2_00F8CD14 | |
| Source: | Code function: | 8_2_00F8F5D8 | |
| Source: | Code function: | 8_2_00F8F735 | |
| Source: | Code function: | 8_2_00F8FA36 | |
| Source: | Code function: | 8_2_00F83CE2 | |
| Source: | JA3 fingerprint: | ||
| Source: | HTTP traffic detected: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | UDP traffic detected without corresponding DNS query: | ||
| Source: | Code function: | 0_2_00007FF7978BE87C | |
| Source: | HTTP traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | DNS traffic detected: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | ||
| Source: | Network traffic detected: | ||
| Source: | Network traffic detected: | ||
| Source: | HTTPS traffic detected: | ||
| Source: | Code function: | 0_2_00007FF7978C0D24 | |
| Source: | Code function: | 0_2_00007FF7978C0D24 | |
| Source: | Code function: | 3_2_004D4830 | |
| Source: | Code function: | 8_2_00F94830 | |
| Source: | Code function: | 0_2_00007FF7978C0A6C | |
| Source: | Code function: | 0_2_00007FF7978A7E64 | |
| Source: | Code function: | 3_2_004ED164 | |
| Source: | Code function: | 8_2_00FAD164 | |
System Summary | |
|---|
| Source: | Code function: | 0_2_00007FF7978337B0 | |
| Source: | String found in binary or memory: | ||
| Source: | String found in binary or memory: | memstr_94912b12-4 | |
| Source: | String found in binary or memory: | memstr_a8c22b00-1 | |
| Source: | COM Object queried: | Jump to behavior | ||
| Source: | Code function: | 0_2_00007FF7978AC110 | |
| Source: | Code function: | 0_2_00007FF79789D2C4 | |
| Source: | Code function: | 0_2_00007FF7978AD750 | |
| Source: | Code function: | 3_2_004C5778 | |
| Source: | Code function: | 8_2_00F85778 | |
| Source: | Code function: | 0_2_00007FF7978CF630 | |
| Source: | Code function: | 0_2_00007FF797842E30 | |
| Source: | Code function: | 0_2_00007FF7978458D0 | |
| Source: | Code function: | 0_2_00007FF79785F8D0 | |
| Source: | Code function: | 0_2_00007FF79783183C | |
| Source: | Code function: | 0_2_00007FF797871840 | |
| Source: | Code function: | 0_2_00007FF7978AD87C | |
| Source: | Code function: | 0_2_00007FF7978E17C0 | |
| Source: | Code function: | 0_2_00007FF797861750 | |
| Source: | Code function: | 0_2_00007FF7978C56A0 | |
| Source: | Code function: | 0_2_00007FF7978695B0 | |
| Source: | Code function: | 0_2_00007FF79783B390 | |
| Source: | Code function: | 0_2_00007FF7978C32AC | |
| Source: | Code function: | 0_2_00007FF79787529C | |
| Source: | Code function: | 0_2_00007FF7978C206C | |
| Source: | Code function: | 0_2_00007FF797835F3C | |
| Source: | Code function: | 0_2_00007FF79785BEB4 | |
| Source: | Code function: | 0_2_00007FF79783BE70 | |
| Source: | Code function: | 0_2_00007FF797843C20 | |
| Source: | Code function: | 0_2_00007FF7978DDB18 | |
| Source: | Code function: | 0_2_00007FF7978B1A18 | |
| Source: | Code function: | 0_2_00007FF79784FA4F | |
| Source: | Code function: | 0_2_00007FF79783B9F0 | |
| Source: | Code function: | 0_2_00007FF7978DBA0C | |
| Source: | Code function: | 0_2_00007FF79786793C | |
| Source: | Code function: | 0_2_00007FF79786A8A0 | |
| Source: | Code function: | 0_2_00007FF7978767F0 | |
| Source: | Code function: | 0_2_00007FF7978DC6D4 | |
| Source: | Code function: | 0_2_00007FF7978DA59C | |
| Source: | Code function: | 0_2_00007FF7978D055C | |
| Source: | Code function: | 0_2_00007FF7978684C0 | |
| Source: | Code function: | 0_2_00007FF797854514 | |
| Source: | Code function: | 0_2_00007FF7978B83D4 | |
| Source: | Code function: | 0_2_00007FF79785C3FC | |
| Source: | Code function: | 0_2_00007FF797872400 | |
| Source: | Code function: | 0_2_00007FF7978C6320 | |
| Source: | Code function: | 0_2_00007FF7978C8360 | |
| Source: | Code function: | 0_2_00007FF7978502C4 | |
| Source: | Code function: | 0_2_00007FF79785C130 | |
| Source: | Code function: | 0_2_00007FF7978630DC | |
| Source: | Code function: | 0_2_00007FF797840E70 | |
| Source: | Code function: | 0_2_00007FF7978DCE8C | |
| Source: | Code function: | 0_2_00007FF797850E90 | |
| Source: | Code function: | 0_2_00007FF797876DE4 | |
| Source: | Code function: | 0_2_00007FF797872D20 | |
| Source: | Code function: | 0_2_00007FF7978C6C34 | |
| Source: | Code function: | 0_2_00007FF7978D0AEC | |
| Source: | Code function: | 0_2_00007FF797832AE0 | |
| Source: | Code function: | 3_2_0046B020 | |
| Source: | Code function: | 3_2_004694E0 | |
| Source: | Code function: | 3_2_00469C80 | |
| Source: | Code function: | 3_2_004823F5 | |
| Source: | Code function: | 3_2_004E8400 | |
| Source: | Code function: | 3_2_00496502 | |
| Source: | Code function: | 3_2_0049265E | |
| Source: | Code function: | 3_2_0046E6F0 | |
| Source: | Code function: | 3_2_0048282A | |
| Source: | Code function: | 3_2_004989BF | |
| Source: | Code function: | 3_2_00496A74 | |
| Source: | Code function: | 3_2_004E0A3A | |
| Source: | Code function: | 3_2_00470BE0 | |
| Source: | Code function: | 3_2_0048CD51 | |
| Source: | Code function: | 3_2_004BEDB2 | |
| Source: | Code function: | 3_2_004C8E44 | |
| Source: | Code function: | 3_2_004E0EB7 | |
| Source: | Code function: | 3_2_00496FE6 | |
| Source: | Code function: | 3_2_004833B7 | |
| Source: | Code function: | 3_2_0047D45D | |
| Source: | Code function: | 3_2_0048F409 | |
| Source: | Code function: | 3_2_00461663 | |
| Source: | Code function: | 3_2_0047F628 | |
| Source: | Code function: | 3_2_0046F6A0 | |
| Source: | Code function: | 3_2_004816B4 | |
| Source: | Code function: | 3_2_004878C3 | |
| Source: | Code function: | 3_2_00481BA8 | |
| Source: | Code function: | 3_2_0048DBA5 | |
| Source: | Code function: | 3_2_00499CE5 | |
| Source: | Code function: | 3_2_0047DD28 | |
| Source: | Code function: | 3_2_00481FC0 | |
| Source: | Code function: | 3_2_0048BFD6 | |
| Source: | Code function: | 8_2_00F2B020 | |
| Source: | Code function: | 8_2_00F294E0 | |
| Source: | Code function: | 8_2_00F29C80 | |
| Source: | Code function: | 8_2_00F423F5 | |
| Source: | Code function: | 8_2_00FA8400 | |
| Source: | Code function: | 8_2_00F56502 | |
| Source: | Code function: | 8_2_00F2E6F0 | |
| Source: | Code function: | 8_2_00F5265E | |
| Source: | Code function: | 8_2_00F4282A | |
| Source: | Code function: | 8_2_00F589BF | |
| Source: | Code function: | 8_2_00F56A74 | |
| Source: | Code function: | 8_2_00FA0A3A | |
| Source: | Code function: | 8_2_00F30BE0 | |
| Source: | Code function: | 8_2_00F7EDB2 | |
| Source: | Code function: | 8_2_00F4CD51 | |
| Source: | Code function: | 8_2_00FA0EB7 | |
| Source: | Code function: | 8_2_00F88E44 | |
| Source: | Code function: | 8_2_00F56FE6 | |
| Source: | Code function: | 8_2_00F433B7 | |
| Source: | Code function: | 8_2_00F3D45D | |
| Source: | Code function: | 8_2_00F4F409 | |
| Source: | Code function: | 8_2_00F416B4 | |
| Source: | Code function: | 8_2_00F2F6A0 | |
| Source: | Code function: | 8_2_00F21663 | |
| Source: | Code function: | 8_2_00F3F628 | |
| Source: | Code function: | 8_2_00F478C3 | |
| Source: | Code function: | 8_2_00F4DBA5 | |
| Source: | Code function: | 8_2_00F41BA8 | |
| Source: | Code function: | 8_2_00F59CE5 | |
| Source: | Code function: | 8_2_00F3DD28 | |
| Source: | Code function: | 8_2_00F4BFD6 | |
| Source: | Code function: | 8_2_00F41FC0 | |
| Source: | Dropped File: | ||
| Source: | Dropped File: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Classification label: | ||
| Source: | Code function: | 0_2_00007FF7978B3778 | |
| Source: | Code function: | 0_2_00007FF79789D5CC | |
| Source: | Code function: | 0_2_00007FF79789CCE0 | |
| Source: | Code function: | 3_2_004B8DE9 | |
| Source: | Code function: | 3_2_004B9399 | |
| Source: | Code function: | 8_2_00F78DE9 | |
| Source: | Code function: | 8_2_00F79399 | |
| Source: | Code function: | 0_2_00007FF7978B58C4 | |
| Source: | Code function: | 0_2_00007FF7978ABE00 | |
| Source: | Code function: | 0_2_00007FF7978B5F2C | |
| Source: | Code function: | 0_2_00007FF797836580 | |
| Source: | File created: | Jump to behavior | ||
| Source: | Mutant created: | ||
| Source: | Mutant created: | ||
| Source: | Mutant created: | ||
| Source: | File created: | Jump to behavior | ||
| Source: | Static PE information: | ||
| Source: | File read: | Jump to behavior | ||
| Source: | Key opened: | Jump to behavior | ||
| Source: | ReversingLabs: | ||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Section loaded: | Jump to behavior | ||
| Source: | Key value queried: | Jump to behavior | ||
| Source: | File opened: | Jump to behavior | ||
| Source: | Static PE information: | ||
| Source: | Static file information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Static PE information: | ||
| Source: | Code function: | 0_2_00007FF7978C7634 | |
| Source: | Code function: | 0_2_00007FF797867904 | |
| Source: | Code function: | 0_2_00007FF7978673A2 | |
| Source: | Code function: | 1_2_00007FFD9B8742FD | |
| Source: | Code function: | 3_2_0048E941 | |
| Source: | Code function: | 3_2_004C8A4C | |
| Source: | Code function: | 3_2_0048EA5A | |
| Source: | Code function: | 3_2_00488B88 | |
| Source: | Code function: | 3_2_0047CBF8 | |
| Source: | Code function: | 3_2_0048EC35 | |
| Source: | Code function: | 3_2_0048ED1E | |
| Source: | Code function: | 8_2_00F4E941 | |
| Source: | Code function: | 8_2_00F4EA5A | |
| Source: | Code function: | 8_2_00F88A4C | |
| Source: | Code function: | 8_2_00F48B88 | |
| Source: | Code function: | 8_2_00F4EC35 | |
| Source: | Code function: | 8_2_00F4ED1E | |
Persistence and Installation Behavior | |
|---|
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to dropped file | ||
Boot Survival | |
|---|
| Source: | File created: | Jump to dropped file | ||
| Source: | File created: | Jump to behavior | ||
| Source: | File created: | Jump to behavior | ||
| Source: | Code function: | 0_2_00007FF797854514 | |
| Source: | Code function: | 3_2_004E59B3 | |
| Source: | Code function: | 3_2_00475EDA | |
| Source: | Code function: | 8_2_00FA59B3 | |
| Source: | Code function: | 8_2_00F35EDA | |
| Source: | Code function: | 3_2_004833B7 | |
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Process information set: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Window found: | Jump to behavior | ||
| Source: | Window / User API: | Jump to behavior | ||
| Source: | Window / User API: | Jump to behavior | ||
| Source: | Evasive API call chain: | ||
| Source: | Evasive API call chain: | ||
| Source: | API coverage: | ||
| Source: | API coverage: | ||
| Source: | API coverage: | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Thread sleep time: | Jump to behavior | ||
| Source: | Code function: | 0_2_00007FF7978AB7C0 | |
| Source: | Code function: | 0_2_00007FF7978B72A8 | |
| Source: | Code function: | 0_2_00007FF7978B71F4 | |
| Source: | Code function: | 0_2_00007FF7978ABC70 | |
| Source: | Code function: | 0_2_00007FF7978BA874 | |
| Source: | Code function: | 0_2_00007FF7978AC7C0 | |
| Source: | Code function: | 0_2_00007FF7978BA4F8 | |
| Source: | Code function: | 0_2_00007FF7978B6428 | |
| Source: | Code function: | 0_2_00007FF7978BA350 | |
| Source: | Code function: | 0_2_00007FF797872F50 | |
| Source: | Code function: | 3_2_004C4005 | |
| Source: | Code function: | 3_2_004C494A | |
| Source: | Code function: | 3_2_004CC2FF | |
| Source: | Code function: | 3_2_004CCD14 | |
| Source: | Code function: | 3_2_004CCD9F | |
| Source: | Code function: | 3_2_004CF5D8 | |
| Source: | Code function: | 3_2_004CF735 | |
| Source: | Code function: | 3_2_004CFA36 | |
| Source: | Code function: | 3_2_004C3CE2 | |
| Source: | Code function: | 8_2_00F84005 | |
| Source: | Code function: | 8_2_00F8494A | |
| Source: | Code function: | 8_2_00F8C2FF | |
| Source: | Code function: | 8_2_00F8CD9F | |
| Source: | Code function: | 8_2_00F8CD14 | |
| Source: | Code function: | 8_2_00F8F5D8 | |
| Source: | Code function: | 8_2_00F8F735 | |
| Source: | Code function: | 8_2_00F8FA36 | |
| Source: | Code function: | 8_2_00F83CE2 | |
| Source: | Code function: | 0_2_00007FF797851D80 | |
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Thread delayed: | Jump to behavior | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | API call chain: | ||
| Source: | Process information queried: | Jump to behavior | ||
| Source: | Code function: | 0_2_00007FF7978C0A00 | |
| Source: | Code function: | 0_2_00007FF7978337B0 | |
| Source: | Code function: | 0_2_00007FF797855BC0 | |
| Source: | Code function: | 0_2_00007FF7978C7634 | |
| Source: | Code function: | 0_2_00007FF79789D868 | |
| Source: | Process token adjusted: | Jump to behavior | ||
| Source: | Code function: | 0_2_00007FF7978557E4 | |
| Source: | Code function: | 0_2_00007FF7978559C8 | |
| Source: | Code function: | 0_2_00007FF797878FE4 | |
| Source: | Code function: | 0_2_00007FF79786AF58 | |
| Source: | Code function: | 3_2_0048A354 | |
| Source: | Code function: | 3_2_0048A385 | |
| Source: | Code function: | 8_2_00F4A385 | |
| Source: | Code function: | 8_2_00F4A354 | |
HIPS / PFW / Operating System Protection Evasion | |
|---|
| Source: | Process created: | ||
| Source: | Code function: | 0_2_00007FF79789CE68 | |
| Source: | Code function: | 0_2_00007FF7978337B0 | |
| Source: | Code function: | 0_2_00007FF7978A9420 | |
| Source: | Code function: | 0_2_00007FF7978AD1A4 | |
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | Jump to behavior | ||
| Source: | Process created: | |||
| Source: | Process created: | Jump to behavior | ||
| Source: | Code function: | 0_2_00007FF79789C858 | |
| Source: | Code function: | 0_2_00007FF79789D540 | |
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Code function: | 0_2_00007FF79786FD20 | |
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Queries volume information: | Jump to behavior | ||
| Source: | Code function: | 0_2_00007FF79786BEF8 | |
| Source: | Code function: | 0_2_00007FF797892BCF | |
| Source: | Code function: | 0_2_00007FF797872650 | |
| Source: | Code function: | 0_2_00007FF797851D80 | |
| Source: | Key value queried: | Jump to behavior | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Binary or memory string: | ||
| Source: | Code function: | 0_2_00007FF7978C4074 | |
| Source: | Code function: | 0_2_00007FF7978C3940 | |
| Source: | Code function: | 3_2_004D696E | |
| Source: | Code function: | 3_2_004D6E32 | |
| Source: | Code function: | 8_2_00F9696E | |
| Source: | Code function: | 8_2_00F96E32 | |
| Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Gather Victim Identity Information | 1 Scripting | 2 Valid Accounts | 2 Native API | 1 Scripting | 1 Exploitation for Privilege Escalation | 1 Disable or Modify Tools | 21 Input Capture | 2 System Time Discovery | Remote Services | 1 Archive Collected Data | 2 Ingress Tool Transfer | Exfiltration Over Other Network Medium | 1 System Shutdown/Reboot |
| Credentials | Domains | Default Accounts | 1 Command and Scripting Interpreter | 1 DLL Side-Loading | 1 DLL Side-Loading | 1 Deobfuscate/Decode Files or Information | LSASS Memory | 1 Account Discovery | Remote Desktop Protocol | 21 Input Capture | 11 Encrypted Channel | Exfiltration Over Bluetooth | Network Denial of Service |
| Email Addresses | DNS Server | Domain Accounts | 1 PowerShell | 2 Valid Accounts | 2 Valid Accounts | 2 Obfuscated Files or Information | Security Account Manager | 2 File and Directory Discovery | SMB/Windows Admin Shares | 3 Clipboard Data | 2 Non-Application Layer Protocol | Automated Exfiltration | Data Encrypted for Impact |
| Employee Names | Virtual Private Server | Local Accounts | Cron | 2 Registry Run Keys / Startup Folder | 21 Access Token Manipulation | 1 DLL Side-Loading | NTDS | 26 System Information Discovery | Distributed Component Object Model | Input Capture | 13 Application Layer Protocol | Traffic Duplication | Data Destruction |
| Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | 12 Process Injection | 211 Masquerading | LSA Secrets | 31 Security Software Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
| Domain Properties | Botnet | Replication Through Removable Media | Scheduled Task | RC Scripts | 2 Registry Run Keys / Startup Folder | 2 Valid Accounts | Cached Domain Credentials | 21 Virtualization/Sandbox Evasion | VNC | GUI Input Capture | Multiband Communication | Data Transfer Size Limits | Service Stop |
| DNS | Web Services | External Remote Services | Systemd Timers | Startup Items | Startup Items | 21 Virtualization/Sandbox Evasion | DCSync | 3 Process Discovery | Windows Remote Management | Web Portal Capture | Commonly Used Port | Exfiltration Over C2 Channel | Inhibit System Recovery |
| Network Trust Dependencies | Serverless | Drive-by Compromise | Container Orchestration Job | Scheduled Task/Job | Scheduled Task/Job | 21 Access Token Manipulation | Proc Filesystem | 11 Application Window Discovery | Cloud Services | Credential API Hooking | Application Layer Protocol | Exfiltration Over Alternative Protocol | Defacement |
| Network Topology | Malvertising | Exploit Public-Facing Application | Command and Scripting Interpreter | At | At | 12 Process Injection | /etc/passwd and /etc/shadow | 1 System Owner/User Discovery | Direct Cloud VM Connections | Data Staged | Web Protocols | Exfiltration Over Symmetric Encrypted Non-C2 Protocol | Internal Defacement |
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
InternetThis section contains all screenshots as thumbnails, including those not shown in the slideshow.
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 32% | ReversingLabs | Win64.Trojan.Privateloader | ||
| 100% | Joe Sandbox ML |
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 3% | ReversingLabs | |||
| 3% | ReversingLabs |
⊘No Antivirus matches
⊘No Antivirus matches
| Source | Detection | Scanner | Label | Link |
|---|---|---|---|---|
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe | ||
| 0% | URL Reputation | safe |
| Name | IP | Active | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|---|
| my.cloudme.com | 83.140.241.4 | true | false | unknown | |
| nbhkmKSQnaDrIkubbvvLMhHdgigs.nbhkmKSQnaDrIkubbvvLMhHdgigs | unknown | unknown | false | unknown |
| Name | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|
| false | unknown |
| Name | Source | Malicious | Antivirus Detection | Reputation |
|---|---|---|---|---|
| false | unknown | |||
| false |
| unknown | ||
| false | unknown | |||
| false |
| unknown | ||
| false | unknown | |||
| false | unknown | |||
| false |
| unknown | ||
| false | unknown | |||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false |
| unknown | ||
| false | unknown | |||
| false | unknown | |||
| false |
| unknown | ||
| false | unknown | |||
| false | unknown | |||
| false |
| unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
| IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
|---|---|---|---|---|---|---|
| 83.140.241.4 | my.cloudme.com | Sweden | 39369 | PORT80SE | false |
| Joe Sandbox version: | 41.0.0 Charoite |
| Analysis ID: | 1528956 |
| Start date and time: | 2024-10-08 14:11:05 +02:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | 0h 8m 54s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | default.jbs |
| Analysis system description: | Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01 |
| Number of analysed new started processes analysed: | 12 |
| Number of new started drivers analysed: | 0 |
| Number of existing processes analysed: | 0 |
| Number of existing drivers analysed: | 0 |
| Number of injected processes analysed: | 0 |
| Technologies: |
|
| Analysis Mode: | default |
| Analysis stop reason: | Timeout |
| Sample name: | file.exe |
| Detection: | MAL |
| Classification: | mal100.expl.evad.winEXE@12/10@3/1 |
| EGA Information: |
|
| HCA Information: |
|
| Cookbook Comments: |
|
- Exclude process from analysis (whitelisted): MpCmdRun.exe, WMIADAP.exe, SIHClient.exe, conhost.exe
- Excluded domains from analysis (whitelisted): ocsp.digicert.com, slscr.update.microsoft.com, otelrules.azureedge.net, ctldl.windowsupdate.com, fe3cr.delivery.mp.microsoft.com
- Execution Graph export aborted for target powershell.exe, PID 7452 because it is empty
- Not all processes where analyzed, report is missing behavior information
- Report creation exceeded maximum time and may have missing disassembly code information.
- Report size exceeded maximum capacity and may have missing disassembly code.
- Report size getting too big, too many NtOpenKeyEx calls found.
- Report size getting too big, too many NtProtectVirtualMemory calls found.
- Report size getting too big, too many NtQueryValueKey calls found.
- Some HTTPS proxied raw data packets have been limited to 10 per session. Please view the PCAPs for the complete data.
- VT rate limit hit for: file.exe
| Time | Type | Description |
|---|---|---|
| 08:11:59 | API Interceptor | |
| 08:12:44 | API Interceptor | |
| 08:13:02 | API Interceptor | |
| 13:12:07 | Autostart |
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 83.140.241.4 | Get hash | malicious | Unknown | Browse | ||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse |
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| my.cloudme.com | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| PORT80SE | Get hash | malicious | Mirai | Browse |
| |
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai | Browse |
| ||
| Get hash | malicious | Mirai, Okiru | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | Moobot | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| 3b5074b1b5d032e5620f69f9f700ff0e | Get hash | malicious | Unknown | Browse |
| |
| Get hash | malicious | Xmrig | Browse |
| ||
| Get hash | malicious | DarkCloud, PureLog Stealer, zgRAT | Browse |
| ||
| Get hash | malicious | MassLogger RAT, Snake Keylogger, VIP Keylogger | Browse |
| ||
| Get hash | malicious | AgentTesla | Browse |
| ||
| Get hash | malicious | Snake Keylogger, VIP Keylogger | Browse |
| ||
| Get hash | malicious | Remcos | Browse |
| ||
| Get hash | malicious | Snake Keylogger, VIP Keylogger | Browse |
| ||
| Get hash | malicious | Unknown | Browse |
| ||
| Get hash | malicious | MassLogger RAT, Snake Keylogger, VIP Keylogger | Browse |
|
| Match | Associated Sample Name / URL | SHA 256 | Detection | Threat Name | Link | Context |
|---|---|---|---|---|---|---|
| C:\Users\user\AppData\Local\WordGenius Technologies\SwiftWrite.pif | Get hash | malicious | Unknown | Browse | ||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Remcos | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Vidar | Browse | |||
| Get hash | malicious | Vidar | Browse | |||
| Get hash | malicious | Vidar | Browse | |||
| C:\Users\Public\InformationCheck.exe | Get hash | malicious | Unknown | Browse | ||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Remcos | Browse | |||
| Get hash | malicious | Unknown | Browse | |||
| Get hash | malicious | Vidar | Browse | |||
| Get hash | malicious | Vidar | Browse | |||
| Get hash | malicious | Vidar | Browse |
| Process: | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 3620039 |
| Entropy (8bit): | 4.736955843465757 |
| Encrypted: | false |
| SSDEEP: | 24576:qcvKQ2VLYaNQyTmm7tz64dFZS2qymrZEDXYUJwTRPVi+3MQt/+DnIJKXU4nKojHJ:c |
| MD5: | 72763724603D6508FBBCDEC39CDA4D4D |
| SHA1: | 3C837147E67B55121B59EAE7E42C8EC872E4D161 |
| SHA-256: | BCE069F52CDA27A4EC001A2BB0E6605AE817E6B64BCAA6A007DE513C641D32CC |
| SHA-512: | A6CFCD7F382366E77585403ACB5B4A227EA9CA20A0A7028A360336E1D9C7CC8CD2DBA6C42E7DA8984B1E7BD9CEDED2810D33871542139A2F821164C9A7BCD7C9 |
| Malicious: | true |
| Reputation: | low |
| Preview: |
| Process: | C:\Users\user\Desktop\file.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 893608 |
| Entropy (8bit): | 6.620131693023677 |
| Encrypted: | false |
| SSDEEP: | 12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01 |
| MD5: | C56B5F0201A3B3DE53E561FE76912BFD |
| SHA1: | 2A4062E10A5DE813F5688221DBEB3F3FF33EB417 |
| SHA-256: | 237D1BCA6E056DF5BB16A1216A434634109478F882D3B1D58344C801D184F95D |
| SHA-512: | 195B98245BB820085AE9203CDB6D470B749D1F228908093E8606453B027B7D7681CCD7952E30C2F5DD40F8F0B999CCFC60EBB03419B574C08DE6816E75710D2C |
| Malicious: | true |
| Antivirus: |
|
| Joe Sandbox View: |
|
| Reputation: | moderate, very likely benign file |
| Preview: |
| Process: | C:\Users\user\Desktop\file.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 380 |
| Entropy (8bit): | 5.116284509919443 |
| Encrypted: | false |
| SSDEEP: | 6:gsvPFyKoJZYZId25PaH9Ayz1gY1PaHzPMKds48QLh8JdWzH6mLF7djIXIINOQboA:xv9ZoFrAymYEzdHGHWzH6mL5dsfHb5M+ |
| MD5: | 7E5918EC14E800FE40280F727544F88D |
| SHA1: | 510337BBF777624CCDD45402B50A54709AFE1DBF |
| SHA-256: | EA88240652FD5531C00665A03D4F78B8E8AC1ECC8C4014E5A3063996D29EB151 |
| SHA-512: | 02013E30AF60B2F81EE83ED7CABE08BEF60C2BCE7284E46EA620D7735C30B5A558F6F302CB7D53DA6EDB8ACC28BE7CB315F3A5C041AB22E7EAECEF73757DE89A |
| Malicious: | true |
| Reputation: | low |
| Preview: |
C:\Users\user\AppData\Local\Microsoft\Windows\PowerShell\StartupProfileData-NonInteractive
Download File
| Process: | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 64 |
| Entropy (8bit): | 1.1940658735648508 |
| Encrypted: | false |
| SSDEEP: | 3:NlllulJnp/p:NllU |
| MD5: | BC6DB77EB243BF62DC31267706650173 |
| SHA1: | 9E42FEFC2E92DE0DB2A2C9911C866320E41B30FF |
| SHA-256: | 5B000939E436B6D314E3262887D8DB6E489A0DDF1E10E5D3D80F55AA25C9FC27 |
| SHA-512: | 91DC4935874ECA2A4C8DE303D83081FE945C590208BB844324D1E0C88068495E30AAE2321B3BA8A762BA08DAAEB75D9931522A47C5317766C27E6CE7D04BEEA9 |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 60 |
| Entropy (8bit): | 4.038920595031593 |
| Encrypted: | false |
| SSDEEP: | 3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX |
| MD5: | D17FE0A3F47BE24A6453E9EF58C94641 |
| SHA1: | 6AB83620379FC69F80C0242105DDFFD7D98D5D9D |
| SHA-256: | 96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7 |
| SHA-512: | 5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82 |
| Malicious: | false |
| Preview: |
| Process: | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 60 |
| Entropy (8bit): | 4.038920595031593 |
| Encrypted: | false |
| SSDEEP: | 3:Si2NPqzAYMLAKVpKGOyzKtFS:SnqbKAKWGX |
| MD5: | D17FE0A3F47BE24A6453E9EF58C94641 |
| SHA1: | 6AB83620379FC69F80C0242105DDFFD7D98D5D9D |
| SHA-256: | 96AD1146EB96877EAB5942AE0736B82D8B5E2039A80D3D6932665C1A4C87DCF7 |
| SHA-512: | 5B592E58F26C264604F98F6AA12860758CE606D1C63220736CF0C779E4E18E3CEC8706930A16C38B20161754D1017D1657D35258E58CA22B18F5B232880DEC82 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\Public\InformationCheck.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 3620036 |
| Entropy (8bit): | 4.736940517668657 |
| Encrypted: | false |
| SSDEEP: | 24576:DcvKQ2VLYaNQyTmm7tz64dFZS2qymrZEDXYUJwTRPVi+3MQt/+DnIJKXU4nKojHJ:P |
| MD5: | 9E8D5AA38FF56E9E7FD33459E9EF63DF |
| SHA1: | 5CC576C041A709B739EA7FA46A702ECD2DC69F7C |
| SHA-256: | 1A33298AFDC03C9AB7B5F9FA1017DDFBAE2C7D4EC6A381007F56F6C73C692F12 |
| SHA-512: | 7238F82A0C9618AE6C5A47A312ABDFC79DC8E44FB07BA80DBC613AF1D7F54B6B93F6F132ADACD9157219E1F421BFE3462C0C14D301A289048D40EFDD3B6807D6 |
| Malicious: | false |
| Preview: |
| Process: | C:\Users\Public\InformationCheck.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 184 |
| Entropy (8bit): | 4.736154105743425 |
| Encrypted: | false |
| SSDEEP: | 3:RiMIpGXfeNH5E5wWAX+Ro6p4EkD5yKXW/Zi+0/RaMl85uWAX+Ro6p4EkD5yKXW/f:RiJbNHCwWDKaJkDrXW/Zz0tl8wWDKaJX |
| MD5: | 612D28A7A2758BAAF54DB34272446F87 |
| SHA1: | D4671632FC2141EF2AB2455F8923BC5197B2FD68 |
| SHA-256: | 94A83DD87CE7268703585A40C52491DDC7D332380B82832951DED047AAE6D73A |
| SHA-512: | B4B64908C674F92F5D4B1E761E123957E8D5CD6C3F433D2D5C6ADD19101FD0610EE968222D4CED31E8F21F7F022D880E7E723E4171BC7DB18C37A2000A58565B |
| Malicious: | true |
| Preview: |
| Process: | C:\Users\Public\InformationCheck.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 893608 |
| Entropy (8bit): | 6.620131693023677 |
| Encrypted: | false |
| SSDEEP: | 12288:6pVWeOV7GtINsegA/hMyyzlcqikvAfcN9b2MyZa31twoPTdFxgawV2M01:6T3E53Myyzl0hMf1tr7Caw8M01 |
| MD5: | C56B5F0201A3B3DE53E561FE76912BFD |
| SHA1: | 2A4062E10A5DE813F5688221DBEB3F3FF33EB417 |
| SHA-256: | 237D1BCA6E056DF5BB16A1216A434634109478F882D3B1D58344C801D184F95D |
| SHA-512: | 195B98245BB820085AE9203CDB6D470B749D1F228908093E8606453B027B7D7681CCD7952E30C2F5DD40F8F0B999CCFC60EBB03419B574C08DE6816E75710D2C |
| Malicious: | true |
| Antivirus: |
|
| Joe Sandbox View: |
|
| Preview: |
C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SwiftWrite.url 
Download File
| Process: | C:\Windows\SysWOW64\cmd.exe |
| File Type: | |
| Category: | dropped |
| Size (bytes): | 98 |
| Entropy (8bit): | 4.915531212533357 |
| Encrypted: | false |
| SSDEEP: | 3:HRAbABGQaFyw3pYot+kiE2J5yKXW/Zi+URAAy:HRYF5yjowkn23yKXW/Zzyy |
| MD5: | 56D029782506F3E1F7EC40780D1DA27F |
| SHA1: | C7E0690DE9B31C951AC212A7E940E460267F2BA1 |
| SHA-256: | 5F412A72A3459ACA6A245DE1A280AB53CA5E6B306FECA32E0DF4B0B9B7863223 |
| SHA-512: | 1C5F108FB4325E4B47E9EE15F5D828569EE90676D5170D6D3B92BD13BD39CCAA68657CBB97761007154C73D2FFCFA8A3582879CB2097A899B22C1C83848A9D92 |
| Malicious: | true |
| Preview: |
| File type: | |
| Entropy (8bit): | 7.327058241749548 |
| TrID: |
|
| File name: | file.exe |
| File size: | 2'016'768 bytes |
| MD5: | 1d2cf62e7874bb460b7258279a55ddf3 |
| SHA1: | 9a060f273aee924d7972a5ddd561a34f4510d64d |
| SHA256: | c5378718434462185d98c672106dbfd4efbc8d6b7a0c60efe79000f11c955ffa |
| SHA512: | c7c0d1d19b7d1b200f00199c6e8795f12ac2839fd9e4d19268f6d2c409df4afa1b898b97e71bee25f5b28c2b8d0e88364a1a528d17ccdcaed9c626e5916a6056 |
| SSDEEP: | 49152:v2EYTb8atv1orq+pEiSDTj1VyvBaYzDiu2wlNF9wGDOg8jLeO07B+Iy3AqMl1ZcK:uXbIrqmDiu2cNF9wGDc07B+yqm1Z |
| TLSH: | 0795CF0973A4819DFEABE1B6CA22C657D6B17C458276861F01A47F763F337701A2E321 |
| File Content Preview: | MZ......................@...................................0...........!..L.!This program cannot be run in DOS mode....$.......o1).+PG.+PG.+PG.....>PG......PG......PG.....*PG.y8B..PG.y8C.:PG.y8D.#PG."(..#PG."(..*PG."(...PG.+PF..RG..9I.{PG..9D.*PG..9..*PG |
 | |
| Icon Hash: | 03c341595179597f |
| Entrypoint: | 0x14002549c |
| Entrypoint Section: | .text |
| Digitally signed: | false |
| Imagebase: | 0x140000000 |
| Subsystem: | windows gui |
| Image File Characteristics: | EXECUTABLE_IMAGE, LARGE_ADDRESS_AWARE |
| DLL Characteristics: | HIGH_ENTROPY_VA, DYNAMIC_BASE, NX_COMPAT, TERMINAL_SERVER_AWARE |
| Time Stamp: | 0x6703DEEA [Mon Oct 7 13:15:22 2024 UTC] |
| TLS Callbacks: | |
| CLR (.Net) Version: | |
| OS Version Major: | 5 |
| OS Version Minor: | 2 |
| File Version Major: | 5 |
| File Version Minor: | 2 |
| Subsystem Version Major: | 5 |
| Subsystem Version Minor: | 2 |
| Import Hash: | fadc5a257419d2541a6b13dfb5e311e2 |
| Instruction |
|---|
| dec eax |
| sub esp, 28h |
| call 00007F45D8857B60h |
| dec eax |
| add esp, 28h |
| jmp 00007F45D885746Fh |
| int3 |
| int3 |
| inc eax |
| push ebx |
| dec eax |
| sub esp, 20h |
| dec eax |
| mov ebx, ecx |
| dec eax |
| mov eax, edx |
| dec eax |
| lea ecx, dword ptr [0009466Dh] |
| dec eax |
| mov dword ptr [ebx], ecx |
| dec eax |
| lea edx, dword ptr [ebx+08h] |
| xor ecx, ecx |
| dec eax |
| mov dword ptr [edx], ecx |
| dec eax |
| mov dword ptr [edx+08h], ecx |
| dec eax |
| lea ecx, dword ptr [eax+08h] |
| call 00007F45D8859079h |
| dec eax |
| lea eax, dword ptr [0009467Dh] |
| dec eax |
| mov dword ptr [ebx], eax |
| dec eax |
| mov eax, ebx |
| dec eax |
| add esp, 20h |
| pop ebx |
| ret |
| int3 |
| dec eax |
| and dword ptr [ecx+10h], 00000000h |
| dec eax |
| lea eax, dword ptr [00094674h] |
| dec eax |
| mov dword ptr [ecx+08h], eax |
| dec eax |
| lea eax, dword ptr [00094659h] |
| dec eax |
| mov dword ptr [ecx], eax |
| dec eax |
| mov eax, ecx |
| ret |
| int3 |
| int3 |
| inc eax |
| push ebx |
| dec eax |
| sub esp, 20h |
| dec eax |
| mov ebx, ecx |
| dec eax |
| mov eax, edx |
| dec eax |
| lea ecx, dword ptr [0009460Dh] |
| dec eax |
| mov dword ptr [ebx], ecx |
| dec eax |
| lea edx, dword ptr [ebx+08h] |
| xor ecx, ecx |
| dec eax |
| mov dword ptr [edx], ecx |
| dec eax |
| mov dword ptr [edx+08h], ecx |
| dec eax |
| lea ecx, dword ptr [eax+08h] |
| call 00007F45D8859019h |
| dec eax |
| lea eax, dword ptr [00094645h] |
| dec eax |
| mov dword ptr [ebx], eax |
| dec eax |
| mov eax, ebx |
| dec eax |
| add esp, 20h |
| pop ebx |
| ret |
| int3 |
| dec eax |
| and dword ptr [ecx+10h], 00000000h |
| dec eax |
| lea eax, dword ptr [0009463Ch] |
| dec eax |
| mov dword ptr [ecx+08h], eax |
| dec eax |
| lea eax, dword ptr [00000021h] |
| Programming Language: |
|
| Name | Virtual Address | Virtual Size | Is in Section |
|---|---|---|---|
| IMAGE_DIRECTORY_ENTRY_EXPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IMPORT | 0xe5c10 | 0x17c | .rdata |
| IMAGE_DIRECTORY_ENTRY_RESOURCE | 0xfb000 | 0xf7d5f | .rsrc |
| IMAGE_DIRECTORY_ENTRY_EXCEPTION | 0xf4000 | 0x6f48 | .pdata |
| IMAGE_DIRECTORY_ENTRY_SECURITY | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_BASERELOC | 0x1f3000 | 0xa74 | .reloc |
| IMAGE_DIRECTORY_ENTRY_DEBUG | 0xc7050 | 0x1c | .rdata |
| IMAGE_DIRECTORY_ENTRY_COPYRIGHT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_GLOBALPTR | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_TLS | 0xd9aa0 | 0x28 | .rdata |
| IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG | 0xc7070 | 0x100 | .rdata |
| IMAGE_DIRECTORY_ENTRY_BOUND_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_IAT | 0xb5000 | 0x1138 | .rdata |
| IMAGE_DIRECTORY_ENTRY_DELAY_IMPORT | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_COM_DESCRIPTOR | 0x0 | 0x0 | |
| IMAGE_DIRECTORY_ENTRY_RESERVED | 0x0 | 0x0 |
| Name | Virtual Address | Virtual Size | Raw Size | MD5 | Xored PE | ZLIB Complexity | File Type | Entropy | Characteristics |
|---|---|---|---|---|---|---|---|---|---|
| .text | 0x1000 | 0xb3328 | 0xb3400 | 507a8505198e35cc9675301d53e3b1c4 | False | 0.5503358721234309 | data | 6.5212967575920215 | IMAGE_SCN_CNT_CODE, IMAGE_SCN_MEM_EXECUTE, IMAGE_SCN_MEM_READ |
| .rdata | 0xb5000 | 0x34204 | 0x34400 | 9eda36be0cf076085a2f9772c1ee5803 | False | 0.30884139503588515 | data | 5.360588077813426 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .data | 0xea000 | 0x9120 | 0x5000 | ec6b77d6ef8898b0d3b7d48c042d66a0 | False | 0.040673828125 | DOS executable (block device driver) | 0.5749243362866429 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ, IMAGE_SCN_MEM_WRITE |
| .pdata | 0xf4000 | 0x6f48 | 0x7000 | 4416e27f8be9f9271c439d2fd34d1b2d | False | 0.49612862723214285 | data | 5.911479421450324 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .rsrc | 0xfb000 | 0xf7d5f | 0xf7e00 | ceb6bcaf6eba18deca9c692827bf05dd | False | 0.9149253025718608 | data | 7.848959409713496 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_READ |
| .reloc | 0x1f3000 | 0xa74 | 0xc00 | 5ddb0e422ace102fe530e589a0cbec6f | False | 0.4850260416666667 | data | 5.139847116863034 | IMAGE_SCN_CNT_INITIALIZED_DATA, IMAGE_SCN_MEM_DISCARDABLE, IMAGE_SCN_MEM_READ |
| Name | RVA | Size | Type | Language | Country | ZLIB Complexity |
|---|---|---|---|---|---|---|
| AVI | 0xfb5d0 | 0x3a00 | RIFF (little-endian) data, AVI, 272 x 60, 10.00 fps, video: RLE 8bpp | English | United States | 0.4548760775862069 |
| SVG | 0xfefd0 | 0x46d | SVG Scalable Vector Graphics image | English | United States | 0.3909973521624007 |
| RT_ICON | 0xff440 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 192 | English | Great Britain | 0.7466216216216216 |
| RT_ICON | 0xff568 | 0x128 | Device independent bitmap graphic, 16 x 32 x 4, image size 128, 16 important colors | English | Great Britain | 0.3277027027027027 |
| RT_ICON | 0xff690 | 0x468 | Device independent bitmap graphic, 16 x 32 x 32, image size 1024, resolution 3779 x 3779 px/m | English | Great Britain | 0.7730496453900709 |
| RT_ICON | 0xffaf8 | 0x10a8 | Device independent bitmap graphic, 32 x 64 x 32, image size 4096, resolution 3779 x 3779 px/m | English | Great Britain | 0.6629924953095685 |
| RT_ICON | 0x100ba0 | 0x25a8 | Device independent bitmap graphic, 48 x 96 x 32, image size 9216, resolution 3779 x 3779 px/m | English | Great Britain | 0.578734439834025 |
| RT_ICON | 0x103148 | 0x4228 | Device independent bitmap graphic, 64 x 128 x 32, image size 16384, resolution 3779 x 3779 px/m | English | Great Britain | 0.5426901275389703 |
| RT_ICON | 0x107370 | 0x10828 | Device independent bitmap graphic, 128 x 256 x 32, image size 65536, resolution 3779 x 3779 px/m | English | Great Britain | 0.42431681059978704 |
| RT_ICON | 0x117b98 | 0xd90d | PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced | English | Great Britain | 1.000467920453523 |
| RT_MENU | 0x1254a8 | 0x1856 | data | English | United States | 0.365008025682183 |
| RT_MENU | 0x126d00 | 0x15f4 | data | English | United States | 0.36850533807829183 |
| RT_MENU | 0x1282f4 | 0x1ff0 | data | English | United States | 0.2844911937377691 |
| RT_MENU | 0x12a2e4 | 0x50 | data | English | Great Britain | 0.9 |
| RT_STRING | 0x12a334 | 0x594 | data | English | Great Britain | 0.3333333333333333 |
| RT_STRING | 0x12a8c8 | 0x68a | data | English | Great Britain | 0.2735961768219833 |
| RT_STRING | 0x12af54 | 0x490 | data | English | Great Britain | 0.3715753424657534 |
| RT_STRING | 0x12b3e4 | 0x5fc | data | English | Great Britain | 0.3087467362924282 |
| RT_STRING | 0x12b9e0 | 0x65c | data | English | Great Britain | 0.34336609336609336 |
| RT_STRING | 0x12c03c | 0x466 | data | English | Great Britain | 0.3605683836589698 |
| RT_STRING | 0x12c4a4 | 0x158 | Matlab v4 mat-file (little endian) n, numeric, rows 0, columns 0 | English | Great Britain | 0.502906976744186 |
| RT_RCDATA | 0x12c5fc | 0xc62f0 | data | 1.0003153641470386 | ||
| RT_GROUP_ICON | 0x1f28ec | 0x5a | data | English | Great Britain | 0.7888888888888889 |
| RT_GROUP_ICON | 0x1f2948 | 0x14 | data | English | Great Britain | 1.25 |
| RT_GROUP_ICON | 0x1f295c | 0x14 | data | English | Great Britain | 1.15 |
| RT_MANIFEST | 0x1f2970 | 0x3ef | ASCII text, with CRLF line terminators | English | Great Britain | 0.5074478649453823 |
| DLL | Import |
|---|---|
| WSOCK32.dll | gethostbyname, recv, send, socket, inet_ntoa, setsockopt, ntohs, WSACleanup, WSAStartup, sendto, htons, __WSAFDIsSet, select, accept, listen, bind, inet_addr, ioctlsocket, recvfrom, WSAGetLastError, closesocket, gethostname, connect |
| VERSION.dll | GetFileVersionInfoW, VerQueryValueW, GetFileVersionInfoSizeW |
| WINMM.dll | timeGetTime, waveOutSetVolume, mciSendStringW |
| COMCTL32.dll | ImageList_ReplaceIcon, ImageList_Destroy, ImageList_Remove, ImageList_SetDragCursorImage, ImageList_BeginDrag, ImageList_DragEnter, ImageList_DragLeave, ImageList_EndDrag, ImageList_DragMove, InitCommonControlsEx, ImageList_Create |
| MPR.dll | WNetGetConnectionW, WNetCancelConnection2W, WNetUseConnectionW, WNetAddConnection2W |
| WININET.dll | HttpOpenRequestW, InternetCloseHandle, InternetOpenW, InternetSetOptionW, InternetCrackUrlW, HttpQueryInfoW, InternetQueryOptionW, InternetConnectW, HttpSendRequestW, FtpOpenFileW, FtpGetFileSize, InternetOpenUrlW, InternetReadFile, InternetQueryDataAvailable |
| PSAPI.DLL | GetProcessMemoryInfo |
| IPHLPAPI.DLL | IcmpSendEcho, IcmpCloseHandle, IcmpCreateFile |
| USERENV.dll | DestroyEnvironmentBlock, LoadUserProfileW, CreateEnvironmentBlock, UnloadUserProfile |
| UxTheme.dll | IsThemeActive |
| KERNEL32.dll | WaitForSingleObject, HeapAlloc, GetProcessHeap, HeapFree, Sleep, GetCurrentThreadId, MultiByteToWideChar, MulDiv, GetVersionExW, IsWow64Process, GetSystemInfo, FreeLibrary, LoadLibraryA, GetProcAddress, SetErrorMode, GetModuleFileNameW, WideCharToMultiByte, lstrcpyW, lstrlenW, GetModuleHandleW, QueryPerformanceCounter, VirtualFreeEx, OpenProcess, VirtualAllocEx, WriteProcessMemory, ReadProcessMemory, CreateFileW, SetFilePointerEx, SetEndOfFile, ReadFile, WriteFile, FlushFileBuffers, TerminateProcess, CreateToolhelp32Snapshot, Process32FirstW, Process32NextW, SetFileTime, GetFileAttributesW, FindFirstFileW, FindClose, GetLongPathNameW, GetShortPathNameW, DeleteFileW, FindNextFileW, CopyFileExW, GetFullPathNameW, CreateDirectoryW, RemoveDirectoryW, SetSystemPowerState, QueryPerformanceFrequency, LoadResource, LockResource, SizeofResource, OutputDebugStringW, GetTempPathW, GetTempFileNameW, DeviceIoControl, LoadLibraryW, GetLocalTime, CompareStringW, EnterCriticalSection, DuplicateHandle, GetStdHandle, CreatePipe, TerminateThread, LoadLibraryExW, FindResourceExW, CopyFileW, VirtualFree, FormatMessageW, GetExitCodeProcess, GetPrivateProfileStringW, WritePrivateProfileStringW, GetPrivateProfileSectionW, WritePrivateProfileSectionW, GetPrivateProfileSectionNamesW, FileTimeToLocalFileTime, FileTimeToSystemTime, SystemTimeToFileTime, LocalFileTimeToFileTime, GetDriveTypeW, GetDiskFreeSpaceExW, GetDiskFreeSpaceW, GetVolumeInformationW, SetVolumeLabelW, CreateHardLinkW, SetFileAttributesW, CreateEventW, SetEvent, GetEnvironmentVariableW, SetEnvironmentVariableW, GlobalLock, GlobalUnlock, GlobalAlloc, GetFileSize, GlobalFree, GlobalMemoryStatusEx, Beep, GetSystemDirectoryW, HeapReAlloc, HeapSize, GetComputerNameW, GetWindowsDirectoryW, GetCurrentProcessId, GetProcessIoCounters, CreateProcessW, GetProcessId, SetPriorityClass, VirtualAlloc, SetCurrentDirectoryW, IsDebuggerPresent, GetCurrentDirectoryW, lstrcmpiW, GetLastError, RaiseException, InitializeCriticalSectionAndSpinCount, DeleteCriticalSection, RtlLookupFunctionEntry, RtlVirtualUnwind, UnhandledExceptionFilter, SetUnhandledExceptionFilter, GetStartupInfoW, IsProcessorFeaturePresent, GetSystemTimeAsFileTime, CreateThread, GetCurrentProcess, GetCurrentThread, LeaveCriticalSection, InitializeSListHead, RtlUnwindEx, RtlPcToFileHeader, SetLastError, TlsAlloc, ResetEvent, WaitForSingleObjectEx, TlsGetValue, TlsSetValue, TlsFree, EncodePointer, ExitProcess, GetModuleHandleExW, ExitThread, ResumeThread, FreeLibraryAndExitThread, GetACP, GetDateFormatW, GetTimeFormatW, LCMapStringW, GetStringTypeW, GetFileType, SetStdHandle, GetConsoleCP, GetConsoleMode, ReadConsoleW, GetTimeZoneInformation, FindFirstFileExW, IsValidCodePage, GetOEMCP, GetCPInfo, GetCommandLineA, GetCommandLineW, GetEnvironmentStringsW, FreeEnvironmentStringsW, SetEnvironmentVariableA, CloseHandle, WriteConsoleW, MoveFileW, RtlCaptureContext |
| USER32.dll | GetMenuStringW, GetSubMenu, GetCaretPos, IsZoomed, GetWindowLongW, GetMonitorInfoW, SetWindowLongW, SetLayeredWindowAttributes, FlashWindow, GetClassLongPtrW, TranslateAcceleratorW, IsDialogMessageW, GetSysColor, InflateRect, DrawFocusRect, DrawTextW, FrameRect, DrawFrameControl, FillRect, PtInRect, DestroyAcceleratorTable, CreateAcceleratorTableW, SetCursor, GetWindowDC, GetSystemMetrics, SetWindowLongPtrW, GetActiveWindow, CharNextW, wsprintfW, RedrawWindow, DrawMenuBar, DestroyMenu, SetMenu, GetWindowTextLengthW, CreateMenu, IsDlgButtonChecked, DefDlgProcW, CallWindowProcW, ReleaseCapture, SetCapture, BlockInput, GetMessageW, LockWindowUpdate, DispatchMessageW, TranslateMessage, PeekMessageW, GetInputState, UnregisterHotKey, CharLowerBuffW, MonitorFromPoint, MonitorFromRect, LoadImageW, mouse_event, ExitWindowsEx, SetActiveWindow, FindWindowExW, EnumThreadWindows, IsCharUpperW, InsertMenuItemW, IsMenu, TrackPopupMenuEx, GetCursorPos, DeleteMenu, CheckMenuRadioItem, GetMenuItemID, GetMenuItemCount, SetMenuItemInfoW, GetMenuItemInfoW, SetForegroundWindow, IsIconic, FindWindowW, GetClipboardData, keybd_event, SendInput, GetAsyncKeyState, SetKeyboardState, GetKeyboardState, GetKeyState, VkKeyScanW, LoadStringW, DialogBoxParamW, MessageBeep, EndDialog, SendDlgItemMessageW, GetDlgItem, SetWindowTextW, CopyRect, ReleaseDC, GetDC, EndPaint, BeginPaint, GetClientRect, GetMenu, DestroyWindow, EnumWindows, GetDesktopWindow, IsWindow, IsWindowEnabled, IsWindowVisible, EnableWindow, InvalidateRect, GetWindowThreadProcessId, AttachThreadInput, GetFocus, GetWindowTextW, ScreenToClient, SendMessageTimeoutW, EnumChildWindows, CharUpperBuffW, GetClassNameW, GetParent, GetDlgCtrlID, SendMessageW, MapVirtualKeyW, PostMessageW, IsCharLowerW, IsCharAlphaNumericW, IsCharAlphaW, GetKeyboardLayoutNameW, ClientToScreen, RegisterHotKey, GetCursorInfo, SetWindowPos, CopyImage, AdjustWindowRectEx, SetRect, SetClipboardData, EmptyClipboard, CountClipboardFormats, SetMenuDefaultItem, CloseClipboard, GetWindowRect, SetUserObjectSecurity, IsClipboardFormatAvailable, CloseDesktop, CloseWindowStation, OpenDesktopW, SetProcessWindowStation, GetProcessWindowStation, OpenWindowStationW, GetUserObjectSecurity, MessageBoxW, DefWindowProcW, MoveWindow, SetFocus, PostQuitMessage, KillTimer, CreatePopupMenu, RegisterWindowMessageW, SetTimer, ShowWindow, CreateWindowExW, RegisterClassExW, LoadIconW, LoadCursorW, GetSysColorBrush, GetForegroundWindow, MessageBoxA, DestroyIcon, SystemParametersInfoW, OpenClipboard, GetWindowLongPtrW |
| GDI32.dll | EndPath, DeleteObject, GetDeviceCaps, ExtCreatePen, StrokePath, SetPixel, CloseFigure, LineTo, AngleArc, MoveToEx, Ellipse, PolyDraw, GetTextExtentPoint32W, CreateCompatibleBitmap, BeginPath, Rectangle, SetViewportOrgEx, GetObjectW, SetBkMode, RoundRect, SetBkColor, CreatePen, CreateSolidBrush, SetTextColor, CreateFontW, GetTextFaceW, GetStockObject, CreateDCW, GetPixel, DeleteDC, GetDIBits, StretchBlt, SelectObject, CreateCompatibleDC, StrokeAndFillPath |
| COMDLG32.dll | GetSaveFileNameW, GetOpenFileNameW |
| ADVAPI32.dll | GetAce, RegEnumValueW, RegDeleteValueW, RegDeleteKeyW, RegEnumKeyExW, RegOpenKeyExW, RegCloseKey, RegQueryValueExW, RegConnectRegistryW, InitializeSecurityDescriptor, InitializeAcl, AdjustTokenPrivileges, OpenThreadToken, OpenProcessToken, LookupPrivilegeValueW, DuplicateTokenEx, CreateProcessAsUserW, CreateProcessWithLogonW, GetLengthSid, CopySid, LogonUserW, AllocateAndInitializeSid, CheckTokenMembership, FreeSid, GetTokenInformation, RegSetValueExW, GetSecurityDescriptorDacl, GetAclInformation, RegCreateKeyExW, AddAce, SetSecurityDescriptorDacl, InitiateSystemShutdownExW, GetUserNameW |
| SHELL32.dll | DragFinish, DragQueryPoint, ShellExecuteExW, DragQueryFileW, SHEmptyRecycleBinW, SHGetPathFromIDListW, SHBrowseForFolderW, SHCreateShellItem, SHGetDesktopFolder, SHGetSpecialFolderLocation, SHGetFolderPathW, SHFileOperationW, ExtractIconExW, Shell_NotifyIconW, ShellExecuteW |
| ole32.dll | CoTaskMemAlloc, CoTaskMemFree, CLSIDFromString, ProgIDFromCLSID, CLSIDFromProgID, OleSetMenuDescriptor, MkParseDisplayName, OleSetContainedObject, CoCreateInstance, IIDFromString, StringFromGUID2, CreateStreamOnHGlobal, OleInitialize, OleUninitialize, CoInitialize, CoUninitialize, GetRunningObjectTable, CoGetInstanceFromFile, CoGetObject, CoInitializeSecurity, CoCreateInstanceEx, CoSetProxyBlanket |
| OLEAUT32.dll | VariantChangeType, DispCallFunc, CreateStdDispatch, CreateDispTypeInfo, UnRegisterTypeLib, UnRegisterTypeLibForUser, RegisterTypeLibForUser, RegisterTypeLib, LoadTypeLibEx, VariantCopyInd, VariantTimeToSystemTime, SysFreeString, SafeArrayDestroyDescriptor, SafeArrayDestroyData, SafeArrayUnaccessData, VariantInit, VariantClear, VariantCopy, SysAllocString, SafeArrayCreateVector, VarR8FromDec, SafeArrayAllocDescriptorEx, SafeArrayAllocData, SysStringLen, SafeArrayGetVartype, OleLoadPicture, QueryPathOfRegTypeLib, SysReAllocString, SafeArrayAccessData |
| Language of compilation system | Country where language is spoken | Map |
|---|---|---|
| English | United States |  |
| English | Great Britain |  |
Key Decision
Richest Path
Thread / callback creation
Lower opacity -> Library Node| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Oct 8, 2024 14:12:01.113811970 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:01.113867044 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:01.113944054 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:01.126435041 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:01.126451969 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:01.944242001 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:01.944397926 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:01.949330091 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:01.949347019 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:01.949686050 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:01.962946892 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.007407904 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.653601885 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.653631926 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.653647900 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.653773069 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.653806925 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.653858900 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.663743973 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.663763046 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.663847923 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.663856983 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.663901091 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.668504000 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.668519020 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.668606997 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.668615103 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.668649912 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.672271967 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.672286987 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.672384977 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.672393084 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.672436953 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.674415112 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.674429893 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.674508095 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.674515009 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.674557924 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.675575972 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.676232100 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.676246881 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.676322937 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.676328897 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.676373005 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.678080082 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.678095102 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.678136110 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.678143024 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.678172112 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.678179979 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.680706978 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.680721045 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.680782080 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.680788994 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.680821896 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.680830956 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.682821035 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.682836056 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.682909012 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.682918072 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.682960033 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.684684992 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.684701920 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.684767962 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.684772968 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.684814930 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.685878038 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.685893059 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.685956955 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.685962915 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.686000109 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.687549114 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.687563896 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.687613010 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.687619925 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.687647104 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.687663078 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.709363937 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.709379911 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.709455967 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.709464073 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.709503889 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.729186058 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.729199886 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.729262114 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.729269981 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.729309082 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.730535984 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.730551004 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.730609894 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.730617046 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.730655909 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.732112885 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.732131958 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.732187033 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.732193947 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.732228994 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.733386993 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.733400106 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.733444929 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.733450890 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.733474970 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.733486891 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.735075951 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.735089064 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.735133886 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.735140085 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.735177040 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.736983061 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.736994982 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.737055063 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.737059116 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.737097979 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.738003016 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.738015890 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.738066912 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.738073111 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.738095045 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.738104105 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.797092915 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.797108889 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.797174931 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.797205925 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.797250032 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.816586971 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.816615105 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.816654921 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.816663980 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.816711903 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.816724062 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.817926884 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.817950964 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.818001986 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.818006992 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.818046093 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.819364071 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.819391966 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.819426060 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.819432020 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.819442034 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.819472075 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.819750071 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.820688963 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.820703983 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.820759058 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.820763111 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.820791006 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.820802927 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.822179079 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.822194099 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.822259903 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.822264910 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.822304010 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.823266983 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.823288918 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.823339939 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.823344946 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:02.823385000 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:02.874562025 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.230978966 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.231004953 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.231101036 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.231129885 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.231143951 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.231178045 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.232158899 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.232177019 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.232243061 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.232248068 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.232290983 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.233232021 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.233247042 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.233304977 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.233315945 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.233357906 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.235297918 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.235313892 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.235367060 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.235394955 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.235430956 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.235937119 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.235953093 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.236004114 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.236012936 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.236048937 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.236922979 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.236941099 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.236991882 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.237001896 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.237015009 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.237042904 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.238370895 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.238389969 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.238445997 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.238451004 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.238491058 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.239228010 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.239245892 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.239300013 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.239305973 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.239343882 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.240133047 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.240149021 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.240212917 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.240217924 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.240263939 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.241044998 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.241060972 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.241112947 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.241117954 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.241159916 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.242111921 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.242127895 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.242172003 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.242177010 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.242207050 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.242218971 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.242866993 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.242882013 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.242943048 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.242948055 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.242993116 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.243726969 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.243741989 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.243799925 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.243804932 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.243843079 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.244998932 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.245016098 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.245064974 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.245069981 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.245110035 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.245780945 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.245798111 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.245845079 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.245850086 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.245889902 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.246560097 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.246587038 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.246640921 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.246645927 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.246687889 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.247657061 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.247674942 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.247719049 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.247724056 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.247751951 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.247759104 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.248677015 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.248693943 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.248744965 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.248749971 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.248789072 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.248828888 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.248842955 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.248897076 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.248900890 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.248939037 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.249979019 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.249998093 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.250041008 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.250046015 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.250062943 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.250077963 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.251014948 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.251032114 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.251081944 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.251085997 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.251130104 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.251777887 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.251796961 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.251838923 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.251842976 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.251866102 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.251873970 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.252861023 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.252880096 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.252932072 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.252937078 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.252974987 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.253062963 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.253078938 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.253118038 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.253122091 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.253146887 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.253154993 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.254015923 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.254033089 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.254077911 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.254082918 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.254117966 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.254925966 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.254941940 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.254993916 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.254997969 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.255040884 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.255866051 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.255882978 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.255934954 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.255939960 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.255976915 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.256588936 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.256603956 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.256675005 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.256680012 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.256724119 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.256891012 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.256908894 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.256952047 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.256957054 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.257002115 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.257811069 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.257826090 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.257878065 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.257883072 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.257921934 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.258569956 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.258589983 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.258642912 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.258647919 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.258690119 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.259376049 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.259397984 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.259449005 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.259454012 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.259495020 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.259780884 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.259794950 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.259834051 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.259839058 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.259865999 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.259871960 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.260330915 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.260344982 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.260406017 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.260411978 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.260449886 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.260934114 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.260951042 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.260987997 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.260993004 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.261018038 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.261030912 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.261894941 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.261909962 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.261950970 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.261965990 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.261974096 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.261991978 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.262011051 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.262037039 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.262922049 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.262936115 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.262978077 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.262983084 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.263010979 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.263863087 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.263880968 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.263928890 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.263933897 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.263943911 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.263956070 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.263981104 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.263987064 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.264009953 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.271780014 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.271811008 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.271856070 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.271888018 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.271905899 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.307498932 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.321871996 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.321897984 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.321989059 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.322015047 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.322052002 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.341120958 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.341139078 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.341206074 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.341238022 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.341253042 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.341280937 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.343375921 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.343400002 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.343439102 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.343447924 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.343460083 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.343492985 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.343996048 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.344017029 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.344058990 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.344072104 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.344083071 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.344110966 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.344827890 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.344850063 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.344896078 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.344901085 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.344939947 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.345151901 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.345355988 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.345374107 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.345438957 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.345444918 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.345488071 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.346128941 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.346144915 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.346204996 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.346211910 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.346251965 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.359771013 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.359786987 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.359843016 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.359857082 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.359903097 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.409698009 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.409718990 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.409784079 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.409811020 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.409864902 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.428693056 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.428714991 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.428781033 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.428811073 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.428824902 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.428852081 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.431045055 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.431066036 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.431121111 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.431128979 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.431168079 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.431749105 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.431765079 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.431818008 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.431823969 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.431863070 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.432307005 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.432322025 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.432382107 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.432389021 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.432426929 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.433031082 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.433048010 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.433082104 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.433088064 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.433115005 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.433123112 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.434346914 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.434365034 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.434413910 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.434420109 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.434459925 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.447102070 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.447118998 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.447174072 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.447181940 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.447221041 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.497162104 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.497179985 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.497260094 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.497287989 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.497333050 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.516217947 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.516238928 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.516310930 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.516330004 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.516370058 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.519145966 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.519162893 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.519217014 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.519222975 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.519248009 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.519259930 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.523652077 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.523674965 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.523722887 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.523729086 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.523746967 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.523766041 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.524197102 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.524215937 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.524260998 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.524266005 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.524291039 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.524349928 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.524595022 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.524615049 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.524660110 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.524665117 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.524702072 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.528126955 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.528148890 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.528203011 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.528217077 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.528261900 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.541284084 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.541340113 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.541368008 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.541377068 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.541398048 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.541410923 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.586436987 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.586461067 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.586543083 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.586553097 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.586577892 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.586591959 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.604684114 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.604707003 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.604779005 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.604784966 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.604830980 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.607929945 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.607945919 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.608005047 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.608015060 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.608058929 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.609523058 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.609539986 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.609591961 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.609597921 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.609607935 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.609637976 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.610466957 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.610517025 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.610531092 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.610536098 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.610564947 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.610579014 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.610975981 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.610996008 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.611048937 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.611056089 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.611093998 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.615191936 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.615209103 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.615271091 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.615295887 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.615336895 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.628179073 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.628201008 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.628262997 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.628263950 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.628283978 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.628328085 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.673178911 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.673206091 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.673270941 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.673301935 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.673319101 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.673338890 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.702965021 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.702986002 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.703036070 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.703073978 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.703090906 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.703113079 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.703445911 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.703470945 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.703511953 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.703519106 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.703557968 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.703567028 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.704101086 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.704119921 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.704174995 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.704180956 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.704220057 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.704420090 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.704436064 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.704488993 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.704495907 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.704535007 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.705245018 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.705260038 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.705303907 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.705312014 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.705355883 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.705935955 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.705952883 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.705998898 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.706007004 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.706048012 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.715764046 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.715780973 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.715848923 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.715876102 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.715915918 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.760571957 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.760596991 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.760662079 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.760687113 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.760730982 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.790452957 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.790477991 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.790513992 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.790537119 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.790551901 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.790574074 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.790878057 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.790894985 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.790946960 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.790957928 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.790992975 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.791627884 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.791644096 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.791695118 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.791706085 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.791743994 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.792251110 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.792268038 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.792323112 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.792332888 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.792371035 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.793003082 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.793019056 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.793056011 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.793062925 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.793087959 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.793104887 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.793340921 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.793355942 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.793392897 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.793400049 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.793425083 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.793440104 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.803395033 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.803416967 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.803473949 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.803498030 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.803538084 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.848140955 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.848156929 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.848205090 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.848228931 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.848241091 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.848269939 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.878252983 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.878277063 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.878359079 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.878396034 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.878447056 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.878758907 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.878773928 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.878842115 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.878855944 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.878904104 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.879580975 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.879595041 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.879646063 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.879651070 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.879673958 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.879690886 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.880223036 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.880238056 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.880290985 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.880296946 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.880341053 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.880595922 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.880609989 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.880664110 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.880670071 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.880708933 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.881289005 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.881302118 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.881357908 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.881364107 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.881401062 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.891182899 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.891204119 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.891268015 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.891280890 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.891308069 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.891330004 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.935945988 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.935967922 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.936055899 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.936085939 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.936099052 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.936125994 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.965850115 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.965876102 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.965950966 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.965979099 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.966022968 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.966716051 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.966733932 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.966784000 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.966790915 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.966828108 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.967240095 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.967257023 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.967315912 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.967318058 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.967330933 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.967365026 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.967375994 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.967392921 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.967422009 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.967432976 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.968285084 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.968300104 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.968352079 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.968357086 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.968394041 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.968959093 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.968971968 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.969019890 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.969023943 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.969058037 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.980588913 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.980603933 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.980659962 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:03.980667114 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:03.980700016 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.024372101 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.024396896 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.024502993 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.024530888 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.024585962 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.053837061 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.053853989 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.053920031 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.053930044 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.053971052 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.054270983 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.054284096 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.054323912 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.054330111 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.054341078 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.054364920 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.054881096 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.054893970 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.054949045 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.054955006 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.055000067 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.055677891 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.055691957 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.055740118 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.055747986 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.055787086 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.056258917 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.056272030 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.056330919 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.056338072 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.056377888 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.057244062 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.057260036 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.057317019 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.057322979 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.057363987 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.067914963 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.067929029 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.067981005 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.067997932 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.068037033 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.077124119 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.114609957 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.114635944 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.114677906 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.114705086 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.114717007 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.114753962 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.141458988 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.141474009 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.141526937 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.141534090 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.141572952 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.142445087 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.142461061 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.142522097 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.142527103 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.142565966 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.142743111 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.142757893 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.142805099 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.142810106 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.142855883 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.143421888 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.143438101 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.143490076 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.143495083 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.143528938 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.143991947 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.144009113 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.144047976 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.144052029 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.144071102 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.144090891 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.144761086 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.144778967 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.144824028 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.144828081 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.144865990 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.155266047 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.155291080 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.155340910 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.155345917 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.155388117 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.178919077 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.200926065 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.200947046 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.201040030 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.201066971 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.201080084 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.201154947 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.229042053 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.229064941 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.229126930 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.229135036 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.229187012 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.229568958 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.229585886 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.229633093 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.229636908 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.229671001 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.230247021 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.230263948 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.230312109 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.230315924 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.230354071 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.230967999 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.230992079 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.231023073 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.231026888 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.231053114 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.231060028 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.231616020 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.231646061 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.231677055 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.231679916 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.231700897 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.231713057 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.232198954 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.232217073 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.232249975 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.232253075 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.232275009 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.232300997 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.243030071 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.243053913 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.243117094 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.243122101 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.243160963 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.288870096 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.288894892 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.288970947 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.289000988 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.289045095 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.316639900 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.316663980 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.316756964 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.316766977 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.316812992 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.317265987 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.317281008 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.317317963 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.317323923 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.317346096 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.317363977 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.318036079 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.318061113 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.318094969 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.318099022 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.318121910 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.318140984 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.318449974 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.318465948 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.318556070 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.318561077 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.318595886 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.319257975 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.319276094 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.319333076 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.319339037 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.319379091 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.319930077 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.319951057 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.319991112 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.319994926 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.320012093 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.320034027 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.330282927 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.330307961 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.330347061 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.330352068 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.330375910 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.330389977 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.376177073 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.376209974 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.376347065 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.376374006 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.376420021 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.404129982 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.404158115 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.404257059 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.404263973 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.404305935 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.404774904 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.404792070 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.404836893 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.404841900 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.404858112 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.404876947 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.405518055 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.405536890 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.405576944 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.405580997 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.405601025 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.405613899 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.406219959 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.406236887 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.406280994 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.406286001 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.406297922 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.406320095 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.406773090 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.406795025 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.406848907 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.406852961 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.406896114 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.407548904 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.407572031 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.407623053 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.407628059 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.407666922 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.417699099 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.417720079 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.417808056 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.417834997 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.417848110 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.417876959 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.463505030 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.463529110 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.463606119 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.463632107 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.463670969 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.491499901 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.491520882 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.491575956 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.491585016 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.491621017 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.492183924 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.492202997 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.492233038 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.492238045 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.492264986 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.492280006 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.492491007 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.492508888 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.492541075 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.492546082 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.492569923 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.492584944 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.493284941 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.493299007 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.493344069 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.493349075 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.493382931 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.494194984 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.494214058 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.494242907 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.494249105 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.494277000 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.494288921 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.494771004 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.494788885 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.494817019 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.494827986 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.494848967 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.494864941 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.505744934 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.505767107 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.505820990 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.505826950 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.505877972 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.551278114 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.551300049 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.551353931 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.551379919 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.551409960 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.551419020 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.579166889 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.579190016 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.579293013 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.579319000 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.579365969 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.579838037 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.579854965 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.579895973 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.579906940 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.579946041 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.580132961 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.580152035 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.580198050 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.580204964 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.580245018 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.581095934 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.581115007 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.581151962 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.581161976 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.581186056 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.581197977 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.581775904 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.581789970 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.581831932 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.581842899 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.581866980 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.581882000 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.583355904 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.583380938 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.583439112 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.583452940 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.583491087 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.637048960 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.637068987 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.637121916 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.637152910 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.637197018 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.646625042 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.646641016 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.646701097 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.646724939 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.646764040 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.666585922 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.666599035 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.666666985 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.666687965 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.666723013 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.667424917 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.667438984 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.667478085 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.667486906 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.667519093 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.668071032 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.668091059 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.668135881 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.668144941 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.668179035 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.668808937 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.668828011 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.668872118 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.668880939 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.668915033 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.669395924 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.669409037 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.669445038 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.669451952 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.669471979 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.669483900 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.670396090 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.670408964 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.670443058 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.670455933 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.670475006 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.670490026 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.724683046 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.724706888 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.724838018 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.724869013 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.724915028 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.734999895 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.735022068 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.735094070 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.735100031 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.735142946 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.754245996 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.754271030 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.754363060 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.754390955 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.754436016 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.755079985 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.755098104 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.755156040 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.755172014 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.755213022 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.755697012 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.755712986 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.755774021 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.755779982 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.755821943 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.756000042 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.756015062 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.756082058 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.756088972 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.756127119 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.758610010 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.758625031 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.758687973 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.758711100 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.758754969 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.759038925 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.759052992 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.759094954 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.759104013 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.759150028 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.812654972 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.812680960 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.812792063 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.812819958 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.812863111 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.822834015 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.822859049 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.822900057 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.822920084 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.822936058 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.822961092 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.842907906 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.842932940 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.842997074 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.843018055 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.843168020 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.843168020 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.843549967 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.843573093 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.843630075 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.843641043 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.843703985 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.843941927 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.843969107 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.843982935 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.843988895 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.844000101 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.844036102 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.844645023 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.844670057 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.844702959 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.844715118 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.844728947 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.844749928 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.845189095 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.845211029 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.845257998 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.845267057 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.845303059 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.845947027 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.845968962 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.846009970 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.846019983 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.846054077 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.900099993 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.900125027 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.900182009 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.900209904 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.900250912 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.910640001 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.910665989 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.910737991 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.910763979 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.910901070 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.929913044 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.929944038 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.930027962 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.930059910 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.930092096 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.930099964 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.930454016 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.930474997 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.930516005 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.930524111 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.930557013 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.931041956 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.931062937 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.931101084 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.931108952 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.931129932 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.931145906 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.931552887 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.931569099 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.931612015 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.931621075 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.931639910 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.931653023 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.932341099 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.932357073 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.932393074 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.932400942 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.932424068 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.932436943 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.933787107 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.933808088 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.933852911 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.933866978 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.933902979 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.987684965 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.987715960 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.987889051 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.987915993 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.987963915 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.998632908 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.998680115 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.998718977 CEST | 443 | 49730 | 83.140.241.4 | 192.168.2.4 |
| Oct 8, 2024 14:12:04.998729944 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.998759031 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:04.998765945 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:05.112063885 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:05.263890028 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Oct 8, 2024 14:12:06.214082956 CEST | 49730 | 443 | 192.168.2.4 | 83.140.241.4 |
| Timestamp | Source Port | Dest Port | Source IP | Dest IP |
|---|---|---|---|---|
| Oct 8, 2024 14:12:00.988854885 CEST | 58087 | 53 | 192.168.2.4 | 1.1.1.1 |
| Oct 8, 2024 14:12:01.102056980 CEST | 53 | 58087 | 1.1.1.1 | 192.168.2.4 |
| Oct 8, 2024 14:12:08.861865997 CEST | 52721 | 53 | 192.168.2.4 | 1.1.1.1 |
| Oct 8, 2024 14:12:09.281486034 CEST | 53 | 52721 | 1.1.1.1 | 192.168.2.4 |
| Oct 8, 2024 14:12:27.704185963 CEST | 51401 | 53 | 192.168.2.4 | 1.1.1.1 |
| Oct 8, 2024 14:12:27.719094038 CEST | 53 | 51401 | 1.1.1.1 | 192.168.2.4 |
| Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|
| Oct 8, 2024 14:12:00.988854885 CEST | 192.168.2.4 | 1.1.1.1 | 0x101f | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Oct 8, 2024 14:12:08.861865997 CEST | 192.168.2.4 | 1.1.1.1 | 0x3279 | Standard query (0) | A (IP address) | IN (0x0001) | false | |
| Oct 8, 2024 14:12:27.704185963 CEST | 192.168.2.4 | 1.1.1.1 | 0x2dfc | Standard query (0) | A (IP address) | IN (0x0001) | false |
| Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
|---|---|---|---|---|---|---|---|---|---|---|
| Oct 8, 2024 14:12:01.102056980 CEST | 1.1.1.1 | 192.168.2.4 | 0x101f | No error (0) | 83.140.241.4 | A (IP address) | IN (0x0001) | false | ||
| Oct 8, 2024 14:12:09.281486034 CEST | 1.1.1.1 | 192.168.2.4 | 0x3279 | Name error (3) | none | none | A (IP address) | IN (0x0001) | false | |
| Oct 8, 2024 14:12:27.719094038 CEST | 1.1.1.1 | 192.168.2.4 | 0x2dfc | Name error (3) | none | none | A (IP address) | IN (0x0001) | false |
|
| Session ID | Source IP | Source Port | Destination IP | Destination Port | PID | Process |
|---|---|---|---|---|---|---|
| 0 | 192.168.2.4 | 49730 | 83.140.241.4 | 443 | 7452 | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe |
| Timestamp | Bytes transferred | Direction | Data |
|---|---|---|---|
| 2024-10-08 12:12:01 UTC | 198 | OUT | |
| 2024-10-08 12:12:02 UTC | 395 | IN | |
| 2024-10-08 12:12:02 UTC | 15989 | IN | |
| 2024-10-08 12:12:02 UTC | 16384 | IN | |
| 2024-10-08 12:12:02 UTC | 16384 | IN | |
| 2024-10-08 12:12:02 UTC | 16384 | IN | |
| 2024-10-08 12:12:02 UTC | 16384 | IN | |
| 2024-10-08 12:12:02 UTC | 16384 | IN | |
| 2024-10-08 12:12:02 UTC | 16384 | IN | |
| 2024-10-08 12:12:02 UTC | 16384 | IN | |
| 2024-10-08 12:12:02 UTC | 16384 | IN | |
| 2024-10-08 12:12:02 UTC | 16384 | IN |
Click to jump to process
Click to jump to process
back
Click to dive into process behavior distribution
Click to jump to process
| Target ID: | 0 |
| Start time: | 08:11:57 |
| Start date: | 08/10/2024 |
| Path: | C:\Users\user\Desktop\file.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff797830000 |
| File size: | 2'016'768 bytes |
| MD5 hash: | 1D2CF62E7874BB460B7258279A55DDF3 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | low |
| Has exited: | true |
| Target ID: | 1 |
| Start time: | 08:11:58 |
| Start date: | 08/10/2024 |
| Path: | C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff788560000 |
| File size: | 452'608 bytes |
| MD5 hash: | 04029E121A0CFA5991749937DD22A1D9 |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 2 |
| Start time: | 08:11:58 |
| Start date: | 08/10/2024 |
| Path: | C:\Windows\System32\conhost.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff7699e0000 |
| File size: | 862'208 bytes |
| MD5 hash: | 0D698AF330FD17BEE3BF90011D49251D |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 3 |
| Start time: | 08:12:05 |
| Start date: | 08/10/2024 |
| Path: | C:\Users\Public\InformationCheck.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x460000 |
| File size: | 893'608 bytes |
| MD5 hash: | C56B5F0201A3B3DE53E561FE76912BFD |
| Has elevated privileges: | true |
| Has administrator privileges: | true |
| Programmed in: | C, C++ or other language |
| Antivirus matches: |
|
| Reputation: | high |
| Has exited: | false |
| Target ID: | 4 |
| Start time: | 08:12:07 |
| Start date: | 08/10/2024 |
| Path: | C:\Windows\SysWOW64\cmd.exe |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x240000 |
| File size: | 236'544 bytes |
| MD5 hash: | D0FCE3AFA6AA1D58CE9FA336CC2B675B |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 5 |
| Start time: | 08:12:07 |
| Start date: | 08/10/2024 |
| Path: | C:\Windows\System32\conhost.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff7699e0000 |
| File size: | 862'208 bytes |
| MD5 hash: | 0D698AF330FD17BEE3BF90011D49251D |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 7 |
| Start time: | 08:12:16 |
| Start date: | 08/10/2024 |
| Path: | C:\Windows\System32\wscript.exe |
| Wow64 process (32bit): | false |
| Commandline: | |
| Imagebase: | 0x7ff763f00000 |
| File size: | 170'496 bytes |
| MD5 hash: | A47CBE969EA935BDD3AB568BB126BC80 |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Reputation: | high |
| Has exited: | true |
| Target ID: | 8 |
| Start time: | 08:12:18 |
| Start date: | 08/10/2024 |
| Path: | C:\Users\user\AppData\Local\WordGenius Technologies\SwiftWrite.pif |
| Wow64 process (32bit): | true |
| Commandline: | |
| Imagebase: | 0x10000 |
| File size: | 893'608 bytes |
| MD5 hash: | C56B5F0201A3B3DE53E561FE76912BFD |
| Has elevated privileges: | false |
| Has administrator privileges: | false |
| Programmed in: | C, C++ or other language |
| Antivirus matches: |
|
| Reputation: | high |
| Has exited: | false |
Execution Graph
| Execution Coverage: | 2.4% |
| Dynamic/Decrypted Code Coverage: | 0% |
| Signature Coverage: | 12.5% |
| Total number of Nodes: | 1408 |
| Total number of Limit Nodes: | 26 |
Graph
Function 00007FF7978337B0 Relevance: 17.6, APIs: 8, Strings: 2, Instructions: 145windowCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797836580 Relevance: 14.2, APIs: 5, Strings: 3, Instructions: 208COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797851D80 Relevance: 12.5, APIs: 6, Strings: 1, Instructions: 251COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978CF630 Relevance: 12.4, APIs: 8, Instructions: 350processCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797842E30 Relevance: 6.5, APIs: 2, Strings: 1, Instructions: 1264COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797837920 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 178registryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797835DEC Relevance: 15.9, APIs: 8, Strings: 1, Instructions: 143windowtimeregistryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797833D90 Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 57windowregistryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79784E958 Relevance: 14.3, APIs: 7, Strings: 1, Instructions: 304comCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797833B84 Relevance: 14.1, APIs: 7, Strings: 1, Instructions: 60windowregistryCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978425BC Relevance: 12.4, APIs: 8, Instructions: 442windowtimeCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797833CBC Relevance: 10.5, APIs: 3, Strings: 3, Instructions: 40COMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797837EC0 Relevance: 7.2, APIs: 3, Strings: 1, Instructions: 185comCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978372C8 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 80windowCOMMON
Download Yara Rule
Control-flow Graph
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797833F04 Relevance: 7.1, APIs: 1, Strings: 3, Instructions: 69COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978466C0 Relevance: 4.0, APIs: 1, Strings: 1, Instructions: 466COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786B3C0 Relevance: 3.0, APIs: 2, Instructions: 19memoryCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786C51C Relevance: 1.3, APIs: 1, Instructions: 29memoryCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978C56A0 Relevance: 77.5, APIs: 40, Strings: 4, Instructions: 476filecommemoryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978E17C0 Relevance: 70.6, APIs: 38, Strings: 2, Instructions: 587windowkeyboardCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978DBA0C Relevance: 54.8, APIs: 30, Strings: 1, Instructions: 500windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978DDB18 Relevance: 51.2, APIs: 28, Strings: 1, Instructions: 462windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978C32AC Relevance: 47.6, APIs: 22, Strings: 5, Instructions: 327windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797854514 Relevance: 43.9, APIs: 24, Strings: 1, Instructions: 122threadkeyboardwindowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79783183C Relevance: 38.0, APIs: 25, Instructions: 475windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978DC6D4 Relevance: 28.9, APIs: 19, Instructions: 396windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79787529C Relevance: 24.1, APIs: 9, Strings: 4, Instructions: 1310COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797835F3C Relevance: 23.0, APIs: 12, Strings: 1, Instructions: 223COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797872400 Relevance: 21.4, APIs: 8, Strings: 4, Instructions: 366timeCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978B72A8 Relevance: 21.3, APIs: 7, Strings: 5, Instructions: 284timefileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978BA350 Relevance: 21.1, APIs: 11, Strings: 1, Instructions: 112fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AD87C Relevance: 19.3, APIs: 5, Strings: 6, Instructions: 66COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978A7E64 Relevance: 18.2, APIs: 12, Instructions: 173keyboardCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978BA4F8 Relevance: 17.6, APIs: 9, Strings: 1, Instructions: 104fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978D055C Relevance: 16.9, APIs: 11, Instructions: 371registryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978DA59C Relevance: 15.2, APIs: 10, Instructions: 174windowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AB7C0 Relevance: 14.2, APIs: 7, Strings: 1, Instructions: 171fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797872650 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 155timeCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978C3940 Relevance: 12.1, APIs: 8, Instructions: 116networkCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978C8360 Relevance: 10.8, APIs: 4, Strings: 2, Instructions: 331COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978ABC70 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 86fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786AF58 Relevance: 9.1, APIs: 6, Instructions: 83COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789D868 Relevance: 9.0, APIs: 6, Instructions: 22memorysynchronizationCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978BA874 Relevance: 8.9, APIs: 4, Strings: 1, Instructions: 118filesleepCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978B5F2C Relevance: 7.3, APIs: 3, Strings: 1, Instructions: 300comCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786793C Relevance: 7.3, APIs: 1, Strings: 3, Instructions: 262COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978684C0 Relevance: 7.1, APIs: 4, Instructions: 1071COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AC110 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 58fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AD750 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 50shutdownCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797855BC0 Relevance: 7.0, APIs: 3, Strings: 1, Instructions: 42COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978C7634 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 20libraryloaderCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AC7C0 Relevance: 6.0, APIs: 4, Instructions: 24filestringCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797861750 Relevance: 4.8, APIs: 3, Instructions: 340COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797872F50 Relevance: 3.6, APIs: 1, Strings: 1, Instructions: 110COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786BEF8 Relevance: 3.5, APIs: 1, Strings: 1, Instructions: 23timeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978767F0 Relevance: 3.2, APIs: 2, Instructions: 227COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978695B0 Relevance: 2.9, Strings: 2, Instructions: 378COMMONLIBRARYCODE
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79785C3FC Relevance: 2.7, Strings: 2, Instructions: 219COMMONLIBRARYCODE
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978BE87C Relevance: 1.6, APIs: 1, Instructions: 62filenetworkCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79785C130 Relevance: 1.5, Strings: 1, Instructions: 219COMMONLIBRARYCODE
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79785BEB4 Relevance: 1.4, Strings: 1, Instructions: 199COMMONLIBRARYCODE
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786A8A0 Relevance: 1.4, Strings: 1, Instructions: 139COMMONLIBRARYCODE
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978458D0 Relevance: .7, Instructions: 692COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79783B390 Relevance: .7, Instructions: 682COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79783B9F0 Relevance: .6, Instructions: 577COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978630DC Relevance: .5, Instructions: 535COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978B1A18 Relevance: .1, Instructions: 66COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786FD20 Relevance: .0, Instructions: 32COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978559C8 Relevance: .0, Instructions: 2COMMON
Download Yara Rule
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978B4F30 Relevance: 45.7, APIs: 3, Strings: 23, Instructions: 247COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AC81C Relevance: 26.4, APIs: 10, Strings: 5, Instructions: 140COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978D6608 Relevance: 25.0, APIs: 3, Strings: 11, Instructions: 475windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978E1254 Relevance: 24.7, APIs: 11, Strings: 3, Instructions: 162windowfileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978B3FD0 Relevance: 22.9, APIs: 5, Strings: 8, Instructions: 197COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978E0118 Relevance: 22.9, APIs: 10, Strings: 3, Instructions: 175windowlibraryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978E03D0 Relevance: 22.6, APIs: 15, Instructions: 131filecommemoryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978B246C Relevance: 21.3, APIs: 11, Strings: 1, Instructions: 281fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978DE40C Relevance: 21.2, APIs: 11, Strings: 1, Instructions: 177windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978C4F54 Relevance: 21.2, APIs: 11, Strings: 1, Instructions: 151windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789B0C4 Relevance: 21.1, APIs: 11, Strings: 1, Instructions: 117memoryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978D1110 Relevance: 19.6, APIs: 1, Strings: 10, Instructions: 371COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978B87CC Relevance: 19.4, APIs: 10, Strings: 1, Instructions: 200COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AA40C Relevance: 19.4, APIs: 10, Strings: 1, Instructions: 188windowsleepCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978B3268 Relevance: 19.4, APIs: 5, Strings: 6, Instructions: 135COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978A74B0 Relevance: 19.4, APIs: 6, Strings: 5, Instructions: 128windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AD4AC Relevance: 19.3, APIs: 10, Strings: 1, Instructions: 65sleepwindowtimeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978B4708 Relevance: 17.8, APIs: 3, Strings: 7, Instructions: 339COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789FF44 Relevance: 17.7, APIs: 9, Strings: 1, Instructions: 243windowtimeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978A176C Relevance: 17.7, APIs: 9, Strings: 1, Instructions: 226COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797831504 Relevance: 17.7, APIs: 9, Strings: 1, Instructions: 163windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978B34E4 Relevance: 17.6, APIs: 5, Strings: 5, Instructions: 149COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789C034 Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 124registryshareCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978B3E20 Relevance: 17.6, APIs: 7, Strings: 3, Instructions: 97fileCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978A7BA0 Relevance: 16.6, APIs: 11, Instructions: 106keyboardCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79783E774 Relevance: 16.2, APIs: 2, Strings: 7, Instructions: 438COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978C66B4 Relevance: 15.9, APIs: 6, Strings: 3, Instructions: 182comCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786D504 Relevance: 15.9, APIs: 1, Strings: 8, Instructions: 117COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978B59D8 Relevance: 15.8, APIs: 4, Strings: 5, Instructions: 96COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978A76D8 Relevance: 15.8, APIs: 4, Strings: 5, Instructions: 77windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789E08C Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 74windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789E1AC Relevance: 15.8, APIs: 7, Strings: 2, Instructions: 74windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789E908 Relevance: 15.1, APIs: 10, Instructions: 59keyboardsleepwindowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789F7F4 Relevance: 14.5, APIs: 2, Strings: 6, Instructions: 471COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978C767C Relevance: 14.2, APIs: 4, Strings: 4, Instructions: 231COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978DA350 Relevance: 14.1, APIs: 6, Strings: 2, Instructions: 139windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789E2CC Relevance: 14.1, APIs: 3, Strings: 5, Instructions: 54windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789D780 Relevance: 13.6, APIs: 9, Instructions: 54memorythreadCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978CE580 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 138COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AA070 Relevance: 12.4, APIs: 5, Strings: 2, Instructions: 135windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978DE248 Relevance: 12.4, APIs: 6, Strings: 1, Instructions: 129windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AC5C8 Relevance: 12.3, APIs: 6, Strings: 1, Instructions: 39windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978CFCC0 Relevance: 12.2, APIs: 8, Instructions: 246registryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978BDBF0 Relevance: 10.6, APIs: 7, Instructions: 137networkCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978A4860 Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 124comlibraryloaderCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978C37A8 Relevance: 10.6, APIs: 7, Instructions: 103networkCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978D15C4 Relevance: 10.6, APIs: 7, Instructions: 90registryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AFAFC Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 65pipeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AF9EC Relevance: 10.6, APIs: 5, Strings: 1, Instructions: 65pipeCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79785A054 Relevance: 9.2, APIs: 3, Strings: 2, Instructions: 492COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AD1F0 Relevance: 9.1, APIs: 6, Instructions: 131filestringCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79783D4CC Relevance: 9.1, APIs: 2, Strings: 4, Instructions: 119COMMON
Download Yara Rule
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978ADA1C Relevance: 9.0, APIs: 6, Instructions: 34windowtimethreadCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789F378 Relevance: 9.0, APIs: 6, Instructions: 33threadwindowtimeCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978C7E38 Relevance: 9.0, APIs: 4, Strings: 1, Instructions: 237COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978A9898 Relevance: 8.9, APIs: 1, Strings: 4, Instructions: 127COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797869B18 Relevance: 8.9, APIs: 2, Strings: 3, Instructions: 121COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AB62C Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 95filestringCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789DF3C Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 92windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978BD914 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 86networkCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978D93E8 Relevance: 8.8, APIs: 4, Strings: 1, Instructions: 76windowlibraryCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797859164 Relevance: 8.8, APIs: 3, Strings: 2, Instructions: 29libraryloaderCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978D02DC Relevance: 7.7, APIs: 5, Instructions: 159registryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786E67C Relevance: 7.6, APIs: 5, Instructions: 142fileCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978D0084 Relevance: 7.6, APIs: 5, Instructions: 141registryCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978CD0F8 Relevance: 7.6, APIs: 5, Instructions: 139libraryloaderCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797831CEC Relevance: 7.6, APIs: 5, Instructions: 124keyboardCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786BA2C Relevance: 7.6, APIs: 5, Instructions: 114libraryloaderCOMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789D924 Relevance: 7.6, APIs: 5, Instructions: 91sleepwindowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786F9D4 Relevance: 7.6, APIs: 5, Instructions: 56COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978B0008 Relevance: 7.5, APIs: 5, Instructions: 33synchronizationthreadCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797870040 Relevance: 7.2, APIs: 1, Strings: 3, Instructions: 205COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79785B1E8 Relevance: 7.2, APIs: 2, Strings: 2, Instructions: 150COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797866148 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 144COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797866408 Relevance: 7.1, APIs: 2, Strings: 2, Instructions: 138COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978AA6BC Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 101windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978DB454 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 96COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978DB798 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 80windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978DA1F0 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 79windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978DB104 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 66windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789F5CC Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 64windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797858782 Relevance: 7.1, APIs: 3, Strings: 1, Instructions: 63COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978CAF20 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 21libraryloaderCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978D10C8 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 20libraryloaderCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978A32F4 Relevance: 7.0, APIs: 2, Strings: 2, Instructions: 19libraryloaderCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786C72C Relevance: 6.1, APIs: 4, Instructions: 104COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978A50E4 Relevance: 6.1, APIs: 3, Strings: 1, Instructions: 69stringCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978ACF68 Relevance: 6.1, APIs: 4, Instructions: 55synchronizationthreadwindowCOMMON
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786B778 Relevance: 6.0, APIs: 4, Instructions: 43COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
| APIs |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978A1D10 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 200comCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786D0A8 Relevance: 5.4, APIs: 1, Strings: 2, Instructions: 138COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786A09C Relevance: 5.4, APIs: 2, Strings: 1, Instructions: 106COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978D9E08 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 89COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978C5E00 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 88networkCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978C03C0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 81COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978DB224 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 73COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786DC30 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 70COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978DA0C4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 65COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978D9868 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 64windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978D9BD4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 63windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79786FD90 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 57COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789DDF0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 50windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978BE708 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 47networkCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789DD48 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 45windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789DCA0 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 45windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978DFEA4 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 40processCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789DEA8 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 39windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978715B4 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 37COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978714E8 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 34COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978714FC Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 34COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797871370 Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 33COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF79789C59C Relevance: 5.3, APIs: 1, Strings: 2, Instructions: 26windowCOMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF7978575C0 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 21COMMONLIBRARYCODE
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|
Function 00007FF797855620 Relevance: 5.3, APIs: 2, Strings: 1, Instructions: 11COMMON
Download Yara Rule
| APIs |
|
| Strings |
|
| Memory Dump Source |
|
|
| Joe Sandbox IDA Plugin |
|
| Similarity |
|